AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgTbtivdxuFqumOftDM3nuBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeGJ/Xk4wBMIYAOZ/qj0tlm5TNiABvXr1MgMLIWEPHwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHde58v7Cp+GNcm3bcOv9Ujy79Qwddr2ZO7cZumH8fQ1AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcLA/dycQAkEQBvvO/5wW8w9LGjQGEapg4WOGeVgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC+6He//J+YGmeSudPG0vFIsnbV2Lpq7D1oHD0Yb/8GAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIsdOBAAAAAAAPJ/bYSqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoq7MCBAAAAAACQ/2sjVFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWEHDgQAAAAAgPxfG6GqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoKO3AgAAAAAADk/9oIVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVdiBAwEAAAAAIP/XRqiqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrCDhwIAAAAAAD5vzZCVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVFXbgQAAAAAAAyP+1EaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwAwcCAAAAAED+r41QVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhR04EAAAAAAA8n9thKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqirsz71twkAYx+HXl0SJ22SE9FYCM9BQIRiBDwnJkmdgABaioaK1WARWAAnONZ0peJ7m/yuuuBcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOA1XR6+eIuIIlKXKdJ483N6j4iPSNu2HX3estidj83XPWf7wyTnd0x/y4goo+jjHACA3lXd5lit6+Vf3v+8g7zDvNW8qRfP/DQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwZef+XZt44ziAP0mbfL91soMITkpFBNGYREuGLAqF/huxjaGYqqQZbHHp7uKfIDiIuOVPcHB3EQfBH3NBBRcXJcklPqVFLkMuob5e8Fw+OY6758kQeN/nEgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICJHOyHK6M6F0I4t/in7nv/7fHGca+veytnRmNt+cXX+Jz9UxRCCHe32s3rGa5lnl1MedzO7t69Rrvd7CgUCsW4mPIXFAAAJ0ohGf1c/6nQW+/vy9VD+PXscP6/FNUhZf5/8uXl7RDy42vF+b+c5SLnWNr8X+puPyzt7O5d3dputJqt5v3V6o1ypXKzuloa3E4puakCAADAXxSTEef/fP1o//9UVIeU+f/Oh4+v4mstyP9HTN7/n/KEAAAA/mHL5398zx2zP1cshkeNbrdTHm7H7yvD7QymOrH/khHn/4X6rGcFAAAAZOFgP3eo/78Z1SFl///0rbet+JwLIYSlpP9/beNBezO75cytefr9/5SXCgAAwAwtJSPu/xcGz//nL4yOyYcQLq8M6+RvAFPl/3dvnp+NrxU//1/NbolzKV8bfh5p8v/g2FoIi7UMJgYAAMCJ9H8y+vn/c6G33vn5dK3o+X8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH6zY8coDQRRGIAnu1mtxIDYWAlqK9pZBSwE8RqiINjYp/EAniZHsE+rltaSwhvI290RSWNA2dXwfTB5jzCwL5Nm/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAL41P027uS/jY9T0Rfvd8/vkMurLQg2P073tWNEPuh373xnGGZ30PQUAAACrrsz5PqX0Wk3PoxbjOv8f5D2R+ScbTZ/z/GLuzzVn/1g7b3dPnw8aNc+pUkrXN7dXR539wr9tf8l9m0vsqe8Smhuasv7biov7rXlVn/rgYTY7W6vb9Z9NDAD8hsNc2ya/H0U97nMwAFbWsF3pS/4vx/3OBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANCFjwAAAP//vDde3Q==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x16, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000340)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r5, &(0x7f0000000200), 0xf000)
sendfile(r5, r4, 0x0, 0x8000000000010)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000500)='cpuacct.usage_all\x00', 0x7a05, 0x1700)
ioctl$BLKTRACESETUP(r4, 0xc0481273, &(0x7f0000000180)={'\x00', 0x0, 0x0, 0x847a, 0x1, 0x397, r0})
close(0xffffffffffffffff)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000300)='memory.events\x00', 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100))
setsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000400)={{{@in6=@remote, @in6=@local, 0x4e24, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01}, {0x15, 0x1, 0x0, 0x0, 0x22, 0x9}, {0x0, 0x9, 0x81}, 0x0, 0x6e6bb8, 0x0, 0x0, 0x2}, {{@in=@multicast2, 0x4d5, 0x32}, 0xa, @in6=@mcast2, 0x3501, 0x2, 0x1, 0x6, 0x0, 0x0, 0xe8}}, 0xe8)
socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFVLAN_DEL_VLAN_CMD(0xffffffffffffffff, 0x8982, &(0x7f0000002800)={0x1, 'vlan0\x00', {}, 0x40})
ioctl$sock_SIOCGIFVLAN_DEL_VLAN_CMD(0xffffffffffffffff, 0x8982, &(0x7f0000000000)={0x1, 'vlan1\x00'})
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0)

[ 1342.482056][ T6332] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1342.568316][ T6332] hub 3-1:1.0: bad descriptor, ignoring hub
[ 1342.574274][ T6332] hub: probe of 3-1:1.0 failed with error -5
17:12:05 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x0, 0x4, &(0x7f0000000000)=@framed={{}, [@kfunc]}, &(0x7f0000000040)='GPL\x00', 0x3, 0xffffffffffffff21, &(0x7f0000000080)=""/94, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000100), 0x10, 0x0, 0x0, 0x3, &(0x7f00000001c0)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x1], &(0x7f0000000200)=[{}, {}, {}]}, 0x90)

[ 1342.623729][ T6332] cdc_wdm: probe of 3-1:1.0 failed with error -22
17:12:05 executing program 1:
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000100)={&(0x7f0000000140)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x6, [@union={0x3}]}, {0x0, [0x0, 0x0, 0x61, 0x2e]}}, 0x0, 0x2a}, 0x20)

[ 1342.885360][ T5148] usb 3-1: USB disconnect, device number 122
17:12:06 executing program 2:
syz_open_dev$hidraw(&(0x7f0000000080), 0x0, 0x0)
r0 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000090000082502000000000000000109025c00020100f92a09040000010209"], 0x0)
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
syz_usb_disconnect(0xffffffffffffffff)
write$char_usb(r1, 0x0, 0x0)
syz_usb_disconnect(r0)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000100)=ANY=[], 0x0)

17:12:06 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x0, 0x4, &(0x7f0000000000)=@framed={{}, [@kfunc]}, &(0x7f0000000040)='GPL\x00', 0x3, 0xffffffffffffff21, &(0x7f0000000080)=""/94, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000100), 0x10, 0x0, 0x0, 0x3, &(0x7f00000001c0)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x1], &(0x7f0000000200)=[{}, {}, {}]}, 0x90)

17:12:06 executing program 1:
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000180)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x2, [@union={0x0, 0x1, 0x0, 0x5, 0x0, 0x0, [{}]}]}}, 0x0, 0x32, 0x0, 0x1}, 0x20)

17:12:06 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x0, 0x4, &(0x7f0000000000)=@framed={{}, [@kfunc]}, &(0x7f0000000040)='GPL\x00', 0x3, 0xffffffffffffff21, &(0x7f0000000080)=""/94, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000100), 0x10, 0x0, 0x0, 0x3, &(0x7f00000001c0)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x1], &(0x7f0000000200)=[{}, {}, {}]}, 0x90)

17:12:06 executing program 1:
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
recvmsg(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000100)=""/5, 0x5}], 0x1}, 0x0)
sendmsg$tipc(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="cc", 0x1}], 0x1}, 0x0)

[ 1343.714745][ T6332] usb 3-1: new high-speed USB device number 123 using dummy_hcd
[ 1344.006015][ T6332] usb 3-1: Using ep0 maxpacket: 8
[ 1344.154944][ T6332] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1344.184706][ T6332] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2
[ 1344.199742][ T6332] usb 3-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1344.224969][ T6332] usb 3-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[ 1344.247711][ T6332] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1344.325858][ T6332] hub 3-1:1.0: bad descriptor, ignoring hub
[ 1344.332798][ T6332] hub: probe of 3-1:1.0 failed with error -5
[ 1344.354418][ T6332] cdc_wdm: probe of 3-1:1.0 failed with error -22
[ 1344.868234][ T6332] usb 3-1: USB disconnect, device number 123
[ 1345.264646][ T6332] usb 3-1: new high-speed USB device number 124 using dummy_hcd
[ 1345.554563][ T6332] usb 3-1: Using ep0 maxpacket: 8
[ 1345.684697][ T6332] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1345.700119][ T6332] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2
[ 1345.734805][ T6332] usb 3-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1345.774481][ T6332] usb 3-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[ 1345.792904][ T6332] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1345.884443][ T6332] hub 3-1:1.0: bad descriptor, ignoring hub
[ 1345.916442][ T6332] hub: probe of 3-1:1.0 failed with error -5
[ 1345.931159][ T6332] cdc_wdm: probe of 3-1:1.0 failed with error -22
17:12:08 executing program 3:
r0 = syz_mount_image$reiserfs(&(0x7f0000000080), &(0x7f0000000040)='./file1\x00', 0x800c, &(0x7f0000000300)=ANY=[], 0xfd, 0x1115, &(0x7f0000002300)="$eJzs2DFrFEEYBuB39s6YoLBy6RdLCwmRs1ZTKFxrq5WSzippLe7H2PhfJJV9SK9FKsuV3c26COFUElPo88Awc9+9szNTzgQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA68+RLSXarZDHWqiQlaZqT1VmSZqzf+zSrUvLycHX8/Gj54niIpUp5lZRuVsrHJ0N2uVguHi0e7x6Mk98dHvX9mzslTU7Pr/UUO7nYy2xDqNvg9o80AAAA/D/aK6t/b6Fvd//S+gAAAMCvXO9rAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCfa+tpvDUOqiQlaZqT1VmS5pJ5t25ofwAAAMDVlVR5XV9WH54BJg/zuS59vWvt4GmV/Xyos9NH5lO62rToxj8BAADgn9fe7rv7Kevpmly2ynq8jz/IfKr3yXn29obfF12+HiSzrLf3f/72zrMkp+fv33attLMbOhIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwnR04FgAAAAAQ5m+dRscGAAAAAAAAAAAAAAAAAAAAAAAAAHwVAAD//xlp2rg=")
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.numa_stat\x00', 0x275a, 0x0)
dup2(r0, r1)

[ 1346.215147][ T6332] usb 3-1: USB disconnect, device number 124
17:12:09 executing program 4:
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, <r1=>0x0})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r0, 0x3ba0, &(0x7f0000000180)={0x44, 0x2, r1})

[ 1346.511059][T14433] iommufd_mock iommufd_mock1: Adding to iommu group 47
[ 1346.547754][T14431] loop3: detected capacity change from 0 to 8192
17:12:09 executing program 5:
r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
ioctl$EXT4_IOC_MOVE_EXT(r0, 0xc028660f, 0x0)

17:12:09 executing program 3:
syz_mount_image$reiserfs(&(0x7f0000000080), &(0x7f0000000040)='./file1\x00', 0x800c, &(0x7f0000000300)=ANY=[], 0xfd, 0x1115, &(0x7f0000002300)="$eJzs2DFrFEEYBuB39s6YoLBy6RdLCwmRs1ZTKFxrq5WSzippLe7H2PhfJJV9SK9FKsuV3c26COFUElPo88Awc9+9szNTzgQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA68+RLSXarZDHWqiQlaZqT1VmSZqzf+zSrUvLycHX8/Gj54niIpUp5lZRuVsrHJ0N2uVguHi0e7x6Mk98dHvX9mzslTU7Pr/UUO7nYy2xDqNvg9o80AAAA/D/aK6t/b6Fvd//S+gAAAMCvXO9rAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCfa+tpvDUOqiQlaZqT1VmS5pJ5t25ofwAAAMDVlVR5XV9WH54BJg/zuS59vWvt4GmV/Xyos9NH5lO62rToxj8BAADgn9fe7rv7Kevpmly2ynq8jz/IfKr3yXn29obfF12+HiSzrLf3f/72zrMkp+fv33attLMbOhIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwnR04FgAAAAAQ5m+dRscGAAAAAAAAAAAAAAAAAAAAAAAAAHwVAAD//xlp2rg=")
r0 = open(&(0x7f0000000080)='./bus\x00', 0x143142, 0x0)
write(r0, &(0x7f00000011c0)="90", 0x1)

17:12:09 executing program 4:
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, <r1=>0x0})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r0, 0x3ba0, &(0x7f0000000180)={0x44, 0x2, r1})

17:12:09 executing program 1:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454d9, &(0x7f0000000040)={'veth0\x00'})

17:12:09 executing program 2:
syz_open_dev$hidraw(&(0x7f0000000080), 0x0, 0x0)
r0 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000090000082502000000000000000109025c00020100f92a09040000010209"], 0x0)
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
syz_usb_disconnect(0xffffffffffffffff)
write$char_usb(r1, 0x0, 0x0)
syz_usb_disconnect(r0)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000100)=ANY=[], 0x0)

17:12:09 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x0, 0x0, &(0x7f0000000040)='GPL\x00', 0x3, 0x5e, &(0x7f0000000080)=""/94, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000100), 0x10, 0x0, 0x0, 0x3, &(0x7f00000001c0)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x1], &(0x7f0000000200)=[{}, {}, {}]}, 0x90)

17:12:09 executing program 1:
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$IOMMU_IOAS_IOVA_RANGES(r0, 0x3b84, &(0x7f0000000140)={0x20, 0x0, 0x0, 0x2, 0x0})

17:12:09 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x0, 0x0, &(0x7f0000000040)='GPL\x00', 0x3, 0x5e, &(0x7f0000000080)=""/94, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000100), 0x10, 0x0, 0x0, 0x3, &(0x7f00000001c0)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x1], &(0x7f0000000200)=[{}, {}, {}]}, 0x90)

[ 1346.907750][T14441] iommufd_mock iommufd_mock1: Adding to iommu group 47
17:12:09 executing program 5:
syz_mount_image$nilfs2(&(0x7f0000000ec0), &(0x7f00000000c0)='./file0\x00', 0x800010, &(0x7f0000000100)=ANY=[@ANYRES64=0x0, @ANYRESDEC, @ANYRESDEC=0x0, @ANYRES32, @ANYRES64, @ANYRESOCT], 0xfd, 0xeed, &(0x7f0000001e40)="$eJzs3U9oHNf9APA3K61kW4q1SvL7RUka202aOnFb2ZV9SG8OmBZCCLn0nuBYiamSmjo9JMRY6cmFHlJCLik9pMS3gnsoNKFQTKHQPzn00ktPob20FBcMvtRgqUh+b7V61nRXI2lWq/184Ltv37zZ+X5Ha+SZ0ezbAAytxurjqVMzRQgffPr+mW9dXvrVyrLD7TWOrD4WsdcKITQ7+kW2vc/jgjs33zm70i5lbRHmVh/TeHjhRvu1EyGExXAkXA+tcPhY69aVkefnr3742dFLF557bYd2HwAAhsq1Py789el//OGr07evHTodxtvL0/F5K/Yn4nH/iXh8n477G2F9v+iITmPZeiMxGtl6I9l6o1me0ZJ8zWw7zZL1xrrkG+lYttF+AgAAwCBK57WtUDRm1/UbjdnZu+f9Kz6fGitm3zi/MH+xT4UCAAAAld26vHrTrRjEKHZBDUIIIYQQ7SgW+1+DEEKIslie6vcVCAAAAGDYpHkH2vOD5RbzmQW2pr21Vm/5bzzb2Pj1sA3q/vcv/2Dl//hdv3EAAKhurx5Npv1Kx9FpHoN8HsGR7HWbPf5vZNsZ3WSdZfMKDsp8g2V15j/X3aqs/s2+j/1SVn8+H+ZuVVZ/Pk/nblVW/3jNdVRVVv++muuoqqz+/TXXUVVZ/QdqrqOqsvonaq6jqrL6J2uuo6qy+u+ruY6qyuo/WHMdVZXVPyi31ZbV36q5jqrK6p+uuY6qyuq/v+Y6qiqr/4Ga66iqrP4Ha66jXx6Lbfo5HMrGO8+f83O6QTnHAwAAgGH3H/P/CSHEHo/4F/2+1yGEENsb7+6CGoQQ9UazP8c0f+n3fm9XXO7z9QcAAACg/9LnAtKn3pejND7SZXy0y3izy/hYl/HxLuMAAABACL++Mv/we8Xa5/y3Oh9emjcqzb+02XmM8vkIN5t/q/OebTX/oMxbBgAAwHApvnl96diZj96cvn3t0OmOs9+leL6b5gEdjdcGPon9dF/AZNYv0jn06fV5GiXr5dcH7ivb3otb3FEAAAAYYun8vRWKxmzHeXcrNBqzs2vn4zOhWcyfXzh3IvbT97P8fqo5vrL86zXXDQAAAPRu7Xx/4/P/9D2+M2GsmH3j/ML8xbv9yfbyZqPzusDU2vKi87pAK1s+V7L8ZOyn7+98bWr/6vLZs99deGW7dx4AAACGxMW33v7OywsL577niSeeeNJ+0u/fTAAAwHa7+vf3//T9k5O/ufv5/7X579Ln/4/EfivO7ffnuEK6TyB9DuCez+u/tD7PVNl6F9av18rWG4kxntW9r2M7oWO+wfS66bJ8rfXbGSvJN5Hlm8zy5fMUjGbrp3wHs+X5/IRpvalseT4P42iWo8jyPx4AAACg3PE3X79w/OJbb3/t/Osvv3ru1XNvnDwx9425Z+bmTs0dX72v/3jn3f0AAADAIFq76bfflQAAAAAAAAAAAAAAAAAAAMDwquPrxPq9jwAAADDs/n05hLAohBBCCCHEsMfkLqhBCCF2LpaX82+aBwAAANhZd26+c7azvcdisa352ltr3W2WYt7U/u7Jnz65Emm1G8+uv15yYFurYdjV/e9f/sHK//G725t/X3rS8++/xvoNnK6W98s//udTnfkfGe0xf77/L1bLfzTLfzT0ln/5oyz/S9XyP5XlP9Bj/nv2/0K1/E/H/DOpnid6zb/+/R+PbdqP/T3mP5bt/yuh1/zZ/rd6TJj5SswPAMOoUevL6pOOEtJx9ETsp8Lj4WbI737Y7PF/I9vO6JYrX7/ddBz0UOyn46XJLG+y2fonsu3dV7HO3KDcVVJW/3a9jzutrP5mzXVUVVb/WM11VFVW/3jNdVRVVv++muuoqqz+Xs9D+62s/kG5rlxW/0TNdVRVVv9kzXVUVVb/Zv8f75ey+g/WXEdVZfVP1VxHVWX1V7ysVruy+qdrrqOqsvrvr7mOqsrqf6DmOqoqq//Bmuvol0djW3Y+nM4/p+JY6rey/vgGP8tdf5EAAAAAhsS/zP8nhBBi+GLtcnf/axFCiIrRccdf32sRQgxCLC/357oDu8MGnyYeHZR7fwGobmdns2C38/4PN+//cPP+87+ke/iLrJ+MdBkf7TLe7DI+lo3n/17Hu4w/kG13OUrjD3YZ/78u4we7jD/UZXymy/jDXcYf6TL+aJdxAAAAhsP/x9b5IQAAAOxdl37+yY9+efSlm9O3rx06HcbumXf+ROyPx7+tX4n9fN77pBn/5v+D2P9ZbH8b279l67v/BAAAAHZe+p4Yf/8HAACAvSt9T6nzfwAAANi7pmPr/B8AAAD2rvtj6/wfAAAA9rBi4297z7+P7/HY9jqvHwCw+30hto/F9lBsD8f2i7FNxwFPxPZLNdUHAGyfn3z7h8+8V6zN938yG78Tl6f2Hot3rxQUjfUz+e+P7YHYPtljPfn3AfSaPznYY56dyj+1xfwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwN7RWH08dWqmCOGDT98/M3XpzKsryw631ziy+ljEXiuE0Gy/Lo2u9X8RV7xz852zK+1SbJdjW4S5UISiPR5euNHONBFCWAxHwvXQCoePtW5dGXl+/uqHnx29dOG513bwRwAAAAB73n8DAAD//2BtKJg=")
r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000010c0)='blkio.bfq.io_service_time_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000300)=ANY=[], 0x208e24b)
copy_file_range(r1, 0x0, r0, 0x0, 0x10001, 0x0)

17:12:09 executing program 4:
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, <r1=>0x0})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r0, 0x3ba0, &(0x7f0000000180)={0x44, 0x2, r1})

17:12:09 executing program 1:
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$IOMMU_IOAS_IOVA_RANGES(r0, 0x3b84, &(0x7f0000000140)={0x20, 0x0, 0x0, 0x2, 0x0})

[ 1347.142184][T14451] iommufd_mock iommufd_mock1: Adding to iommu group 47
[ 1347.149274][T10973] usb 3-1: new high-speed USB device number 125 using dummy_hcd
17:12:09 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x0, 0x0, &(0x7f0000000040)='GPL\x00', 0x3, 0x5e, &(0x7f0000000080)=""/94, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000100), 0x10, 0x0, 0x0, 0x3, &(0x7f00000001c0)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x1], &(0x7f0000000200)=[{}, {}, {}]}, 0x90)

17:12:10 executing program 4:
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, <r1=>0x0})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r0, 0x3ba0, &(0x7f0000000180)={0x44, 0x2, r1})

[ 1347.300949][T14449] loop5: detected capacity change from 0 to 4096
[ 1347.342263][T14444] loop3: detected capacity change from 0 to 8192
[ 1347.351395][T14458] iommufd_mock iommufd_mock1: Adding to iommu group 47
[ 1347.405464][T10973] usb 3-1: Using ep0 maxpacket: 8
[ 1347.525019][T10973] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1347.557100][T10973] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2
17:12:10 executing program 1:
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$IOMMU_IOAS_IOVA_RANGES(r0, 0x3b84, &(0x7f0000000140)={0x20, 0x0, 0x0, 0x2, 0x0})

17:12:10 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000000)=@framed, &(0x7f0000000040)='GPL\x00', 0x3, 0x5e, &(0x7f0000000080)=""/94, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000100), 0x10, 0x0, 0x0, 0x3, &(0x7f00000001c0)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x1], &(0x7f0000000200)=[{}, {}, {}]}, 0x90)

17:12:10 executing program 4:
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r0, 0x3ba0, &(0x7f0000000180)={0x44, 0x2})

17:12:10 executing program 3:
syz_mount_image$reiserfs(&(0x7f0000000080), &(0x7f0000000040)='./file1\x00', 0x800c, &(0x7f0000000300)=ANY=[], 0xfd, 0x1115, &(0x7f0000002300)="$eJzs2DFrFEEYBuB39s6YoLBy6RdLCwmRs1ZTKFxrq5WSzippLe7H2PhfJJV9SK9FKsuV3c26COFUElPo88Awc9+9szNTzgQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA68+RLSXarZDHWqiQlaZqT1VmSZqzf+zSrUvLycHX8/Gj54niIpUp5lZRuVsrHJ0N2uVguHi0e7x6Mk98dHvX9mzslTU7Pr/UUO7nYy2xDqNvg9o80AAAA/D/aK6t/b6Fvd//S+gAAAMCvXO9rAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCfa+tpvDUOqiQlaZqT1VmS5pJ5t25ofwAAAMDVlVR5XV9WH54BJg/zuS59vWvt4GmV/Xyos9NH5lO62rToxj8BAADgn9fe7rv7Kevpmly2ynq8jz/IfKr3yXn29obfF12+HiSzrLf3f/72zrMkp+fv33attLMbOhIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwnR04FgAAAAAQ5m+dRscGAAAAAAAAAAAAAAAAAAAAAAAAAHwVAAD//xlp2rg=")
r0 = open(&(0x7f0000000000)='./bus\x00', 0x60142, 0x0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x60142, 0x0)
write$RDMA_USER_CM_CMD_REJECT(r1, &(0x7f0000000540)={0x9, 0x108, 0xfa00, {0xffffffffffffffff, 0x0, "fb56cf", "a58938633dd452239c5d3bab501521672276ec1478708432676acd84cad8e53104ef6403c352df53e5ad1ef0a7a8cf2c4c00705261227bb6e5d93d8a7995ce475ef956b0ef8f30c9dba6812bb5892e4928d9d4bbc4ecc46a0478d4caa8da97e917810d1c4ba3e63e8a7a2a0cbbf400a01a1c81dfe4f0d9b2360637d119262da020d2b300b7905a48c81be87aed5280c78c5f7717369b359c692d22e4db6d37e8b1900b34fff987abfbcd85166b7358b610ee3f9d97f3181fe4ec068bc5f7e31f1bca515c47515177c3c7180d89db6d157990e8b5acd5f2259edcf7ad56f65bddcd2c81bd6af8e849b39bc92ccabb7d09355d970d6c305ad258e829f34dcabc0c"}}, 0x110)
write$evdev(r0, &(0x7f0000000100)=[{{0x77359400}}], 0x18)

[ 1347.584732][T10973] usb 3-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1347.601947][T10973] usb 3-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[ 1347.618148][T10973] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1347.698916][T10973] hub 3-1:1.0: bad descriptor, ignoring hub
[ 1347.729137][T10973] hub: probe of 3-1:1.0 failed with error -5
[ 1347.732188][T14464] iommufd_mock iommufd_mock1: Adding to iommu group 47
[ 1347.748034][T10973] cdc_wdm: probe of 3-1:1.0 failed with error -22
[ 1348.007563][T14468] loop3: detected capacity change from 0 to 8192
[ 1348.226227][ T5154] usb 3-1: USB disconnect, device number 125
[ 1348.594622][ T6332] usb 3-1: new high-speed USB device number 126 using dummy_hcd
[ 1348.834604][ T6332] usb 3-1: Using ep0 maxpacket: 8
[ 1348.954742][ T6332] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1348.965148][ T6332] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2
[ 1348.978181][ T6332] usb 3-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1348.991202][ T6332] usb 3-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[ 1349.000304][ T6332] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1349.047073][ T6332] hub 3-1:1.0: bad descriptor, ignoring hub
[ 1349.053423][ T6332] hub: probe of 3-1:1.0 failed with error -5
[ 1349.060502][ T6332] cdc_wdm: probe of 3-1:1.0 failed with error -22
[ 1349.377780][ T5154] usb 3-1: USB disconnect, device number 126
17:12:12 executing program 4:
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r0, 0x3ba0, &(0x7f0000000180)={0x44, 0x2})

17:12:12 executing program 1:
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$IOMMU_IOAS_IOVA_RANGES(r0, 0x3b84, &(0x7f0000000140)={0x20, 0x0, 0x0, 0x2, 0x0})

17:12:12 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000000)=@framed, &(0x7f0000000040)='GPL\x00', 0x3, 0x5e, &(0x7f0000000080)=""/94, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000100), 0x10, 0x0, 0x0, 0x3, &(0x7f00000001c0)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x1], &(0x7f0000000200)=[{}, {}, {}]}, 0x90)

17:12:12 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

17:12:12 executing program 2:
syz_open_dev$hidraw(&(0x7f0000000080), 0x0, 0x0)
r0 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000090000082502000000000000000109025c00020100f92a0904000001020900000524060001053408006f0d240f0100"], 0x0)
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
syz_usb_disconnect(0xffffffffffffffff)
write$char_usb(r1, 0x0, 0x0)
syz_usb_disconnect(r0)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000100)=ANY=[], 0x0)

17:12:12 executing program 3:
syz_mount_image$btrfs(&(0x7f00000055c0), &(0x7f0000005600)='./file0\x00', 0x0, &(0x7f0000005640), 0x1, 0x55a8, &(0x7f0000005680)="$eJzs3X1sVWcdB/Bz25UiL21ndGnjCyyOgOAIrk4HRFqLGF7mrG2ygXuhTuPAOSxkiOKadYOQzc1aNot2MphEp0yRSgbIFkdxCegs2UxcV8Ut4OoLjVuY7IW5+ZLee8/l3nNoe4dzndvnQ9pznvs7z3Ofe3L+uN9Ln3MDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACIJg3c2d1z3Y1vHyOVt3VN7xxNqGGeue6Tv7C633bn5gUl3FhKebHq1b2bRxevWTbcfO6qlY2D4pCBLJfol0/8U1c+s+V7/44yPDARs+mdqWlQ30lKmuh1ONETkP9vfL/fl0EARFkQEK09s56Z2CnAEyuyviAw5qwcIlO27cNr9vfemc/eO6EwfiL51+I4d7AsMlfV31nryWqpO/CyJHZNpZl14i5xJN9Y9ecK/JiwAAXpFptclN5u1o+i1upt0crUfa1ZF2a6QdvkNozW6cjtS4Iwaa5/hofZjmWZ2KCsUDzjNST5//TLs22j/SjkSNVzDP3EPTkWbkQPNsjNSHa54AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAryfvrfzLzOUv3l4yonvp9b9f86Gb5nVXvvuRr5XfUzn3Rx3L2u776qN1K5s2Tq9+su3YWT0VC9snBUFZsl8i1T1x3WVHV9WN+1jNN3754Z9eOfrOawvT44bbM7IODnrCnemlQXBlVqU3HPZoSRDU5haSzaA9Xlia3JkXFgAAAHgjqUj+Lsi0U3GwKKedSKbJRPJfKBUWFyxcsuPGbfP71pfO2T+uO3Hg9MerHWC86lOOl2mXnfxJZAXjMP5GxztZDw9dERtncNERo3n+4u27941Ztf6C5S90XjJz9l/P772h85kpVbd+/cExl25Z8c25K2P5v2zw/B+eOfkfAACA/4b8Hx1ncEPl/+Jv//aHrd95V9/2vU8d3fS3rc2r6584saGt/n0rJ9f//YJzW1+M5f/xOU8Zy//hjMP8XxCcXv4HAACA17P/df6vjo0zuKHy/4aqd0xZc33XHZsnbhp76+pn//HS/TMe/nnxZ6Yuftvsp/bN3Lg7lv+n5Zf/z8iedvhgVzjhq0uDYFr+JxUAAADIEf6/+8mPFsK8nvrkIJrXb9tVtXfbxglfunzMn+8+N3Fi77KpNe2bj/zhoi3fTdw7veVITyz/V+eX/4tem5cLAAAA5KHx8YOX3fzr8S99qqb97l1rv79s1vbjDTs3Pd2deGvlvJaWL7bE8n9tfvm/eHheDgAAAHAKSy685hcX94296fjSP5W09jY377m84tBD1z72x6bF35v1z/JtV8Tyf0N++X9Uepte+ZDqtD/8K4TbS4NgZP9OY6pwIGityhQAAACAV0mY0888/9LPN03YXjrxW7OvuGb5nh+0H9x625EP9p5z1Vcq1v7uuXUfiOX/xsHv/x/e6SBc/59z/7/Y+v+sQuqufzPdGAAAAIA3o/h6/vD2+KlvLhjo+/fzXf9f3LWq7bld71nQXFN7/32PTX1o0aHnJ24Zs+eW5q6qd3Z/ufztsfzfnF/+L8zevprf/wcAAACn4f/t+/8WxcYZ3FD3/3/h5Z2HZx286N+/+ejaO8e2bOhJ/Kppzc+e7Tm88+jkH1ecN/ktsfzfml/+D7ejs19eZ3h+1pQGQXn/TvpuglvD6V4dKXQUZRVSJz7Soz7skS50FGcVkhojPc4rDYKz+3eaI4Uzw0JrpHCsJF24K1J4OCykr4dM4SeRQmd4pW0oSU83WtgdFtILLDrCFRSjM0siIj2OD9Sjv3DKHocyTw4AAPCmEobndJYtym0G0SjbkRjqgFFDHVAw1AGFQx1wRuSA6IEDPR405BYyA144v+D99zzw+A1TP7tvxiOjPnLV7Ckn1q/+V1fbJ55fXd+46JJY/r8rv/wfnooRqc1A6/+DcP1/+nsNM+v/G8JCWaTQERZqo3cMqA2fIxV2bwmfo6w23eNYeaYAAAAAb2jh5wKFwzwPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgP+wd+9xUlV3gsBPN/2EpmkNiaAEezBiMKFpBBI1ukFMjKujaUkwZmJi82hJh0aQh4qLE3wkGYX4WDGRjI6wjgkaJcTEFaMOrJMoM0N8P+IjjFk1SnyBuu66rrqf7lunqLrVZRcCSjvf7x9dp+p3nrceXefeW+cCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPAfw4LfnrVx4MgX/n5lv+MPX/KPa/a5e4+njjnt+ZVrjn3p289tXts46qGJ88+64qDxT122+WN/GHzCsk+G0NJVriwpXrbwxE2nT9z7iAkXrT/0l1P6XTmvKlNvJh76df4pz9w5L7b6dP8Qbi4LoSIdGFmXBCoz9+tifUPqQtgtbA1kS7T1TUqkGw6/qw1hedgayFZ1S20IdTmBr95/x9ofdiaW1oawbwihOt3GH6uTNmrTgeFVSaBvOjCrIgn873cS2cCa8iQA2y2+GbIv+tUt+Rkaui9X5PVXucM69sFKD69PTDQUz/fiYTu5Uzmq0g+0bNfTVlAdO0XB22Odd1sveLcVbOeLPW25X6Qy31De2RqqDuXT2k6ePL9jXnykPDQ19SlW0056nh/bsnDqtqR7zeswdqBhh7wON1/+yqTm/scMumHCpiFjT1q2bHu7WWzz7mzVIfOa6zXPYzTe50kvePsVfEtq9KUrhPCfvzvm7BMrDjritoOXvjHm8Gv67TXp84fu9uI1bR/f+/jd7/rymZsK5v8N7z7/jy/neFuelzu2+mZ9MjePj9TFxMv1ydwcAAAAeo3esNf00h+Nmtrv6FsfnVy556xFf//fhrVeMXDT+YNu3f8PBzUd8ZVBK75eMP9vLO34fzzkX5c72nUhjO9KnDsghEFdjyeBa2N3pgwI4a+6Ui35gcNSgXUhDO5KjMhWlSpRE0s0pgLP1mcC41OBO2OgJRW4JgYuTgXOi4HVqcDUGFiXCkyIgdCeP4796zPjKDlQGwOtyUZcHc9CeLU+tpbaVo9nqwIAANhBMrPDyvy7Oec6bG+GOL1cXdtThngGdtEM1aka0jPY7LSqaA0VPdVQ3lMN2XEvevfhF9Rc1lPNBadhlOVnuK/h6sOH3vv2dTO+sLF90BnrP/XZ139xxoVXXvbM/5nyP0Yt/PQPniuY/ze/+/y/upuOlBUc/w/huK6/MXd5JtKRjbe25GUAAAAAtsPgyiVrnj6070+O2vj0859af/nAe25bf+0PDrju4dbyh/dcumrQXgXz//Glnf8f94n0yckcNsTdEDMGhNCcH0iq/VxhIDnq3S8TAAAAgN4gezw+eyy8PXObnKKdnk8X5m/ZxvzxwP/4bvPXXPDc93+37JL/d+XU//5fvzDt53/35W8997nqo74258ZvH/3vIyb/rPD3/y2lnf/fN/826cSdsReXDgihJidwV+xlZ6BLYww8+fn8QGb8d8YNsDhWlTkxIVvV4liiNQaaU4HlxUrcmy0xKD+QebKyjZ+bHUd7pkROAAAAAN53cXdAPC4fz/+vn/yjw7dc8Ppfr3/r+WUvPfrCD/Yd9tnW4f8w+NbPDP/u7z+z70MLC+b/rdt2/n/XPLjg9P6OfiGMqgihT/qHARv6JgsDxkBdWSZxe9+krj7pqs7uG8IhnQNLV/WnzPr/Fek1Bu+vTaqKgUHDVm4Z3pm4ujaEUbmBh7+xYlxnYl4qkG18Um0Ie3eONt34TTVJ45Xpxn9cE8LQnEC2qik1IXQ2VpWu6o7qzHUM0lX9ojqEj+QEslV9pjqEBQGAXir+K52W++DcBWfOmNzR0TZnJybiPvzacHJ7R1vT1Fkd06qL9Glaqs95yxidXTimUq9880RmiaIHL3i0oZR09neCzbltZfbjF5w4mLkfvwtVdo3zgMq8u2PSQ/7kPoVNhJxvUsWGXL6Th9w3t5KtT2JB/TF/VegXaubPbZvTdMbkefPmjE7+lpr9gORvPMyUbKvR6W3Vt7u+lfDyKLpaVsp73Vb75VYyat7M2aPmLjhzZPvMydPbpredMubAsWMPHDd29JhxozpH1Zz87WGo+3VXdWqo76wocVw7cKh7VuRU8n58akhISPS2xE3HXt/4QMf1d9S2jbz/4I6T7r5q1r8+Pv6MI3/b9K9L5q9aULlHwfx/9rvP/+OnTvzkz6zPUOz4f0M8zJ88vvUwf2sMLC/1+H9DsaP52RMDGlOBRTGwyGF+AAAAPhzi7si4NzPulb59yZbV9x7/0Z8ffOnvd/9szdy9Nkz98XXfa3up5leHtf954qFNhxXM/xeV9vv/HbT+f3bp+qOKLfM/IpZoLrb+f3qZ/+z6/4uKrf+fXuY/u/7/8g9g/f/52UBqk7xq/X8AAODD4P1b/7/H5f3TFwgoyNDj8v7pCwQUZOhxGf9SLxCwzev/n1Yz7K9PvOCLVVu+NOCV1Xfs+/NPTD/+xX9/fObfnDjyiC+eNOXTtxbM/y8ubf5v4X4AAADYdXzptz9tv3vsWQOffO2fxpy+uO3UtRdM+p+zrr9nn8fXr7qqz5SNTxTM/5eXNv9//9f/C8XO/28sFmgptjCg9f8AAADopYqt/3fTg7W/OXrw2Q2vnrr8uoF7P3TqgDk3PvjAk3cNG3pR1U0L5i95oGD+v7q0+X887aI8L3fszZv1yZp2Ib2m3cv12Z8MAAAAQO9QHpqaKkvMm7cy6mHvvc3HMkuBvls617n/aey6B154e/GU855d+eKNT97/sZdPue3q7/3jF05/7cKhI8cvHlow/19X2vw/73cZmy9/ZVJz/2MGvXnDhE1Dxp60bNnW4/8AAADAzlPqfgkAAAAAAAAAAAAAAOCD98aKlv97x/5/PrDj8U+sqfvEhCea9h8y8adXVp/z6+8/84vW6b9cWvD7/3BcV7liv/+P1/2Lvy8YmJc7ttrz+n+Z+189etWCriULN9SHsE9uYMY5M3YLmWvz75cbWPvNEXt0Js5Jl7ht44RnOhMnpQNHjtz99c7EIalAa1wkcXA6EK+q+Hr/VCAur/hAOhC3x+p0oCoTOL9/Mo6y9LbaVJdsq7L0tnqsLoQBOYHstrq5LmmjLD3ApalAdoCnpgNxgMdmAuXpXq3ql/QqBupi0av6Jb0CAGCXFb8FVoaT2zvamuNX+Hi7Z0X+bZS3ZNnZhdWWldj8E5mlyR684NGGUtJ90t9Ft15rvDJUdw5hdMHX1dwsZV2j3DG19LDpBhYZck+rvZUXKZe2rZuuqviIapMRNU2d1TGtsseBj+k5ywEVPWYZXTDZyc1S3rVJS6ilhL6UMKISt00JXY73y0NTU59UroNjsCHk6ekVUerv9XPX+Sv2KsjNc8LuW2b+y9FXffPvNvxpw7TzL51wRNmzx1yz9oq3Nj75N4+33/jyfymY/zeUNv+vzh3X65mLASyKV9b73IAQWkscEQAAAHz43fDd6288Ydadm05eV/HIfffNKP/yCZXvLPz1wjO/99jti488/9M/2974WafV7f5kxU//+YRTvtEwfdrev6756GXnvbX21M2nvla/36u153+0YP7fWNr8P+7ByhwKTvZ2rIvX/z93QAhdl9ZvSALXxuFOGRDCX3WlWmKJ5IL6R8USzUng2rjDZEQs0dqSX1VNDKxOBZ6tzwTWpQJ3xkBmL8XKkNmVc0l9COO6Usfll5gdSzSkAl+OgcZUoCkGmlOB/jEwPhV4oX8m0JIK/FsMhPb8bfWr/pltBQAAsC0y86zK/LshPc9bXdFThrKeMvTtKUN5Txmqe8pQbBTx/o0xQ2Xq5JWynEyV6VprU7UUZIgXw9/mfhVkCPfm50wXLGg6nn+QPd+gLD/Dxx+6es131nzhpWN/s+SyN+99qvxHQ1Z8t7H2rXUbLvnxsLG7v/iDgvl/c2nz/775t0nrd8b5/9br/yWBu2L3Lo2njjfGwJOfzw9kdgzcGSe7i7NVtWRKZCbti2OJ8THQmArMjoHxqUDrcZnA8j3yA5mZdrbxc7ONt2dK5AQAAADgfRd3EMTdNHH+P7Nu0sRxo36y5I3lMxetffvCFy5ccXvHq5XjNr52zae+1ufx4bcXzP/Hlzb/j+31y23svNibp/uHcHPZ1t5kAyPrkkDcj1EXfx4/pC6E3XJ2cGRLtPVNSlSlGg6/q01+oV6VruqW2mSNgXj/q/ffsfaHnYmltSHsm7P3JdvGH6uTNmrTgeFVSaBvOjCrIgnEPT/ZwJryJADbLbtXML6gMqe6ZDV0X67I6+/Dck3Q9PAK9oF2k6+731ztLNXpBzL7VLO27WkrqI6douDtsc67rTe+2xq823K/SGW+obyzNVQdyqe1nTx5fse8+EjuL1kL7KTnOfdXqqWkd8DrcNF7723PqtMdaE59fDR3X67712FZrG7z5a9Mau5/zKAbJmwaMvakZctK7kYR8YfCI9ZM2i138+5s1SHzmut1nyctPk9647+BRk9bCGH/1pdu7X/wv+310MmrvzVqr8Hj/vJPTxwZHnl46T4Ljrlo5T63HFUw/28pbf5fkbrt8kbcmHMHhPDJnI27IW7+wwckn4M5geRT8iOFgeSQ+1P1RT85AQAAYEfL7u7I7i9oz9wmJ4Sn58mF+Vu2MX/cXzG+2/yl9vu1b7z49ozTvn7Lpe+E/oc3jJ2/5ZLjZm2cseaFh6b/cdV1x7a+UTD/b333+X9NqpuO/zv+z07i+H+3dvVd0TXpBxZt167ogurYKRz/79au/m5z/L9bjv87/t8dx/974Ph/t3b1p63gW9JsX7pCCHcf9Naqv7305iX/63uTh3xq7aTGeyq+f9iM368cvu6+q75y+5FffLlg/j+7tPm/9f+6X7Qvu/5fa7H1/2YXW/9vkfX/AACAnarIQnPpeV7B6n0FGdKr9xVk6HGBwB6XGLT+3zav//f82qf+XHf8+p/86qKqRz5y+ohBQ0945sDpl1859IcPbNz87P5f21gw/19U2vw/vhz65bbeW9b/azyuSFUXx8BsCwMCAACwKyq2gwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAP1nlfP+u0xcNem/bP35p4991fuW7PsqFPPPIPf/nWPafUHvLCd2YM/PhDE+efdcVB45+6bPPH/jD4hGWfDKG9q1xZUrxs4YmbTp+49xETLlp/6C+n9LtyXnWm3srM7V55uWOrb9aHsDznkbqYeLm+887WwFePXrWgojOxoT6EfXIDM86ZsVtn4pr6EPbLDaz95og9OhPnpEvctnHCM52Jk9KBI0fu/npn4pBMoCzd3Sv6J90tS3f3h/1DGJATyHb3O/3zq8q28aVMoDzdxs/qkjZioC4WvbwuaSMGOmKJ9poQRlWE0Cdd1b9UJ1X1SVf1m+qkqj7pqv62OoRDQggV6ao2ViVVVaRHfk9VUlUMDBq2csvwzsTyqhBG5QYe/saKcZ2JU1OBbOMTq0LYu/Mlk278xsqk8cp040srQxgaQqhKl3itIilRlS7xp4oQPpITyDb+7YoQFgQ+FOKHz7TcB+cuOHPG5I6Otjk7MVGVaas2nNze0dY0dVbHtOpUn4opy0m/c/Z7H/sTWxZO7bx98IJHG0pJV2TKVXZ1+YDKvLtjdvXex371za1k6/NRUH/MXxX6hZr5c9vmNJ0xed68OaOTv6VmPyD52ycTTbbV6N6yrfbLrWTUvJmzR81dcObI9pmTp7dNbztlzIFjxx44buzoMeNGdY6qOfm7I4a64v0f6p4VOZW8Hx8AEhISvS1Rnvfp1ryrf5AXfNHf2tHKUN31AV0wrcjNUtY1yh0x6MPe44jfy/eUHkc0umDiUJDlgJ6zjCmYTGzNUptk6fpeVzA5zK2pvGuTxvvloampT7Ht0JB/N3fzvrgdm/exzKYrNQ0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/H924EAAAAAAAMj/tRGqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsAMHAgAAAABA/q+NUFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYUdOBYAAAAAEOZvHUbPBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADApQAAAP//j/n+Zw==")
open(&(0x7f00000000c0)='./bus\x00', 0x14da42, 0x0)
r0 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
r1 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
ftruncate(r1, 0x800)
lseek(r1, 0x200, 0x0)
r2 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0x1f607)
ioctl$FS_IOC_FIEMAP(r0, 0xc020660b, &(0x7f00000001c0)=ANY=[@ANYBLOB="000000000000000002"])

[ 1349.806554][T14472] iommufd_mock iommufd_mock1: Adding to iommu group 47
17:12:12 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000000)=@framed, &(0x7f0000000040)='GPL\x00', 0x3, 0x5e, &(0x7f0000000080)=""/94, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000100), 0x10, 0x0, 0x0, 0x3, &(0x7f00000001c0)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x1], &(0x7f0000000200)=[{}, {}, {}]}, 0x90)

17:12:12 executing program 1:
ioctl$IOMMU_IOAS_IOVA_RANGES(0xffffffffffffffff, 0x3b84, &(0x7f0000000140)={0x20, 0x0, 0x0, 0x2, 0x0})

17:12:12 executing program 4:
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r0, 0x3ba0, &(0x7f0000000180)={0x44, 0x2})

17:12:12 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f0000000000)=@framed={{}, [@kfunc]}, 0x0, 0x3, 0x5e, &(0x7f0000000080)=""/94, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000100), 0x10, 0x0, 0x0, 0x3, &(0x7f00000001c0)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x1], &(0x7f0000000200)=[{}, {}, {}]}, 0x90)

17:12:12 executing program 1:
ioctl$IOMMU_IOAS_IOVA_RANGES(0xffffffffffffffff, 0x3b84, &(0x7f0000000140)={0x20, 0x0, 0x0, 0x2, 0x0})

17:12:12 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[ 1350.067474][T14487] iommufd_mock iommufd_mock1: Adding to iommu group 47
17:12:12 executing program 4:
ioctl$IOMMU_IOAS_ALLOC(0xffffffffffffffff, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, <r0=>0x0})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(0xffffffffffffffff, 0x3ba0, &(0x7f0000000180)={0x44, 0x2, r0})

17:12:13 executing program 1:
ioctl$IOMMU_IOAS_IOVA_RANGES(0xffffffffffffffff, 0x3b84, &(0x7f0000000140)={0x20, 0x0, 0x0, 0x2, 0x0})

17:12:13 executing program 4:
ioctl$IOMMU_IOAS_ALLOC(0xffffffffffffffff, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, <r0=>0x0})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(0xffffffffffffffff, 0x3ba0, &(0x7f0000000180)={0x44, 0x2, r0})

[ 1350.244935][ T5154] usb 3-1: new high-speed USB device number 127 using dummy_hcd
17:12:13 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f0000000000)=@framed={{}, [@kfunc]}, 0x0, 0x3, 0x5e, &(0x7f0000000080)=""/94, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000100), 0x10, 0x0, 0x0, 0x3, &(0x7f00000001c0)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x1], &(0x7f0000000200)=[{}, {}, {}]}, 0x90)

[ 1350.504775][ T5154] usb 3-1: Using ep0 maxpacket: 8
[ 1350.644719][ T5154] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1350.657570][ T5154] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2
[ 1350.666935][ T5154] usb 3-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1350.679955][ T5154] usb 3-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[ 1350.689773][ T5154] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1350.746761][ T5154] hub 3-1:1.0: bad descriptor, ignoring hub
[ 1350.758128][ T5154] hub: probe of 3-1:1.0 failed with error -5
[ 1350.770497][ T5154] cdc_wdm 3-1:1.0: skipping garbage
[ 1350.777684][ T5154] cdc_wdm: probe of 3-1:1.0 failed with error -22
[ 1350.810800][T14475] loop3: detected capacity change from 0 to 32768
[ 1350.985407][   T28] audit: type=1800 audit(1701277933.697:94): pid=14475 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="sda1" ino=1947 res=0 errno=0
[ 1351.012719][   T28] audit: type=1804 audit(1701277933.717:95): pid=14475 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir2368326825/syzkaller.Q1DDnT/2404/bus" dev="sda1" ino=1947 res=1 errno=0
[ 1351.046781][   T28] audit: type=1804 audit(1701277933.717:96): pid=14475 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.3" name="/root/syzkaller-testdir2368326825/syzkaller.Q1DDnT/2404/bus" dev="sda1" ino=1947 res=1 errno=0
[ 1351.080437][   T28] audit: type=1804 audit(1701277933.717:97): pid=14475 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir2368326825/syzkaller.Q1DDnT/2404/bus" dev="sda1" ino=1947 res=1 errno=0
[ 1351.285099][ T5154] usb 3-1: USB disconnect, device number 127
[ 1351.634842][ T5154] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[ 1351.874645][ T5154] usb 3-1: Using ep0 maxpacket: 8
[ 1352.008713][ T5154] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1352.018902][ T5154] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2
[ 1352.028109][ T5154] usb 3-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1352.041236][ T5154] usb 3-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[ 1352.052767][ T5154] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1352.096258][ T5154] hub 3-1:1.0: bad descriptor, ignoring hub
[ 1352.102180][ T5154] hub: probe of 3-1:1.0 failed with error -5
[ 1352.109294][ T5154] cdc_wdm 3-1:1.0: skipping garbage
[ 1352.114675][ T5154] cdc_wdm: probe of 3-1:1.0 failed with error -22
[ 1352.415016][ T5154] usb 3-1: USB disconnect, device number 2
17:12:15 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f0000000000)=@framed={{}, [@kfunc]}, 0x0, 0x3, 0x5e, &(0x7f0000000080)=""/94, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000100), 0x10, 0x0, 0x0, 0x3, &(0x7f00000001c0)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x1], &(0x7f0000000200)=[{}, {}, {}]}, 0x90)

17:12:15 executing program 4:
ioctl$IOMMU_IOAS_ALLOC(0xffffffffffffffff, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, <r0=>0x0})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(0xffffffffffffffff, 0x3ba0, &(0x7f0000000180)={0x44, 0x2, r0})

17:12:15 executing program 1:
r0 = openat$iommufd(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$IOMMU_IOAS_IOVA_RANGES(r0, 0x3b84, &(0x7f0000000140)={0x20, 0x0, 0x0, 0x2, 0x0})

17:12:15 executing program 5:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
ioctl$KVM_GET_NESTED_STATE(0xffffffffffffffff, 0xc080aebe, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

17:12:15 executing program 3:
syz_mount_image$btrfs(&(0x7f0000005100), &(0x7f0000000000)='./bus\x00', 0x80, &(0x7f0000000040)={[{@ref_verify}, {@nossd}, {@inode_cache}, {@compress_force}, {@space_cache_v2}, {}, {@noacl}]}, 0x5, 0x50ef, &(0x7f0000005140)="$eJzs3U+IVWUfB/Dnzjg6KDjXnbp48QW3wiQKRURDaFaYc82CosVMLYIQYVAwFy3EgpIWDgha4cJgWmR/nFVFC3GVBEEQBcEgzEKQdkIxGC6Ke8957pz7HO+5dyZ1TD+fmDnnOb/zPOeZy1nc783n3AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAhhJNz585V1bdemTm7Y2DP1Us3T+w8NTE6H0KtdbyW1yeeeuaFNw5MPD8cO0zuz7b1erchs67zWWN1x8Fmv86f10IIQ8kAg/l292Bp1OLu4fKAlfZfXNh25NbeXTPHxg9dOLp5qvyn0zS80hNYKfl9dW3xXhpr/R5Izmi3C7dereMWzfqnN9w9+SMAgCUZbbQ27bej+Vvcdvt4Wk/aY0l7OmnHdwjTxcZyZOOu7jbPLWl9heY5lkWFNd3mWU/q+evfbjeSekjbnVFjCfPsPDWPNMPd5jmV1FdqngAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD3k6c/+eJ6VX3rlZmzOwb2XL1088TOUxOj8yHUW8drWbn2xMLcwqa3dj/63e4vP/6zPn5yMO8Xt6sKJ4ff4s5jIyG8Xqhci8P+vj6ERmeh1QwflQtvtnaejQUAAAAeJJtavwfa7SwODnW0a600WWv9F2Vhcf/FhW1Hbu3dNXNs/NCFo5unlj9eo8t4Y7cdr92uL/7UCsE4xt90vMV6PPVwaZxq6Yhpnn959MPtVf1L+b9enf/jKyf/AwAA8G/I/+k41Xrl//nPX91X1b+U/7d0XLKU/+OMY/4fCMvL/wAAAHA/u9v5f6w0TrVe+f/r9/edrupfyv+j/eX/VcVpx4M/xgkfHAlhtNfUAQAAgC7i/3df/Ggh5vXsk4M0r7+49fpQ1Xil/D/WX/6vHBQAAAC4p34488jfVfVS/m/0l//X3NVZAwAAAEvxv/cmD1TVS/l/sr/8vzbf5isfsk7fx3+FcHokhOHmzlRWuBKmn2wXAAAAgDsk5vSXvt18tOq8Uv6fqn7+f3zSQVz/3/H8v9L6/0Ihe+rf4x4MAAAAwMOovJ4/Ph4/++aCbt+/3+/6/09//nVD1fVL+f94f/l/sLi9k9//BwAAAMvwX/v+v1dK41Tr9fz/t9/dsLT8P91f/o/bdcU/73J8fd4ZCWFjcyd/muBn8XIHk8LsUKHQ0kh6HIg98sLsmkKhZSrpsX0khP83d44nhQ2xMJ0UbqzPC+eTwk+xkN8P7cJXSeFyvNPOrM+nmxa+iYV8gcVsXEGxrr0kIunxR7cezcJte8y1Lw4AAPBQieE5z7JDnc2QRtnZWq8T1vY6YaDXCYO9TliVnJCe2O14mOwsxON//TL+XKhQyv/n+8v/8aVYnW26rf8Pcf1//r2G7fX/k7FQTwqzsdBInxjQiNfIwu4H8Rr1Rt7jxsZ2AQAAAB5o8XOBwRWeBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPAPe/ceY8dVHw787PPurte7G4KUhyJiXob8JK/XdhysX0A4qSIQSMlaRP0HhayxN6njDTZ+FBxZqmNQUYoQLrgiCn3YElGdSiCrtOURSiyqBKFaNII2fxji0gJClaAoxXWJgurq3pkzO/fM3ocfa3vD5yN577n3e86ZOefeO54zM/cMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD8drj2azd/pl38Td/+wudu7X3Xi9/89cH1n75/6kchTDde78nCPe84+4OzN3zkrg1fv+uLT5yZuOexwbxcHg/L6n968ycfj7X+ZHkIX+kJoT8NrBrNAgP589FY302jIVwT5gNFidmRrES64PDscAhHwnygqOprwyGMlgL3fu9bz3yqnjg8HMKbQwi1dBkv1rJlDKeBlYNZYCQN7OjPAv9zLlMEvtqbBeCixS9D8aE/Pt2cYWLhci0+fwOXbMWurLR5fTEx0TrfL+5Y5JUqGUxfmL6ot61SHYui8vU44du2BL5tlX4+5G0r70jleyjn5kO10Lt19oHNe+f2xFd6w+RkX6uaFul9PvXS/i3nk14yn8O4AhOX5HP40OHbXhj8wN2nn/jN0/vP1D5/08WuZqvuXWy1kH/mlsz7GG20PVkCX7/KXtIKO10hhDMnTu5vF6+M/yfaj//jxzk+9jbljrW+MpaNzeMrozHxy7FsbA4AAABLxlI4ajq44l9+3K6+yvh/RXfn/+Mp/3wwn7X2RAgbG4mPjYdwfeP1LPBUXNwHx0N4fSM13Ry4IwmcCOGGRuKWoqqkxFAssSIJ/GwsD2xMAs/FwHQSeDIGDiWBj8fA8SSwJQZOJIE7YyBsa27H/xvL29F1YDgGZrJOPB6vQvjVWFxa0lc/KKoCAAC4RPLR4UDz09K1DhebIQ4vjw93yhCvwG6ZoZbUkI5gi2FVyxr6O9XQ26mGot0H2je/UnNPp5orl2H0NGf471PX7QhtVMb/U+3H/7UFVqSncv4/TG1qPMTcvXlkrsgwM92UAQAAALgIv/famc3t4pXx/8burv+Px0T6SpnDyXgYYvt4CFPNgaza26uB7Kz3sjwAAAAAS0FxPr44F74tf8wu0U7H09X80+eZP57437hg/h3f/een261vZfw/3d31/yPNj9lKPBfX4rPjIQyVAt+Oa1kPNKyIgR+9szmQt/+52AGfjFXlFyYUVX0ylpiJgakkcKRVieeLEtc3B/I3q1j4x4p2bMtLlAIAAABw2cXDAfG8fLz+f83f/uGz7cpVxv8z53f9f2McXLm8f25ZCKv7Q+hLfxhwciSbGDAGRnvyxN+PZHX1pVUdHAnh9nrD0qr+PZ//vz+dY/D7w1lVMXD9G469tLKe+MJwCKvLgRfef3R9PbE3CRQL/93hEG6utzZd+N8NZQsfSBf++FAIrysFiqq2DIVQX9hgWtU/1PL7GKRVHa+FcG0pUFT1tloI+wIAS1X8v3Rr+cXd+x7ZvnlubnbXIibiQfzh8MC2udnJLTvmttZarNPWZJ2b5jF6tNqmbm9988M4R9F9x8a7SRc/FJwqLys/kF+5cjB/HneGBhrtXDvQ9HRd2uS3vrG6iFDalWrV5N5FbvJIuZL5N7FSf8w/GJaFob27Z3dNfnTznj271mR/u82+NvsbzzNlfbUm7auRhdati49Hy+myEhfaVyvLlaze8/DO1bv3PbJq28ObH5x9cPZDG6bWrd1w29T6t62uN2oq+9uhpSsXqjlp6bmjXTbrErb0xv5SJZdjoyEhIbHUEoMD95xqt/mpjP93th//x61O3PDn8zO0Ov8/EU/zZ6/Pn+afiYEj3Z7/n2h1Nr+4MGBFEjgQAwec5gcAAODVIR6OjEcz40HpA2958R3tylXG/we6+/3/JZr/v5i6/j2tpvm/JZaYajX/fzrNfzH//4FW8/+n0/wX8/8fuQLz/+8tAkmX/Mr8/wAAwKvB5Zv/v+P0/ukNAioZOk7vn94goJKh4zT+3d4g4Lzn//+bn69ZH9qojP8PdTf+N3E/AAAAXD2uu/Pm77aLV8b/R7ob/1/++f9Cq+v/V7QKTLeaGND8fwAAACxRreb/+977dr6zXbnK+P94d+P/eNlFb1PuWOsrY9mcdiGd0+6XY8VPBgAAAGBp6A2TkwNd5m2aGPWOC1/mqTgVaJt02aFPHDu/3/+f6G783/S7jIcO3/bC4AfuPv3KE795ev+Z2udvmj//DwAAACyebo9LAAAAAAAAAAAAAAAAV96T1355wXkBosrv/8Omxuutfv8f7/vXdNPEs/lkgAfizPqfHjfNHwAAACyux+54+fH478HP/NF/tstbGf9PdDf+j/cXyO+Dl91670S8/9/HxkNo3FpvIgs8FRf3wfEQXt9ITccS2Q313hNLTGWBp+KEibfEEjPTzVUNxcDxJPCzsTxwIgk8FwP5UYpj8caAfzwWwvpGalNziZ2xxEQSuCcGViSByRiYSgLLY2BjEvj58jwwnQT+MQbymw8WffXl5XlfAQAAnI98nDXQ/DSk47zj/Z0y9HTK0HERI50y9HbKUGuRIT7/67gOA+X5+PMM8aWBtNbhpJZKhngzvAtvejFd3/PNOdOClUX3xYITzTljhp3/dOtnQxuV8f+K7sb/F3j//0dPf+d/G4mLuP9/ejf/jTGwIgnsjIGNSWBmUx44cl1zwP3/AQAAuLq1uv//2Ov+6lC7cpXx/1R34/94IOK1TbljrZ3v/58/v/e9X9rXWOWTYyG8sRzYfnD7NfXEk2MhvKUceOa+Wxqj9oNpiW+cvvOn9cT9aeDdq15ztp54exKYiZ10QxqIR1XOLk8CsXu/nwZifxxPA4N54LHlWTt60r76j9Gsr3rSvjo1ml1e0ZP21VdGs2X0pA08nASKBn44DcQG3p0HetO1+tKybK1iYDQW/YtlxUUfAABcneJe4EB4YNvc7FT6E94b+5sfo6Zblj9arbany8X/MN6a/L5j492k+9J90VpR1UCo1ZuwprK7Ws7S02jlpamlQ9e9tkWTO93tvbdFudT5dt1g6xYNZy2a3LJjbutAx4av65xlbX/HLGsqg51ylt5Gl3ZRSxfr0kWLuuybLlY5Pu8Nk5N9Sa7/H4MToUmnT0S39+sr3+e/1aegnOfoJ/7t5Xb1Vcb/G7sb/8f2LAulj/PHY60/WR7CV3rmj0YUgVWjWSA2dzQOj28aDeGaUj8UJWZHshKDyYLDs8PZCHUwreprw9kxhvj83u9965lP1ROHh0N4c+m9KpbxYi1bxnAaWDmYBUbSwI7+LBCv/CgCX+3NAnDRio1C/EDlP3UpTCxcrsXn79VyT9C0eZVroBbIt9A2d7HU0hfya6oK5/e2VapjUVS+Hid825bity34tpV3pPI9lHPzoVro3Tr7wOa9c3viK+U92YpFep/Le6ndpC/B5/DAha9tZ7V0BaaSzcfUwuUW/hz2xOoeOnzbC4MfuPv0E795ev+Z2udv6no1WogDhWf/6zXXlLt3sdVC/plbctuT6YvZngy9WrYnS+5tm/DfQAjh0J8Pf7hdvDL+n+5u/N+fPDa8HDtz93gIby117snY/b8znm0HS4FsK3ltNZBdcv/jsZZbTgAAALjUisMdxfGCbflj9oPwdJxczT99nvnj8YqNC+bvdr33P/v7T7WLV8b/M+3H/0PJajr/7/w/i8T5/wVd7Yeih9IXDlzUoehKdSwK5/8XdLV/25z/X5Dz/87/L8T5/w4u7fn/V8325Gp/2yp7STvtdIUQzt048Hi7eGX8v7O78f9v2fz/6Wz+xfz/6aT9xfz/M63m/9/Zav7/A+b/BwAAFlWLiebTcV5lcv5KhnRy/kqGniTD+d9ioOM0+ub/T+f/P/hnt+8JbVTG/we6G//Hj8Noeemd5/8vpvm/ovP/T2xqUWLjpubVLQKHYmCnOwYAAABwBcUDBPGi925nmAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGBx3f3y2c3t4m/69hc+d2vvu1785q8Prv/0/VM/CmFb4/WeLNzzjrM/OHvDR+7a8PW7vvjEmYl7Hqvl5Qbyx5uacsdaXxkL4UjpldGY+OVY/cl84N73fmlffz1xciyEN5YD2w9uv6aeeHIshLeUA8/cd8t19cTBtMQ3Tt/503ri/jTw7lWvOVtPvD0P9KSr+6fLs9XtSVf3U8tDGC8FitV9aHlzVcUy3pUHetNl/OVotowYGI1FHx/NlhEDc7HEtqEQVveH0JdW9Z1aVlVfWtXXa1lVfWlVf1AL4fYQQn9a1b8OZlX1py1/fjCrKgauf8Oxl1bWE0cHQ1hdDrzw/qPr64ldSaBY+PsGQ7i5/pFJF/7lgWzhA+nC/2QghNeVAkVVMwMh1Bc2mFZ1oj+rajCt6ov9IVxbChRV3dofwr7AlRI3JFvLL+7e98j2zXNzs7sWMTGYL2s4PLBtbnZyy465rbVknVrpKaXPPXrhbf/hS/u3NBL3HRvvJl2s11R5XZ6frrxYft6fPx1otHPtQNPTdUulySPlSubfxEr9Mf9gWBaG9u6e3TX50c179uxak/3tNvva7G9fHs36as1S6auV5UpW73l45+rd+x5Zte3hzQ/OPjj7oQ1T69ZuuG1q/dtW1xs1lf29FC09evlbemN/qZLLsdGQkJBYaonepq3b1NW+Ha/s6M+v6ECoNTbQlWFFOUtPo5WXotF3XEBrc+fb6MqQpNKiNZWBQyXL2s5Z1lXGDPNZhrMsjX3ByuCwXFNvo0vj894wOdnXqh8mmp+Wu/cXF9G9p2LXdZkGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/o8dOBAAAAAAAPJ/bYSqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoq7MCBAAAAAACQ/2sjVFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWEHjgUAAAAAhPlbh9GzAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcCkAAP//AtvxeQ==")
creat(&(0x7f0000000000)='./file2\x00', 0x408)

17:12:15 executing program 2:
syz_open_dev$hidraw(&(0x7f0000000080), 0x0, 0x0)
r0 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000090000082502000000000000000109025c00020100f92a0904000001020900000524060001053408006f0d240f0100"], 0x0)
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
syz_usb_disconnect(0xffffffffffffffff)
write$char_usb(r1, 0x0, 0x0)
syz_usb_disconnect(r0)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000100)=ANY=[], 0x0)

17:12:15 executing program 1:
r0 = openat$iommufd(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$IOMMU_IOAS_IOVA_RANGES(r0, 0x3b84, &(0x7f0000000140)={0x20, 0x0, 0x0, 0x2, 0x0})

17:12:15 executing program 4:
r0 = openat$iommufd(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, <r1=>0x0})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r0, 0x3ba0, &(0x7f0000000180)={0x44, 0x2, r1})

17:12:15 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f0000000000)=@framed={{}, [@kfunc]}, &(0x7f0000000040)='GPL\x00', 0x0, 0xffffffffffffff21, &(0x7f0000000080)=""/94, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000100), 0x10, 0x0, 0x0, 0x3, &(0x7f00000001c0)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x1], &(0x7f0000000200)=[{}, {}, {}]}, 0x90)

17:12:15 executing program 4:
r0 = openat$iommufd(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, <r1=>0x0})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r0, 0x3ba0, &(0x7f0000000180)={0x44, 0x2, r1})

17:12:15 executing program 1:
r0 = openat$iommufd(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$IOMMU_IOAS_IOVA_RANGES(r0, 0x3b84, &(0x7f0000000140)={0x20, 0x0, 0x0, 0x2, 0x0})

17:12:15 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f0000000000)=@framed={{}, [@kfunc]}, &(0x7f0000000040)='GPL\x00', 0x0, 0xffffffffffffff21, &(0x7f0000000080)=""/94, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000100), 0x10, 0x0, 0x0, 0x3, &(0x7f00000001c0)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x1], &(0x7f0000000200)=[{}, {}, {}]}, 0x90)

17:12:15 executing program 1:
openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$IOMMU_IOAS_IOVA_RANGES(0xffffffffffffffff, 0x3b84, &(0x7f0000000140)={0x20, 0x0, 0x0, 0x2, 0x0})

17:12:16 executing program 4:
r0 = openat$iommufd(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, <r1=>0x0})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r0, 0x3ba0, &(0x7f0000000180)={0x44, 0x2, r1})

[ 1353.254709][ T5150] usb 3-1: new high-speed USB device number 3 using dummy_hcd
17:12:16 executing program 1:
openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$IOMMU_IOAS_IOVA_RANGES(0xffffffffffffffff, 0x3b84, &(0x7f0000000140)={0x20, 0x0, 0x0, 0x2, 0x0})

[ 1353.525158][ T5150] usb 3-1: Using ep0 maxpacket: 8
[ 1353.665039][ T5150] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1353.678768][ T5150] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2
[ 1353.688238][ T5150] usb 3-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1353.702733][ T5150] usb 3-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[ 1353.736901][ T5150] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1353.827528][ T5150] hub 3-1:1.0: bad descriptor, ignoring hub
[ 1353.833491][ T5150] hub: probe of 3-1:1.0 failed with error -5
[ 1353.862229][ T5150] cdc_wdm 3-1:1.0: skipping garbage
[ 1353.881061][ T5150] cdc_wdm: probe of 3-1:1.0 failed with error -22
17:12:16 executing program 5:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
ioctl$KVM_GET_NESTED_STATE(0xffffffffffffffff, 0xc080aebe, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

[ 1354.022781][T14507] loop3: detected capacity change from 0 to 32768
[ 1354.046662][T14507] btrfs: Unknown parameter 'inode_cache'
17:12:17 executing program 1:
openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$IOMMU_IOAS_IOVA_RANGES(0xffffffffffffffff, 0x3b84, &(0x7f0000000140)={0x20, 0x0, 0x0, 0x2, 0x0})

[ 1354.360393][ T6332] usb 3-1: USB disconnect, device number 3
[ 1354.724667][T10972] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[ 1354.976163][T10972] usb 3-1: Using ep0 maxpacket: 8
[ 1355.104838][T10972] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1355.115076][T10972] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2
[ 1355.123978][T10972] usb 3-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1355.141307][T10972] usb 3-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[ 1355.151378][T10972] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1355.198474][T10972] hub 3-1:1.0: bad descriptor, ignoring hub
[ 1355.204463][T10972] hub: probe of 3-1:1.0 failed with error -5
[ 1355.212285][T10972] cdc_wdm 3-1:1.0: skipping garbage
[ 1355.218152][T10972] cdc_wdm: probe of 3-1:1.0 failed with error -22
[ 1355.514786][ T6332] usb 3-1: USB disconnect, device number 4
17:12:18 executing program 2:
syz_open_dev$hidraw(&(0x7f0000000080), 0x0, 0x0)
r0 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000090000082502000000000000000109025c00020100f92a0904000001020900000524060001053408006f0d240f0100"], 0x0)
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
syz_usb_disconnect(0xffffffffffffffff)
write$char_usb(r1, 0x0, 0x0)
syz_usb_disconnect(r0)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000100)=ANY=[], 0x0)

17:12:18 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f0000000000)=@framed={{}, [@kfunc]}, &(0x7f0000000040)='GPL\x00', 0x0, 0xffffffffffffff21, &(0x7f0000000080)=""/94, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000100), 0x10, 0x0, 0x0, 0x3, &(0x7f00000001c0)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x1], &(0x7f0000000200)=[{}, {}, {}]}, 0x90)

17:12:18 executing program 4:
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(0xffffffffffffffff, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, <r1=>0x0})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r0, 0x3ba0, &(0x7f0000000180)={0x44, 0x2, r1})

17:12:18 executing program 3:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
ioctl$KVM_GET_NESTED_STATE(0xffffffffffffffff, 0xc080aebe, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

17:12:18 executing program 1:
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$IOMMU_IOAS_IOVA_RANGES(r0, 0x3b84, 0x0)

17:12:18 executing program 5:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
ioctl$KVM_GET_NESTED_STATE(0xffffffffffffffff, 0xc080aebe, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

[ 1355.982050][T14547] iommufd_mock iommufd_mock1: Adding to iommu group 47
17:12:18 executing program 1:
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$IOMMU_IOAS_IOVA_RANGES(r0, 0x3b84, 0x0)

17:12:18 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f0000000000)=@framed={{}, [@kfunc]}, &(0x7f0000000040)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000100), 0x10, 0x0, 0x0, 0x3, &(0x7f00000001c0)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x1], &(0x7f0000000200)=[{}, {}, {}]}, 0x90)

17:12:18 executing program 4:
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(0xffffffffffffffff, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, <r1=>0x0})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r0, 0x3ba0, &(0x7f0000000180)={0x44, 0x2, r1})

[ 1356.115199][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[ 1356.124026][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
17:12:18 executing program 1:
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$IOMMU_IOAS_IOVA_RANGES(r0, 0x3b84, 0x0)

17:12:19 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f0000000000)=@framed={{}, [@kfunc]}, &(0x7f0000000040)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000100), 0x10, 0x0, 0x0, 0x3, &(0x7f00000001c0)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x1], &(0x7f0000000200)=[{}, {}, {}]}, 0x90)

[ 1356.304670][ T5147] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[ 1356.321760][T14561] iommufd_mock iommufd_mock1: Adding to iommu group 47
17:12:19 executing program 4:
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(0xffffffffffffffff, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, <r1=>0x0})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r0, 0x3ba0, &(0x7f0000000180)={0x44, 0x2, r1})

[ 1356.467694][T14567] iommufd_mock iommufd_mock1: Adding to iommu group 47
[ 1356.564897][ T5147] usb 3-1: Using ep0 maxpacket: 8
[ 1356.694866][ T5147] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1356.713742][ T5147] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2
[ 1356.752923][ T5147] usb 3-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1356.790546][ T5147] usb 3-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[ 1356.816628][ T5147] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1356.931980][ T5147] hub 3-1:1.0: bad descriptor, ignoring hub
[ 1356.967249][ T5102] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0
[ 1356.976075][ T5102] Bluetooth: hci1: Injecting HCI hardware error event
[ 1356.987021][ T5102] Bluetooth: hci1: hardware error 0x00
[ 1357.001101][ T5147] hub: probe of 3-1:1.0 failed with error -5
[ 1357.049995][ T5147] cdc_wdm 3-1:1.0: skipping garbage
[ 1357.063568][ T5147] cdc_wdm: probe of 3-1:1.0 failed with error -22
[ 1357.546189][ T5147] usb 3-1: USB disconnect, device number 5
[ 1357.894633][ T5147] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[ 1358.154755][ T5147] usb 3-1: Using ep0 maxpacket: 8
[ 1358.295070][ T5147] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1358.305434][ T5147] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2
[ 1358.317993][ T5147] usb 3-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1358.333075][ T5147] usb 3-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[ 1358.342422][ T5147] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1358.398293][ T5147] hub 3-1:1.0: bad descriptor, ignoring hub
[ 1358.404298][ T5147] hub: probe of 3-1:1.0 failed with error -5
[ 1358.411456][ T5147] cdc_wdm 3-1:1.0: skipping garbage
[ 1358.417206][ T5147] cdc_wdm: probe of 3-1:1.0 failed with error -22
[ 1358.720244][ T6332] usb 3-1: USB disconnect, device number 6
[ 1359.044677][ T5102] Bluetooth: hci1: Opcode 0x0c03 failed: -110
17:12:21 executing program 1:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
ioctl$KVM_GET_NESTED_STATE(0xffffffffffffffff, 0xc080aebe, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

17:12:21 executing program 4:
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, 0x0)
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r0, 0x3ba0, &(0x7f0000000180)={0x44, 0x2})

17:12:21 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f0000000000)=@framed={{}, [@kfunc]}, &(0x7f0000000040)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000100), 0x10, 0x0, 0x0, 0x3, &(0x7f00000001c0)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x1], &(0x7f0000000200)=[{}, {}, {}]}, 0x90)

17:12:21 executing program 5:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
ioctl$KVM_GET_NESTED_STATE(0xffffffffffffffff, 0xc080aebe, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

17:12:21 executing program 3:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
ioctl$KVM_GET_NESTED_STATE(0xffffffffffffffff, 0xc080aebe, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

17:12:21 executing program 2:
syz_open_dev$hidraw(&(0x7f0000000080), 0x0, 0x0)
r0 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000090000082502000000000000000109025c00020100f92a0904000001020900000524060001053408006f0d240f0100000000000000000006"], 0x0)
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
syz_usb_disconnect(0xffffffffffffffff)
write$char_usb(r1, 0x0, 0x0)
syz_usb_disconnect(r0)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000100)=ANY=[], 0x0)

17:12:21 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f0000000000)=@framed={{}, [@kfunc]}, &(0x7f0000000040)='GPL\x00', 0x3, 0x5e, &(0x7f0000000080)=""/94, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f00000001c0)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x1], &(0x7f0000000200)=[{}, {}, {}]}, 0x90)

[ 1359.201289][T14580] iommufd_mock iommufd_mock1: Adding to iommu group 47
17:12:21 executing program 4:
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, 0x0)
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r0, 0x3ba0, &(0x7f0000000180)={0x44, 0x2})

17:12:22 executing program 4:
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, 0x0)
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r0, 0x3ba0, &(0x7f0000000180)={0x44, 0x2})

17:12:22 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f0000000000)=@framed={{}, [@kfunc]}, &(0x7f0000000040)='GPL\x00', 0x3, 0x5e, &(0x7f0000000080)=""/94, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f00000001c0)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x1], &(0x7f0000000200)=[{}, {}, {}]}, 0x90)

[ 1359.376788][T14589] iommufd_mock iommufd_mock1: Adding to iommu group 47
17:12:22 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f0000000000)=@framed={{}, [@kfunc]}, &(0x7f0000000040)='GPL\x00', 0x3, 0x5e, &(0x7f0000000080)=""/94, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f00000001c0)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x1], &(0x7f0000000200)=[{}, {}, {}]}, 0x90)

[ 1359.516485][T14591] iommufd_mock iommufd_mock1: Adding to iommu group 47
[ 1359.535298][ T6332] usb 3-1: new high-speed USB device number 7 using dummy_hcd
17:12:22 executing program 4:
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, <r1=>0x0})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(0xffffffffffffffff, 0x3ba0, &(0x7f0000000180)={0x44, 0x2, r1})

[ 1359.764677][    T0] NOHZ tick-stop error: local softirq work is pending, handler #42!!!
[ 1359.825771][ T6332] usb 3-1: Using ep0 maxpacket: 8
[ 1359.978300][ T6332] usb 3-1: config 1 has an invalid descriptor of length 100, skipping remainder of the config
[ 1360.041526][ T5102] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[ 1360.052328][ T5102] Bluetooth: hci2: Injecting HCI hardware error event
[ 1360.060262][ T6332] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2
[ 1360.071608][T14570] Bluetooth: hci2: hardware error 0x00
[ 1360.077600][ T6332] usb 3-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1360.090782][ T6332] usb 3-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[ 1360.099978][ T6332] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1360.185924][ T6332] hub 3-1:1.0: bad descriptor, ignoring hub
[ 1360.201035][ T6332] hub: probe of 3-1:1.0 failed with error -5
[ 1360.228297][ T6332] cdc_wdm 3-1:1.0: skipping garbage
[ 1360.240143][ T6332] cdc_wdm 3-1:1.0: skipping garbage
[ 1360.252258][ T6332] cdc_wdm: probe of 3-1:1.0 failed with error -22
17:12:23 executing program 1:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
ioctl$KVM_GET_NESTED_STATE(0xffffffffffffffff, 0xc080aebe, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

17:12:23 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f0000000000)=@framed={{}, [@kfunc]}, &(0x7f0000000040)='GPL\x00', 0x3, 0x5e, &(0x7f0000000080)=""/94, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000100), 0x10, 0x0, 0x0, 0x3, 0x0, &(0x7f0000000200)=[{}, {}, {}]}, 0x90)

17:12:23 executing program 4:
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, <r1=>0x0})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(0xffffffffffffffff, 0x3ba0, &(0x7f0000000180)={0x44, 0x2, r1})

17:12:23 executing program 5:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
ioctl$KVM_GET_NESTED_STATE(0xffffffffffffffff, 0xc080aebe, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)

17:12:23 executing program 3:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
ioctl$KVM_GET_NESTED_STATE(0xffffffffffffffff, 0xc080aebe, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

[ 1360.756907][ T5102] Bluetooth: hci2: unexpected event for opcode 0x2043
[ 1360.766108][ T5150] usb 3-1: USB disconnect, device number 7
[ 1361.114689][ T5150] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[ 1361.394783][ T5150] usb 3-1: Using ep0 maxpacket: 8
[ 1361.535162][ T5150] usb 3-1: config 1 has an invalid descriptor of length 100, skipping remainder of the config
[ 1361.550537][ T5150] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2
[ 1361.581032][ T5150] usb 3-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1361.631716][ T5150] usb 3-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[ 1361.693526][ T5150] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1361.755975][ T5150] hub 3-1:1.0: bad descriptor, ignoring hub
[ 1361.779500][ T5150] hub: probe of 3-1:1.0 failed with error -5
[ 1361.802557][ T5150] cdc_wdm 3-1:1.0: skipping garbage
[ 1361.809327][ T5150] cdc_wdm 3-1:1.0: skipping garbage
[ 1361.822388][ T5150] cdc_wdm: probe of 3-1:1.0 failed with error -22
[ 1361.932320][ T1223] ieee802154 phy0 wpan0: encryption failed: -22
[ 1361.938726][ T1223] ieee802154 phy1 wpan1: encryption failed: -22
[ 1362.118030][ T6332] usb 3-1: USB disconnect, device number 8
[ 1362.164878][T14570] Bluetooth: hci2: Opcode 0x0c03 failed: -110
17:12:25 executing program 4:
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, <r1=>0x0})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(0xffffffffffffffff, 0x3ba0, &(0x7f0000000180)={0x44, 0x2, r1})

17:12:25 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f0000000000)=@framed={{}, [@kfunc]}, &(0x7f0000000040)='GPL\x00', 0x3, 0x5e, &(0x7f0000000080)=""/94, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000100), 0x10, 0x0, 0x0, 0x3, 0x0, &(0x7f0000000200)=[{}, {}, {}]}, 0x90)

17:12:25 executing program 5:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
ioctl$KVM_GET_NESTED_STATE(0xffffffffffffffff, 0xc080aebe, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)

17:12:25 executing program 1:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
ioctl$KVM_GET_NESTED_STATE(0xffffffffffffffff, 0xc080aebe, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

17:12:25 executing program 3:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
ioctl$KVM_GET_NESTED_STATE(0xffffffffffffffff, 0xc080aebe, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

17:12:25 executing program 2:
syz_open_dev$hidraw(&(0x7f0000000080), 0x0, 0x0)
r0 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000090000082502000000000000000109025c00020100f92a0904000001020900000524060001053408006f0d240f0100000000000000000006"], 0x0)
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
syz_usb_disconnect(0xffffffffffffffff)
write$char_usb(r1, 0x0, 0x0)
syz_usb_disconnect(r0)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000100)=ANY=[], 0x0)

17:12:25 executing program 4:
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f00000000c0)={0xc})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r0, 0x3ba0, 0x0)

17:12:25 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f0000000000)=@framed={{}, [@kfunc]}, &(0x7f0000000040)='GPL\x00', 0x3, 0x5e, &(0x7f0000000080)=""/94, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000100), 0x10, 0x0, 0x0, 0x3, 0x0, &(0x7f0000000200)=[{}, {}, {}]}, 0x90)

17:12:25 executing program 4:
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f00000000c0)={0xc})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r0, 0x3ba0, 0x0)

17:12:25 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f0000000000)=@framed={{}, [@kfunc]}, &(0x7f0000000040)='GPL\x00', 0x3, 0x5e, &(0x7f0000000080)=""/94, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000100), 0x10, 0x0, 0x0, 0x3, &(0x7f00000001c0)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000000200)=[{}, {}, {}]}, 0x90)

[ 1362.898730][ T6332] usb 3-1: new high-speed USB device number 9 using dummy_hcd
17:12:25 executing program 4:
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f00000000c0)={0xc})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r0, 0x3ba0, 0x0)

17:12:25 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f0000000000)=@framed={{}, [@kfunc]}, &(0x7f0000000040)='GPL\x00', 0x3, 0x5e, &(0x7f0000000080)=""/94, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000100), 0x10, 0x0, 0x0, 0x3, &(0x7f00000001c0)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000000200)=[{}, {}, {}]}, 0x90)

17:12:25 executing program 4:
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f00000000c0)={0xc})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r0, 0x3ba0, &(0x7f0000000180)={0x44, 0x2})

17:12:25 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f0000000000)=@framed={{}, [@kfunc]}, &(0x7f0000000040)='GPL\x00', 0x3, 0x5e, &(0x7f0000000080)=""/94, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000100), 0x10, 0x0, 0x0, 0x3, &(0x7f00000001c0)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000000200)=[{}, {}, {}]}, 0x90)

[ 1363.189874][ T6332] usb 3-1: Using ep0 maxpacket: 8
[ 1363.205405][T14570] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0
[ 1363.215455][T14570] Bluetooth: hci3: Injecting HCI hardware error event
[ 1363.224074][ T5102] Bluetooth: hci3: hardware error 0x00
[ 1363.405044][ T6332] usb 3-1: config 1 has an invalid descriptor of length 100, skipping remainder of the config
[ 1363.438517][T14650] iommufd_mock iommufd_mock1: Adding to iommu group 47
[ 1363.460459][ T6332] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2
[ 1363.525066][ T6332] usb 3-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1363.617100][ T6332] usb 3-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[ 1363.645014][ T6332] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
17:12:26 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f0000000000)=@framed={{}, [@kfunc]}, &(0x7f0000000040)='GPL\x00', 0x3, 0x5e, &(0x7f0000000080)=""/94, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000100), 0x10, 0x0, 0x0, 0x3, &(0x7f00000001c0)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x1], &(0x7f0000000200)=[{}, {}, {}]}, 0x90)

[ 1363.749830][ T6332] hub 3-1:1.0: bad descriptor, ignoring hub
[ 1363.778215][ T6332] hub: probe of 3-1:1.0 failed with error -5
[ 1363.815957][ T6332] cdc_wdm 3-1:1.0: skipping garbage
[ 1363.878426][ T6332] cdc_wdm 3-1:1.0: skipping garbage
[ 1363.893142][ T6332] cdc_wdm: probe of 3-1:1.0 failed with error -22
17:12:26 executing program 5:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
ioctl$KVM_GET_NESTED_STATE(0xffffffffffffffff, 0xc080aebe, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)

17:12:26 executing program 4:
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f00000000c0)={0xc})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r0, 0x3ba0, &(0x7f0000000180)={0x44, 0x2})

[ 1364.144854][T14654] iommufd_mock iommufd_mock1: Adding to iommu group 47
[ 1364.284988][ T6332] usb 3-1: USB disconnect, device number 9
[ 1364.636360][ T5148] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[ 1364.894759][ T5148] usb 3-1: Using ep0 maxpacket: 8
[ 1365.034666][ T5148] usb 3-1: config 1 has an invalid descriptor of length 100, skipping remainder of the config
[ 1365.045372][ T5148] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2
[ 1365.054342][ T5148] usb 3-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1365.067429][ T5148] usb 3-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[ 1365.076643][ T5148] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1365.135477][ T5148] hub 3-1:1.0: bad descriptor, ignoring hub
[ 1365.141433][ T5148] hub: probe of 3-1:1.0 failed with error -5
[ 1365.148556][ T5148] cdc_wdm 3-1:1.0: skipping garbage
[ 1365.153796][ T5148] cdc_wdm 3-1:1.0: skipping garbage
[ 1365.159074][ T5148] cdc_wdm: probe of 3-1:1.0 failed with error -22
[ 1365.286275][ T5102] Bluetooth: hci3: Opcode 0x0c03 failed: -110
[ 1365.458666][ T5148] usb 3-1: USB disconnect, device number 10
17:12:28 executing program 2:
syz_open_dev$hidraw(&(0x7f0000000080), 0x0, 0x0)
r0 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000090000082502000000000000000109025c00020100f92a0904000001020900000524060001053408006f0d240f0100000000000000000006"], 0x0)
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
syz_usb_disconnect(0xffffffffffffffff)
write$char_usb(r1, 0x0, 0x0)
syz_usb_disconnect(r0)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000100)=ANY=[], 0x0)

17:12:28 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f0000000000)=@framed={{}, [@kfunc]}, &(0x7f0000000040)='GPL\x00', 0x3, 0x5e, &(0x7f0000000080)=""/94, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000100), 0x10, 0x0, 0x0, 0x3, &(0x7f00000001c0)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x1], &(0x7f0000000200)=[{}, {}, {}]}, 0x90)

17:12:28 executing program 1:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
ioctl$KVM_GET_NESTED_STATE(0xffffffffffffffff, 0xc080aebe, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

17:12:28 executing program 3:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

17:12:28 executing program 4:
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f00000000c0)={0xc})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r0, 0x3ba0, &(0x7f0000000180)={0x44, 0x2})

17:12:28 executing program 5:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
ioctl$KVM_GET_NESTED_STATE(0xffffffffffffffff, 0xc080aebe, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

17:12:28 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f0000000000)=@framed={{}, [@kfunc]}, &(0x7f0000000040)='GPL\x00', 0x3, 0x5e, &(0x7f0000000080)=""/94, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000100), 0x10, 0x0, 0x0, 0x3, &(0x7f00000001c0)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x1], &(0x7f0000000200)=[{}, {}, {}]}, 0x90)

[ 1365.951938][T14665] iommufd_mock iommufd_mock1: Adding to iommu group 47
17:12:28 executing program 4:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
ioctl$KVM_GET_NESTED_STATE(0xffffffffffffffff, 0xc080aebe, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

17:12:28 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f0000000000)=@framed={{}, [@kfunc]}, &(0x7f0000000040)='GPL\x00', 0x3, 0x5e, &(0x7f0000000080)=""/94, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000100), 0x10, 0x0, 0x0, 0x3, &(0x7f00000001c0)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x1], &(0x7f0000000200)=[{}, {}, {}]}, 0x90)

[ 1366.245108][ T6332] usb 3-1: new high-speed USB device number 11 using dummy_hcd
17:12:29 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f0000000000)=@framed={{}, [@kfunc]}, &(0x7f0000000040)='GPL\x00', 0x3, 0x5e, &(0x7f0000000080)=""/94, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000100), 0x10, 0x0, 0x0, 0x3, &(0x7f00000001c0)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x1], &(0x7f0000000200)=[{}, {}, {}]}, 0x90)

[ 1366.625428][ T6332] usb 3-1: Using ep0 maxpacket: 8
17:12:29 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f0000000000)=@framed={{}, [@kfunc]}, &(0x7f0000000040)='GPL\x00', 0x3, 0x5e, &(0x7f0000000080)=""/94, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000100), 0x10, 0x0, 0x0, 0x3, &(0x7f00000001c0)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x1], &(0x7f0000000200)=[{}, {}, {}]}, 0x90)

[ 1366.764806][ T6332] usb 3-1: config 1 has an invalid descriptor of length 100, skipping remainder of the config
[ 1366.834091][ T6332] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2
17:12:29 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f0000000000)=@framed={{}, [@kfunc]}, &(0x7f0000000040)='GPL\x00', 0x3, 0x5e, &(0x7f0000000080)=""/94, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000100), 0x10, 0x0, 0x0, 0x3, &(0x7f00000001c0)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x1], &(0x7f0000000200)=[{}, {}, {}]}, 0x90)

[ 1366.898662][ T6332] usb 3-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1366.966274][ T6332] usb 3-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[ 1367.042362][ T6332] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1367.218855][ T6332] hub 3-1:1.0: bad descriptor, ignoring hub
[ 1367.258649][ T6332] hub: probe of 3-1:1.0 failed with error -5
[ 1367.291488][ T6332] cdc_wdm 3-1:1.0: skipping garbage
[ 1367.302235][ T6332] cdc_wdm 3-1:1.0: skipping garbage
[ 1367.309688][ T6332] cdc_wdm: probe of 3-1:1.0 failed with error -22
[ 1367.745035][ T6332] usb 3-1: USB disconnect, device number 11
[ 1368.094975][ T6332] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[ 1368.367148][ T6332] usb 3-1: Using ep0 maxpacket: 8
[ 1368.494794][ T6332] usb 3-1: config 1 has an invalid descriptor of length 100, skipping remainder of the config
[ 1368.505367][ T6332] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2
[ 1368.514255][ T6332] usb 3-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1368.527365][ T6332] usb 3-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[ 1368.536452][ T6332] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1368.592467][ T6332] hub 3-1:1.0: bad descriptor, ignoring hub
[ 1368.598624][ T6332] hub: probe of 3-1:1.0 failed with error -5
[ 1368.605276][ T6332] cdc_wdm 3-1:1.0: skipping garbage
[ 1368.610502][ T6332] cdc_wdm 3-1:1.0: skipping garbage
[ 1368.615792][ T6332] cdc_wdm: probe of 3-1:1.0 failed with error -22
[ 1368.914881][ T5150] usb 3-1: USB disconnect, device number 12
17:12:32 executing program 2:
syz_open_dev$hidraw(&(0x7f0000000080), 0x0, 0x0)
r0 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000090000082502000000000000000109025c00020100f92a0904000001020900000524060001053408006f0d240f0100000000000000000006471a0100"], 0x0)
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
syz_usb_disconnect(0xffffffffffffffff)
write$char_usb(r1, 0x0, 0x0)
syz_usb_disconnect(r0)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000100)=ANY=[], 0x0)

17:12:32 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f0000000000)=@framed={{}, [@kfunc]}, &(0x7f0000000040)='GPL\x00', 0x3, 0x5e, &(0x7f0000000080)=""/94, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000100), 0x10, 0x0, 0x0, 0x3, &(0x7f00000001c0)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x1], &(0x7f0000000200)=[{}, {}, {}]}, 0x90)

17:12:32 executing program 3:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

17:12:32 executing program 5:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
ioctl$KVM_GET_NESTED_STATE(0xffffffffffffffff, 0xc080aebe, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

17:12:32 executing program 4:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
ioctl$KVM_GET_NESTED_STATE(0xffffffffffffffff, 0xc080aebe, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

17:12:32 executing program 1:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
ioctl$KVM_GET_NESTED_STATE(0xffffffffffffffff, 0xc080aebe, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)

17:12:32 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f0000000000)=@framed={{}, [@kfunc]}, &(0x7f0000000040)='GPL\x00', 0x3, 0x5e, &(0x7f0000000080)=""/94, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000100), 0x10, 0x0, 0x0, 0x3, &(0x7f00000001c0)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x1], &(0x7f0000000200)=[{}, {}, {}]}, 0x90)

17:12:32 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f0000000000)=@framed={{}, [@kfunc]}, &(0x7f0000000040)='GPL\x00', 0x3, 0x5e, &(0x7f0000000080)=""/94, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000100), 0x10, 0x0, 0x0, 0x3, &(0x7f00000001c0)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x1], &(0x7f0000000200)=[{}, {}, {}]}, 0x90)

[ 1369.775086][ T6332] usb 3-1: new high-speed USB device number 13 using dummy_hcd
17:12:32 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f0000000000)=@framed={{}, [@kfunc]}, &(0x7f0000000040)='GPL\x00', 0x3, 0x5e, &(0x7f0000000080)=""/94, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000100), 0x10, 0x0, 0x0, 0x3, &(0x7f00000001c0)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x1], &(0x7f0000000200)=[{}, {}, {}]}, 0x90)

17:12:32 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f0000000000)=@framed={{}, [@kfunc]}, &(0x7f0000000040)='GPL\x00', 0x3, 0x5e, &(0x7f0000000080)=""/94, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000100), 0x10, 0x0, 0x0, 0x3, &(0x7f00000001c0)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x1], &(0x7f0000000200)=[{}, {}, {}]}, 0x90)

[ 1370.096261][ T6332] usb 3-1: Using ep0 maxpacket: 8
[ 1370.234799][ T6332] usb 3-1: config 1 has an invalid descriptor of length 100, skipping remainder of the config
[ 1370.292683][ T6332] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2
[ 1370.323083][ T6332] usb 3-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
17:12:33 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f0000000000)=@framed={{}, [@kfunc]}, &(0x7f0000000040)='GPL\x00', 0x3, 0x5e, &(0x7f0000000080)=""/94, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000100), 0x10, 0x0, 0x0, 0x3, &(0x7f00000001c0)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x1], &(0x7f0000000200)=[{}, {}, {}]}, 0x90)

[ 1370.325406][ T5102] Bluetooth: hci5: Controller not accepting commands anymore: ncmd = 0
[ 1370.346573][ T5102] Bluetooth: hci5: Injecting HCI hardware error event
[ 1370.355768][ T5102] Bluetooth: hci5: hardware error 0x00
[ 1370.379102][ T6332] usb 3-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
17:12:33 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f0000000000)=@framed={{}, [@kfunc]}, &(0x7f0000000040)='GPL\x00', 0x3, 0x5e, &(0x7f0000000080)=""/94, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000100), 0x10, 0x0, 0x0, 0x3, &(0x7f00000001c0)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x1], &(0x7f0000000200)=[{}, {}, {}]}, 0x90)

[ 1370.478393][ T6332] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1370.696241][ T6332] hub 3-1:1.0: bad descriptor, ignoring hub
[ 1370.741204][ T6332] hub: probe of 3-1:1.0 failed with error -5
[ 1370.760340][ T6332] cdc_wdm 3-1:1.0: skipping garbage
[ 1370.798073][ T6332] cdc_wdm 3-1:1.0: skipping garbage
[ 1370.851746][ T6332] cdc_wdm: probe of 3-1:1.0 failed with error -22
[ 1371.217285][ T6332] usb 3-1: USB disconnect, device number 13
[ 1371.584718][ T6332] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[ 1371.824576][ T6332] usb 3-1: Using ep0 maxpacket: 8
[ 1371.948400][ T6332] usb 3-1: config 1 has an invalid descriptor of length 100, skipping remainder of the config
[ 1371.959256][ T6332] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2
[ 1371.969009][ T6332] usb 3-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1371.982199][ T6332] usb 3-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[ 1371.991305][ T6332] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1372.045136][ T6332] hub 3-1:1.0: bad descriptor, ignoring hub
[ 1372.051069][ T6332] hub: probe of 3-1:1.0 failed with error -5
[ 1372.058528][ T6332] cdc_wdm 3-1:1.0: skipping garbage
[ 1372.063748][ T6332] cdc_wdm 3-1:1.0: skipping garbage
[ 1372.069051][ T6332] cdc_wdm: probe of 3-1:1.0 failed with error -22
[ 1372.368056][ T5148] usb 3-1: USB disconnect, device number 14
[ 1372.485013][ T5102] Bluetooth: hci5: Opcode 0x0c03 failed: -110
17:12:35 executing program 2:
syz_open_dev$hidraw(&(0x7f0000000080), 0x0, 0x0)
r0 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000090000082502000000000000000109025c00020100f92a0904000001020900000524060001053408006f0d240f0100000000000000000006471a0100"], 0x0)
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
syz_usb_disconnect(0xffffffffffffffff)
write$char_usb(r1, 0x0, 0x0)
syz_usb_disconnect(r0)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000100)=ANY=[], 0x0)

17:12:35 executing program 1:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
ioctl$KVM_GET_NESTED_STATE(0xffffffffffffffff, 0xc080aebe, 0x0)

17:12:35 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f0000000000)=@framed={{}, [@kfunc]}, &(0x7f0000000040)='GPL\x00', 0x3, 0x5e, &(0x7f0000000080)=""/94, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000100), 0x10, 0x0, 0x0, 0x3, &(0x7f00000001c0)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x1], &(0x7f0000000200)=[{}, {}, {}]}, 0x90)

17:12:35 executing program 3:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

17:12:35 executing program 4:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

17:12:35 executing program 5:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
ioctl$KVM_GET_NESTED_STATE(0xffffffffffffffff, 0xc080aebe, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

17:12:35 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f0000000000)=@framed={{}, [@kfunc]}, &(0x7f0000000040)='GPL\x00', 0x3, 0x5e, &(0x7f0000000080)=""/94, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000100), 0x10, 0x0, 0x0, 0x0, &(0x7f00000001c0)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x1]}, 0x90)

17:12:35 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f0000000000)=@framed={{}, [@kfunc]}, &(0x7f0000000040)='GPL\x00', 0x3, 0x5e, &(0x7f0000000080)=""/94, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000100), 0x10, 0x0, 0x0, 0x0, &(0x7f00000001c0)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x1]}, 0x90)

[ 1373.134976][T10973] usb 3-1: new high-speed USB device number 15 using dummy_hcd
17:12:36 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f0000000000)=@framed={{}, [@kfunc]}, &(0x7f0000000040)='GPL\x00', 0x3, 0x5e, &(0x7f0000000080)=""/94, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000100), 0x10, 0x0, 0x0, 0x0, &(0x7f00000001c0)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x1]}, 0x90)

17:12:36 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f0000000000)=@framed={{}, [@kfunc]}, &(0x7f0000000040)='GPL\x00', 0x3, 0x5e, &(0x7f0000000080)=""/94, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000100), 0x10, 0x0, 0x0, 0x2, &(0x7f00000001c0)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x1], &(0x7f0000000200)=[{}, {}]}, 0x90)

[ 1373.516768][T10973] usb 3-1: Using ep0 maxpacket: 8
17:12:36 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f0000000000)=@framed={{}, [@kfunc]}, &(0x7f0000000040)='GPL\x00', 0x3, 0x5e, &(0x7f0000000080)=""/94, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000100), 0x10, 0x0, 0x0, 0x2, &(0x7f00000001c0)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x1], &(0x7f0000000200)=[{}, {}]}, 0x90)

[ 1373.694901][T10973] usb 3-1: config 1 has an invalid descriptor of length 100, skipping remainder of the config
[ 1373.739209][T10973] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2
[ 1373.817244][T10973] usb 3-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
17:12:36 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f0000000000)=@framed={{}, [@kfunc]}, &(0x7f0000000040)='GPL\x00', 0x3, 0x5e, &(0x7f0000000080)=""/94, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000100), 0x10, 0x0, 0x0, 0x2, &(0x7f00000001c0)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x1], &(0x7f0000000200)=[{}, {}]}, 0x90)

[ 1373.910915][T10973] usb 3-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[ 1373.957283][T10973] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1374.061735][T10973] hub 3-1:1.0: bad descriptor, ignoring hub
[ 1374.138395][T10973] hub: probe of 3-1:1.0 failed with error -5
[ 1374.187107][T10973] cdc_wdm 3-1:1.0: skipping garbage
[ 1374.231072][T10973] cdc_wdm 3-1:1.0: skipping garbage
[ 1374.294669][T10973] cdc_wdm: probe of 3-1:1.0 failed with error -22
[ 1374.629745][T10973] usb 3-1: USB disconnect, device number 15
[ 1374.964595][T10973] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[ 1375.209336][T10973] usb 3-1: Using ep0 maxpacket: 8
[ 1375.324726][T10973] usb 3-1: config 1 has an invalid descriptor of length 100, skipping remainder of the config
[ 1375.336338][T10973] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2
[ 1375.345380][T10973] usb 3-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1375.360377][T10973] usb 3-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[ 1375.369538][T10973] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1375.416473][T10973] hub 3-1:1.0: bad descriptor, ignoring hub
[ 1375.422413][T10973] hub: probe of 3-1:1.0 failed with error -5
[ 1375.430611][T10973] cdc_wdm 3-1:1.0: skipping garbage
[ 1375.438234][T10973] cdc_wdm 3-1:1.0: skipping garbage
[ 1375.443469][T10973] cdc_wdm: probe of 3-1:1.0 failed with error -22
[ 1375.736572][ T5147] usb 3-1: USB disconnect, device number 16
17:12:38 executing program 4:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

17:12:38 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f0000000000)=@framed={{}, [@kfunc]}, &(0x7f0000000040)='GPL\x00', 0x3, 0x5e, &(0x7f0000000080)=""/94, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000100), 0x10, 0x0, 0x0, 0x2, &(0x7f00000001c0)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x1], &(0x7f0000000200)=[{}, {}]}, 0x90)

17:12:38 executing program 5:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

17:12:38 executing program 1:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)

17:12:38 executing program 2:
syz_open_dev$hidraw(&(0x7f0000000080), 0x0, 0x0)
r0 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000090000082502000000000000000109025c00020100f92a0904000001020900000524060001053408006f0d240f0100000000000000000006471a0100"], 0x0)
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
syz_usb_disconnect(0xffffffffffffffff)
write$char_usb(r1, 0x0, 0x0)
syz_usb_disconnect(r0)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000100)=ANY=[], 0x0)

17:12:38 executing program 3:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

17:12:38 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f0000000000)=@framed={{}, [@kfunc]}, &(0x7f0000000040)='GPL\x00', 0x3, 0x5e, &(0x7f0000000080)=""/94, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000100), 0x10, 0x0, 0x0, 0x2, &(0x7f00000001c0)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x1], &(0x7f0000000200)=[{}, {}]}, 0x90)

17:12:39 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f0000000000)=@framed={{}, [@kfunc]}, &(0x7f0000000040)='GPL\x00', 0x3, 0x5e, &(0x7f0000000080)=""/94, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000100), 0x10, 0x0, 0x0, 0x2, &(0x7f00000001c0)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x1], &(0x7f0000000200)=[{}, {}]}, 0x90)

[ 1376.494805][ T6332] usb 3-1: new high-speed USB device number 17 using dummy_hcd
17:12:39 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f0000000000)=@framed={{}, [@kfunc]}, &(0x7f0000000040)='GPL\x00', 0x3, 0x5e, &(0x7f0000000080)=""/94, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000100), 0x10, 0x0, 0x0, 0x2, &(0x7f00000001c0)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x1], &(0x7f0000000200)=[{}, {}]}, 0x90)

[ 1376.805473][ T6332] usb 3-1: Using ep0 maxpacket: 8
17:12:39 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f0000000000)=@framed={{}, [@kfunc]}, &(0x7f0000000040)='GPL\x00', 0x3, 0x5e, &(0x7f0000000080)=""/94, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000100), 0x10, 0x0, 0x0, 0x2, &(0x7f00000001c0)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x1], &(0x7f0000000200)=[{}, {}]}, 0x90)

[ 1376.934777][ T6332] usb 3-1: config 1 has an invalid descriptor of length 100, skipping remainder of the config
[ 1376.946433][ T6332] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2
[ 1377.057010][ T6332] usb 3-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1377.130836][ T6332] usb 3-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[ 1377.164744][ T6332] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
17:12:39 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f0000000000)=@framed={{}, [@kfunc]}, &(0x7f0000000040)='GPL\x00', 0x3, 0x5e, &(0x7f0000000080)=""/94, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000100), 0x10, 0x0, 0x0, 0x2, &(0x7f00000001c0)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x1], &(0x7f0000000200)=[{}, {}]}, 0x90)

[ 1377.256152][ T6332] hub 3-1:1.0: bad descriptor, ignoring hub
[ 1377.265522][ T6332] hub: probe of 3-1:1.0 failed with error -5
[ 1377.298776][ T6332] cdc_wdm 3-1:1.0: skipping garbage
[ 1377.323779][ T6332] cdc_wdm 3-1:1.0: skipping garbage
[ 1377.340303][ T6332] cdc_wdm: probe of 3-1:1.0 failed with error -22
17:12:40 executing program 0:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

17:12:40 executing program 4:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

17:12:40 executing program 5:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

[ 1377.795854][ T6331] usb 3-1: USB disconnect, device number 17
17:12:40 executing program 1:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

17:12:40 executing program 3:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

[ 1378.174668][ T6331] usb 3-1: new high-speed USB device number 18 using dummy_hcd
[ 1378.484644][ T6331] usb 3-1: Using ep0 maxpacket: 8
[ 1378.614698][ T6331] usb 3-1: config 1 has an invalid descriptor of length 100, skipping remainder of the config
[ 1378.665783][ T6331] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2
[ 1378.775262][ T6331] usb 3-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1378.922436][ T6331] usb 3-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[ 1379.018461][ T6331] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1379.156081][ T6331] hub 3-1:1.0: bad descriptor, ignoring hub
[ 1379.223068][ T6331] hub: probe of 3-1:1.0 failed with error -5
[ 1379.248937][ T6331] cdc_wdm 3-1:1.0: skipping garbage
17:12:42 executing program 2:
syz_open_dev$hidraw(&(0x7f0000000080), 0x0, 0x0)
r0 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000090000082502000000000000000109025c00020100f92a0904000001020900000524060001053408006f0d240f0100000000000000000006471a01000019"], 0x0)
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
syz_usb_disconnect(0xffffffffffffffff)
write$char_usb(r1, 0x0, 0x0)
syz_usb_disconnect(r0)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000100)=ANY=[], 0x0)

17:12:42 executing program 0:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

17:12:42 executing program 4:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

[ 1379.287249][ T6331] cdc_wdm 3-1:1.0: skipping garbage
[ 1379.342490][ T6331] cdc_wdm: probe of 3-1:1.0 failed with error -22
[ 1379.447023][ T6331] usb 3-1: USB disconnect, device number 18
17:12:42 executing program 5:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

17:12:42 executing program 1:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)

[ 1379.974641][ T6331] usb 3-1: new high-speed USB device number 19 using dummy_hcd
17:12:42 executing program 3:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

[ 1380.284246][ T6331] usb 3-1: Using ep0 maxpacket: 8
[ 1380.444793][ T6331] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1380.548229][ T6331] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2
17:12:43 executing program 4:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

[ 1380.682496][ T6331] usb 3-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1380.731789][ T6331] usb 3-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[ 1380.784849][ T6331] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
17:12:43 executing program 0:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

[ 1380.936887][ T6331] hub 3-1:1.0: bad descriptor, ignoring hub
[ 1380.997391][ T6331] hub: probe of 3-1:1.0 failed with error -5
[ 1381.029386][ T6331] cdc_wdm 3-1:1.0: skipping garbage
[ 1381.060606][ T6331] cdc_wdm 3-1:1.0: skipping garbage
[ 1381.124588][ T6331] cdc_wdm 3-1:1.0: skipping garbage
[ 1381.194600][ T6331] cdc_wdm: probe of 3-1:1.0 failed with error -22
17:12:44 executing program 1:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)

17:12:44 executing program 5:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_GET_NESTED_STATE(0xffffffffffffffff, 0xc080aebe, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

17:12:44 executing program 3:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

[ 1381.562548][ T6331] usb 3-1: USB disconnect, device number 19
[ 1382.017458][ T6331] usb 3-1: new high-speed USB device number 20 using dummy_hcd
[ 1382.446044][ T6331] usb 3-1: Using ep0 maxpacket: 8
17:12:45 executing program 4:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

[ 1382.604775][ T6331] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1382.627674][ T6331] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2
[ 1382.646538][ T6331] usb 3-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
17:12:45 executing program 2:
syz_open_dev$hidraw(&(0x7f0000000080), 0x0, 0x0)
r0 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000090000082502000000000000000109025c00020100f92a0904000001020900000524060001053408006f0d240f0100000000000000000006471a01000019"], 0x0)
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
syz_usb_disconnect(0xffffffffffffffff)
write$char_usb(r1, 0x0, 0x0)
syz_usb_disconnect(r0)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000100)=ANY=[], 0x0)

17:12:45 executing program 0:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

[ 1382.709864][ T6331] usb 3-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[ 1382.790176][ T6331] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1382.934198][ T6331] usb 3-1: can't set config #1, error -71
[ 1383.028616][ T6331] usb 3-1: USB disconnect, device number 20
17:12:45 executing program 3:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

[ 1383.484874][ T6331] usb 3-1: new high-speed USB device number 21 using dummy_hcd
17:12:46 executing program 5:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_GET_NESTED_STATE(0xffffffffffffffff, 0xc080aebe, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

17:12:46 executing program 1:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)

[ 1383.836319][ T6331] usb 3-1: Using ep0 maxpacket: 8
[ 1384.014689][ T6331] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
17:12:46 executing program 0:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)

[ 1384.127100][ T6331] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2
[ 1384.167377][ T6331] usb 3-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1384.288244][ T6331] usb 3-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[ 1384.327930][ T6331] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
17:12:47 executing program 4:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

17:12:47 executing program 3:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)

[ 1384.539028][ T6331] hub 3-1:1.0: bad descriptor, ignoring hub
[ 1384.578823][ T6331] hub: probe of 3-1:1.0 failed with error -5
[ 1384.610128][ T6331] cdc_wdm 3-1:1.0: skipping garbage
[ 1384.641891][ T6331] cdc_wdm 3-1:1.0: skipping garbage
[ 1384.669244][ T6331] cdc_wdm 3-1:1.0: skipping garbage
[ 1384.703923][ T6331] cdc_wdm: probe of 3-1:1.0 failed with error -22
[ 1385.076224][ T6331] usb 3-1: USB disconnect, device number 21
17:12:47 executing program 1:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)

[ 1385.615858][ T6331] usb 3-1: new high-speed USB device number 22 using dummy_hcd
17:12:48 executing program 5:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_GET_NESTED_STATE(0xffffffffffffffff, 0xc080aebe, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

17:12:48 executing program 0:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

17:12:48 executing program 3:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)

[ 1385.986402][ T6331] usb 3-1: Using ep0 maxpacket: 8
17:12:48 executing program 2:
syz_open_dev$hidraw(&(0x7f0000000080), 0x0, 0x0)
r0 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000090000082502000000000000000109025c00020100f92a0904000001020900000524060001053408006f0d240f0100000000000000000006471a01000019"], 0x0)
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
syz_usb_disconnect(0xffffffffffffffff)
write$char_usb(r1, 0x0, 0x0)
syz_usb_disconnect(r0)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000100)=ANY=[], 0x0)

[ 1386.274658][ T6331] usb 3-1: unable to read config index 0 descriptor/start: -71
[ 1386.300474][ T6331] usb 3-1: can't read configurations, error -71
17:12:49 executing program 4:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

[ 1386.786083][ T6331] usb 3-1: new high-speed USB device number 23 using dummy_hcd
17:12:49 executing program 1:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)

17:12:49 executing program 5:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
ioctl$KVM_GET_NESTED_STATE(0xffffffffffffffff, 0xc080aebe, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

[ 1387.084603][ T6331] usb 3-1: Using ep0 maxpacket: 8
17:12:50 executing program 0:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)

[ 1387.316654][ T6331] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1387.400935][ T6331] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2
[ 1387.491559][ T6331] usb 3-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1387.634567][ T6331] usb 3-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[ 1387.788057][ T6331] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1387.897007][ T6331] hub 3-1:1.0: bad descriptor, ignoring hub
17:12:50 executing program 3:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)

[ 1388.086833][ T6331] hub: probe of 3-1:1.0 failed with error -5
[ 1388.107049][ T6331] cdc_wdm 3-1:1.0: skipping garbage
[ 1388.127028][ T6331] cdc_wdm 3-1:1.0: skipping garbage
[ 1388.169787][ T6331] cdc_wdm 3-1:1.0: skipping garbage
[ 1388.197227][ T6331] cdc_wdm: probe of 3-1:1.0 failed with error -22
17:12:51 executing program 4:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

[ 1388.455059][ T6331] usb 3-1: USB disconnect, device number 23
17:12:51 executing program 5:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
ioctl$KVM_GET_NESTED_STATE(0xffffffffffffffff, 0xc080aebe, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

17:12:51 executing program 0:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)

17:12:51 executing program 1:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)

[ 1388.978032][ T6331] usb 3-1: new high-speed USB device number 24 using dummy_hcd
[ 1389.335757][ T6331] usb 3-1: Using ep0 maxpacket: 8
[ 1389.534964][ T6331] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1389.597242][ T6331] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2
17:12:52 executing program 2:
syz_open_dev$hidraw(&(0x7f0000000080), 0x0, 0x0)
r0 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000090000082502000000000000000109025c00020100f92a0904000001020900000524060001053408006f0d240f0100000000000000000006471a0100001905"], 0x0)
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
syz_usb_disconnect(0xffffffffffffffff)
write$char_usb(r1, 0x0, 0x0)
syz_usb_disconnect(r0)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000100)=ANY=[], 0x0)

[ 1389.689877][ T6331] usb 3-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1389.798433][ T6331] usb 3-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[ 1389.836589][ T6331] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
17:12:52 executing program 4:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

[ 1389.928598][ T6331] usb 3-1: can't set config #1, error -71
[ 1389.971300][ T6331] usb 3-1: USB disconnect, device number 24
17:12:52 executing program 3:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

17:12:53 executing program 0:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)

17:12:53 executing program 5:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
ioctl$KVM_GET_NESTED_STATE(0xffffffffffffffff, 0xc080aebe, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

[ 1390.505501][ T6331] usb 3-1: new high-speed USB device number 25 using dummy_hcd
17:12:53 executing program 1:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)

[ 1390.974638][ T6331] usb 3-1: Using ep0 maxpacket: 8
[ 1391.136443][ T6331] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1391.215126][ T6331] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2
[ 1391.258226][ T6331] usb 3-1: config 1 interface 0 altsetting 0 has an invalid endpoint with address 0x76, skipping
[ 1391.300194][ T6331] usb 3-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[ 1391.329621][ T6331] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
17:12:54 executing program 4:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

[ 1391.476415][ T6331] hub 3-1:1.0: bad descriptor, ignoring hub
[ 1391.562895][ T6331] hub: probe of 3-1:1.0 failed with error -5
[ 1391.613499][ T6331] cdc_wdm 3-1:1.0: skipping garbage
17:12:54 executing program 3:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

[ 1391.644477][ T6331] cdc_wdm 3-1:1.0: skipping garbage
[ 1391.687359][ T6331] cdc_wdm: probe of 3-1:1.0 failed with error -22
[ 1391.966163][ T5148] usb 3-1: USB disconnect, device number 25
17:12:54 executing program 5:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
ioctl$KVM_GET_NESTED_STATE(0xffffffffffffffff, 0xc080aebe, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

17:12:55 executing program 0:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)

[ 1392.369958][ T5148] usb 3-1: new high-speed USB device number 26 using dummy_hcd
17:12:55 executing program 1:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)

[ 1392.865508][ T5148] usb 3-1: Using ep0 maxpacket: 8
[ 1392.984877][ T5148] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1392.995193][ T5148] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2
[ 1393.020686][ T5148] usb 3-1: config 1 interface 0 altsetting 0 has an invalid endpoint with address 0x76, skipping
17:12:55 executing program 4:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

17:12:55 executing program 2:
syz_open_dev$hidraw(&(0x7f0000000080), 0x0, 0x0)
r0 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000090000082502000000000000000109025c00020100f92a0904000001020900000524060001053408006f0d240f0100000000000000000006471a0100001905"], 0x0)
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
syz_usb_disconnect(0xffffffffffffffff)
write$char_usb(r1, 0x0, 0x0)
syz_usb_disconnect(r0)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000100)=ANY=[], 0x0)

17:12:55 executing program 3:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

[ 1393.172617][ T5148] usb 3-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[ 1393.238239][ T5148] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1393.331384][ T5148] usb 3-1: can't set config #1, error -71
[ 1393.413125][ T5148] usb 3-1: USB disconnect, device number 26
17:12:56 executing program 0:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)

[ 1393.904587][ T5148] usb 3-1: new high-speed USB device number 27 using dummy_hcd
17:12:56 executing program 5:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
ioctl$KVM_GET_NESTED_STATE(0xffffffffffffffff, 0xc080aebe, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

17:12:56 executing program 1:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)

[ 1394.247474][ T5148] usb 3-1: Using ep0 maxpacket: 8
[ 1394.462527][ T5148] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1394.528925][ T5148] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2
[ 1394.571840][ T5148] usb 3-1: config 1 interface 0 altsetting 0 has an invalid endpoint with address 0x76, skipping
[ 1394.623882][ T5148] usb 3-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[ 1394.660700][ T5148] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1394.766092][ T5148] hub 3-1:1.0: bad descriptor, ignoring hub
[ 1394.772030][ T5148] hub: probe of 3-1:1.0 failed with error -5
[ 1394.803459][ T5148] cdc_wdm 3-1:1.0: skipping garbage
[ 1394.846974][ T5148] cdc_wdm 3-1:1.0: skipping garbage
[ 1394.879661][ T5148] cdc_wdm: probe of 3-1:1.0 failed with error -22
17:12:57 executing program 4:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

17:12:58 executing program 3:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

[ 1395.327050][ T5148] usb 3-1: USB disconnect, device number 27
17:12:58 executing program 5:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
ioctl$KVM_GET_NESTED_STATE(0xffffffffffffffff, 0xc080aebe, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

17:12:58 executing program 0:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)

[ 1395.874605][ T5148] usb 3-1: new high-speed USB device number 28 using dummy_hcd
[ 1396.165486][ T5148] usb 3-1: Using ep0 maxpacket: 8
17:12:59 executing program 1:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
getpid()
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)

[ 1396.304734][ T5148] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1396.346934][ T5148] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2
[ 1396.379498][ T5148] usb 3-1: config 1 interface 0 altsetting 0 has an invalid endpoint with address 0x76, skipping
[ 1396.473131][ T5148] usb 3-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[ 1396.501330][ T5148] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
17:12:59 executing program 2:
syz_open_dev$hidraw(&(0x7f0000000080), 0x0, 0x0)
r0 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000090000082502000000000000000109025c00020100f92a0904000001020900000524060001053408006f0d240f0100000000000000000006471a0100001905"], 0x0)
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
syz_usb_disconnect(0xffffffffffffffff)
write$char_usb(r1, 0x0, 0x0)
syz_usb_disconnect(r0)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000100)=ANY=[], 0x0)

17:12:59 executing program 3:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

[ 1396.747953][ T5148] usb 3-1: can't set config #1, error -71
[ 1396.773450][ T5148] usb 3-1: USB disconnect, device number 28
[ 1396.798838][T13776] udevd[13776]: setting mode of /dev/bus/usb/003/028 to 020664 failed: No such file or directory
17:12:59 executing program 1:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
getpid()
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)

[ 1396.943055][T13776] udevd[13776]: setting owner of /dev/bus/usb/003/028 to uid=0, gid=0 failed: No such file or directory
17:12:59 executing program 4:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)

17:12:59 executing program 5:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
ioctl$KVM_GET_NESTED_STATE(0xffffffffffffffff, 0xc080aebe, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)

[ 1397.244624][ T5148] usb 3-1: new high-speed USB device number 29 using dummy_hcd
17:13:00 executing program 0:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
getpid()
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)

17:13:00 executing program 1:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
getpid()
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)

[ 1397.534569][ T5148] usb 3-1: Using ep0 maxpacket: 8
[ 1397.704889][ T5148] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1397.739241][ T5148] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2
[ 1397.779303][ T5148] usb 3-1: config 1 interface 0 altsetting 0 has an invalid endpoint with address 0x76, skipping
17:13:00 executing program 0:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)

[ 1397.876408][ T5148] usb 3-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[ 1397.898472][ T5148] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1397.997350][ T5148] hub 3-1:1.0: bad descriptor, ignoring hub
[ 1398.019563][ T5148] hub: probe of 3-1:1.0 failed with error -5
[ 1398.053181][ T5148] cdc_wdm 3-1:1.0: skipping garbage
17:13:00 executing program 1:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)

[ 1398.174534][ T5148] cdc_wdm 3-1:1.0: skipping garbage
[ 1398.179809][ T5148] cdc_wdm: probe of 3-1:1.0 failed with error -22
17:13:01 executing program 3:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

17:13:01 executing program 0:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)

[ 1398.554985][ T5150] usb 3-1: USB disconnect, device number 29
17:13:01 executing program 4:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)

[ 1398.954688][ T6331] usb 3-1: new high-speed USB device number 30 using dummy_hcd
[ 1399.215923][ T6331] usb 3-1: Using ep0 maxpacket: 8
[ 1399.364769][ T6331] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1399.383837][ T6331] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2
[ 1399.413845][ T6331] usb 3-1: config 1 interface 0 altsetting 0 has an invalid endpoint with address 0x76, skipping
[ 1399.459765][ T6331] usb 3-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[ 1399.481828][ T6331] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1399.605261][ T6331] hub 3-1:1.0: bad descriptor, ignoring hub
[ 1399.611216][ T6331] hub: probe of 3-1:1.0 failed with error -5
[ 1399.676936][ T6331] cdc_wdm 3-1:1.0: skipping garbage
[ 1399.682154][ T6331] cdc_wdm 3-1:1.0: skipping garbage
[ 1399.688607][ T6331] cdc_wdm: probe of 3-1:1.0 failed with error -22
17:13:02 executing program 2:
syz_open_dev$hidraw(&(0x7f0000000080), 0x0, 0x0)
r0 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000090000082502000000000000000109025c00020100f92a0904000001020900000524060001053408006f0d240f0100000000000000000006471a010000190581"], 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
syz_usb_disconnect(0xffffffffffffffff)
write$char_usb(0xffffffffffffffff, 0x0, 0x0)
syz_usb_disconnect(r0)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000100)=ANY=[], 0x0)

17:13:02 executing program 1:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)

17:13:02 executing program 5:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
ioctl$KVM_GET_NESTED_STATE(0xffffffffffffffff, 0xc080aebe, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)

17:13:02 executing program 0:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)

17:13:02 executing program 4:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)

17:13:02 executing program 3:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

[ 1400.115133][T10972] usb 3-1: reset high-speed USB device number 30 using dummy_hcd
17:13:03 executing program 0:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)

17:13:03 executing program 1:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)

[ 1400.495471][T10972] usb 3-1: device firmware changed
[ 1400.569201][T10972] usb 3-1: USB disconnect, device number 30
17:13:03 executing program 0:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)

17:13:03 executing program 1:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)

[ 1401.084710][T10972] usb 3-1: new high-speed USB device number 31 using dummy_hcd
17:13:03 executing program 5:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
ioctl$KVM_GET_NESTED_STATE(0xffffffffffffffff, 0xc080aebe, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)

17:13:04 executing program 0:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)

[ 1401.324693][T10972] usb 3-1: Using ep0 maxpacket: 8
[ 1401.464785][T10972] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1401.521361][T10972] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2
[ 1401.611085][T10972] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[ 1401.697095][T10972] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[ 1401.741005][T10972] usb 3-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[ 1401.778188][T10972] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1401.838114][T10972] hub 3-1:1.0: bad descriptor, ignoring hub
[ 1401.878732][T10972] hub: probe of 3-1:1.0 failed with error -5
[ 1401.898241][T10972] cdc_wdm 3-1:1.0: skipping garbage
[ 1401.916419][T10972] cdc_wdm 3-1:1.0: skipping garbage
[ 1401.947276][T10972] cdc_wdm 3-1:1.0: cdc-wdm0: USB WDM device
[ 1401.962592][T10972] cdc_wdm 3-1:1.0: Unknown control protocol
[ 1402.424777][ T6331] usb 3-1: USB disconnect, device number 31
[ 1402.804707][ T6331] usb 3-1: new high-speed USB device number 32 using dummy_hcd
[ 1403.044591][ T6331] usb 3-1: Using ep0 maxpacket: 8
[ 1403.164670][ T6331] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1403.176669][ T6331] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2
[ 1403.186455][ T6331] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[ 1403.197637][ T6331] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[ 1403.208942][ T6331] usb 3-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[ 1403.218179][ T6331] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1403.267118][ T6331] hub 3-1:1.0: bad descriptor, ignoring hub
[ 1403.273045][ T6331] hub: probe of 3-1:1.0 failed with error -5
[ 1403.279970][ T6331] cdc_wdm 3-1:1.0: skipping garbage
[ 1403.289425][ T6331] cdc_wdm 3-1:1.0: skipping garbage
[ 1403.301101][ T6331] cdc_wdm 3-1:1.0: cdc-wdm0: USB WDM device
[ 1403.307060][ T6331] cdc_wdm 3-1:1.0: Unknown control protocol
[ 1403.587451][ T6331] usb 3-1: USB disconnect, device number 32
17:13:06 executing program 2:
syz_open_dev$hidraw(&(0x7f0000000080), 0x0, 0x0)
r0 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000090000082502000000000000000109025c00020100f92a0904000001020900000524060001053408006f0d240f0100000000000000000006471a010000190581"], 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
syz_usb_disconnect(0xffffffffffffffff)
write$char_usb(0xffffffffffffffff, 0x0, 0x0)
syz_usb_disconnect(r0)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000100)=ANY=[], 0x0)

17:13:06 executing program 4:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

17:13:06 executing program 1:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)

17:13:06 executing program 0:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r0, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)

17:13:06 executing program 3:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

17:13:06 executing program 5:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
ioctl$KVM_GET_NESTED_STATE(0xffffffffffffffff, 0xc080aebe, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

17:13:06 executing program 0:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r0, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)

17:13:07 executing program 1:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)

17:13:07 executing program 0:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r0, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)

[ 1404.365632][ T5154] usb 3-1: new high-speed USB device number 33 using dummy_hcd
[ 1404.624649][ T5154] usb 3-1: Using ep0 maxpacket: 8
17:13:07 executing program 0:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)

[ 1404.755404][ T5154] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
17:13:07 executing program 1:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)

[ 1404.842339][ T5154] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2
[ 1404.902008][ T5154] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[ 1404.925291][ T5154] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
17:13:07 executing program 0:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)

[ 1405.027905][ T5154] usb 3-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[ 1405.104030][ T5154] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1405.289171][ T5154] hub 3-1:1.0: bad descriptor, ignoring hub
[ 1405.347808][ T5154] hub: probe of 3-1:1.0 failed with error -5
[ 1405.419770][ T5154] cdc_wdm 3-1:1.0: skipping garbage
[ 1405.426094][ T5154] cdc_wdm 3-1:1.0: skipping garbage
[ 1405.448088][ T5154] cdc_wdm 3-1:1.0: cdc-wdm0: USB WDM device
[ 1405.492311][ T5154] cdc_wdm 3-1:1.0: Unknown control protocol
[ 1405.819441][T10972] usb 3-1: USB disconnect, device number 33
[ 1406.164644][T10972] usb 3-1: new high-speed USB device number 34 using dummy_hcd
[ 1406.404584][T10972] usb 3-1: Using ep0 maxpacket: 8
[ 1406.528603][T10972] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1406.538732][T10972] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2
[ 1406.548110][T10972] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[ 1406.562552][T10972] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[ 1406.575210][T10972] usb 3-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[ 1406.584255][T10972] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1406.636545][T10972] hub 3-1:1.0: bad descriptor, ignoring hub
[ 1406.642493][T10972] hub: probe of 3-1:1.0 failed with error -5
[ 1406.649357][T10972] cdc_wdm 3-1:1.0: skipping garbage
[ 1406.654684][T10972] cdc_wdm 3-1:1.0: skipping garbage
[ 1406.661835][T10972] cdc_wdm 3-1:1.0: cdc-wdm0: USB WDM device
[ 1406.672444][T10972] cdc_wdm 3-1:1.0: Unknown control protocol
[ 1406.956519][ T5150] usb 3-1: USB disconnect, device number 34
17:13:10 executing program 2:
syz_open_dev$hidraw(&(0x7f0000000080), 0x0, 0x0)
r0 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000090000082502000000000000000109025c00020100f92a0904000001020900000524060001053408006f0d240f0100000000000000000006471a010000190581"], 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
syz_usb_disconnect(0xffffffffffffffff)
write$char_usb(0xffffffffffffffff, 0x0, 0x0)
syz_usb_disconnect(r0)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000100)=ANY=[], 0x0)

17:13:10 executing program 0:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)

17:13:10 executing program 1:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)

17:13:10 executing program 3:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

17:13:10 executing program 5:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
ioctl$KVM_GET_NESTED_STATE(0xffffffffffffffff, 0xc080aebe, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

17:13:10 executing program 4:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

17:13:10 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)

[ 1407.759326][ T5150] usb 3-1: new high-speed USB device number 35 using dummy_hcd
17:13:10 executing program 1:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r0, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)

17:13:10 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)

[ 1408.055107][ T5150] usb 3-1: Using ep0 maxpacket: 8
17:13:10 executing program 1:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r0, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)

[ 1408.216940][ T5150] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1408.275550][ T5150] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2
17:13:11 executing program 1:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r0, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)

[ 1408.346438][ T5150] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
17:13:11 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)

[ 1408.410683][ T5150] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[ 1408.480395][ T5150] usb 3-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[ 1408.521796][ T5150] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1408.671523][ T5150] hub 3-1:1.0: bad descriptor, ignoring hub
[ 1408.703279][ T5150] hub: probe of 3-1:1.0 failed with error -5
[ 1408.765501][ T5150] cdc_wdm 3-1:1.0: skipping garbage
[ 1408.771997][ T5150] cdc_wdm 3-1:1.0: skipping garbage
[ 1408.788485][ T5150] cdc_wdm 3-1:1.0: cdc-wdm0: USB WDM device
[ 1408.801223][ T5150] cdc_wdm 3-1:1.0: Unknown control protocol
[ 1409.254875][ T5148] usb 3-1: USB disconnect, device number 35
[ 1409.615153][ T5148] usb 3-1: new high-speed USB device number 36 using dummy_hcd
[ 1409.864678][ T5148] usb 3-1: Using ep0 maxpacket: 8
[ 1410.004877][ T5148] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1410.015120][ T5148] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2
[ 1410.024046][ T5148] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[ 1410.035329][ T5148] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[ 1410.052070][ T5148] usb 3-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[ 1410.061251][ T5148] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1410.126856][ T5148] hub 3-1:1.0: bad descriptor, ignoring hub
[ 1410.132844][ T5148] hub: probe of 3-1:1.0 failed with error -5
[ 1410.139569][ T5148] cdc_wdm 3-1:1.0: skipping garbage
[ 1410.146012][ T5148] cdc_wdm 3-1:1.0: skipping garbage
[ 1410.153230][ T5148] cdc_wdm 3-1:1.0: cdc-wdm0: USB WDM device
[ 1410.160906][ T5148] cdc_wdm 3-1:1.0: Unknown control protocol
[ 1410.446105][T10972] usb 3-1: USB disconnect, device number 36
17:13:13 executing program 3:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
getpid()
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

17:13:13 executing program 0:
prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)

17:13:13 executing program 5:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
ioctl$KVM_GET_NESTED_STATE(0xffffffffffffffff, 0xc080aebe, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

17:13:13 executing program 4:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

17:13:13 executing program 1:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)

17:13:13 executing program 2:
syz_open_dev$hidraw(&(0x7f0000000080), 0x0, 0x0)
syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000090000082502000000000000000109025c00020100f92a0904000001020900000524060001053408006f0d240f0100000000000000000006471a010000190581"], 0x0)
r0 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
syz_usb_disconnect(0xffffffffffffffff)
write$char_usb(r0, 0x0, 0x0)
syz_usb_disconnect(0xffffffffffffffff)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000100)=ANY=[], 0x0)

17:13:13 executing program 0:
prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)

17:13:14 executing program 1:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)

[ 1411.374778][ T6331] usb 3-1: new high-speed USB device number 37 using dummy_hcd
17:13:14 executing program 3:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

17:13:14 executing program 0:
prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)

17:13:14 executing program 0:
prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)

[ 1411.664835][ T6331] usb 3-1: Using ep0 maxpacket: 8
17:13:14 executing program 0:
prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)

17:13:14 executing program 1:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)

[ 1411.814735][ T6331] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
17:13:14 executing program 0:
prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)

[ 1411.856275][ T6331] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2
[ 1411.881027][ T6331] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[ 1411.955147][ T6331] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[ 1412.010681][ T6331] usb 3-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[ 1412.040060][ T6331] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1412.146921][ T6331] hub 3-1:1.0: bad descriptor, ignoring hub
[ 1412.174756][ T6331] hub: probe of 3-1:1.0 failed with error -5
[ 1412.206155][ T6331] cdc_wdm 3-1:1.0: skipping garbage
[ 1412.234883][ T6331] cdc_wdm 3-1:1.0: skipping garbage
17:13:14 executing program 3:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

[ 1412.287337][ T6331] cdc_wdm 3-1:1.0: cdc-wdm0: USB WDM device
[ 1412.329846][ T6331] cdc_wdm 3-1:1.0: Unknown control protocol
17:13:15 executing program 4:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

17:13:15 executing program 0:
prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)

[ 1412.812016][T15223] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1412.824069][T15223] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1412.839579][T10972] usb 3-1: USB disconnect, device number 37
17:13:16 executing program 0:
prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)

17:13:16 executing program 1:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)

17:13:16 executing program 3:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

17:13:16 executing program 4:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

17:13:16 executing program 5:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
ioctl$KVM_GET_NESTED_STATE(0xffffffffffffffff, 0xc080aebe, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

17:13:16 executing program 2:
syz_open_dev$hidraw(&(0x7f0000000080), 0x0, 0x0)
syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000090000082502000000000000000109025c00020100f92a0904000001020900000524060001053408006f0d240f0100000000000000000006471a010000190581"], 0x0)
r0 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
syz_usb_disconnect(0xffffffffffffffff)
write$char_usb(r0, 0x0, 0x0)
syz_usb_disconnect(0xffffffffffffffff)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000100)=ANY=[], 0x0)

17:13:16 executing program 0:
prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)

17:13:16 executing program 1:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)

17:13:16 executing program 3:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

17:13:16 executing program 0:
prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)

[ 1413.964823][ T6331] usb 3-1: new high-speed USB device number 38 using dummy_hcd
17:13:16 executing program 1:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)

17:13:17 executing program 0:
prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)

[ 1414.328732][ T6331] usb 3-1: Using ep0 maxpacket: 8
17:13:17 executing program 3:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

[ 1414.444736][ T6331] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1414.466416][ T6331] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2
17:13:17 executing program 1:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)

[ 1414.568007][ T6331] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[ 1414.642205][ T6331] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
17:13:17 executing program 4:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

17:13:17 executing program 0:
prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)

[ 1414.733452][ T6331] usb 3-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[ 1414.801992][ T6331] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
17:13:17 executing program 1:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)

[ 1414.946150][ T6331] hub 3-1:1.0: bad descriptor, ignoring hub
[ 1414.952357][ T6331] hub: probe of 3-1:1.0 failed with error -5
[ 1414.978343][ T6331] cdc_wdm 3-1:1.0: skipping garbage
[ 1415.043089][ T6331] cdc_wdm 3-1:1.0: skipping garbage
[ 1415.084687][ T6331] cdc_wdm 3-1:1.0: cdc-wdm0: USB WDM device
[ 1415.129741][ T6331] cdc_wdm 3-1:1.0: Unknown control protocol
[ 1415.603001][T15283] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1415.612835][T15283] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1415.624674][    C1] cdc_wdm 3-1:1.0: nonzero urb status received: -71
[ 1415.624807][ T5154] usb 3-1: USB disconnect, device number 38
[ 1415.631298][    C1] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes
[ 1415.643268][    C1] cdc_wdm 3-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19
17:13:18 executing program 2:
syz_open_dev$hidraw(&(0x7f0000000080), 0x0, 0x0)
syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000090000082502000000000000000109025c00020100f92a0904000001020900000524060001053408006f0d240f0100000000000000000006471a010000190581"], 0x0)
r0 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
syz_usb_disconnect(0xffffffffffffffff)
write$char_usb(r0, 0x0, 0x0)
syz_usb_disconnect(0xffffffffffffffff)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000100)=ANY=[], 0x0)

17:13:18 executing program 5:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
ioctl$KVM_GET_NESTED_STATE(0xffffffffffffffff, 0xc080aebe, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

17:13:18 executing program 3:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

17:13:18 executing program 0:
prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)

17:13:18 executing program 1:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)

17:13:18 executing program 4:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
getpid()
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

17:13:19 executing program 0:
prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)

17:13:19 executing program 1:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)

17:13:19 executing program 4:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
getpid()
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

17:13:19 executing program 3:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

[ 1416.654654][ T6331] usb 3-1: new high-speed USB device number 39 using dummy_hcd
17:13:19 executing program 1:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)

17:13:19 executing program 0:
prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x61, 0x0, 0x0)

[ 1416.944815][ T6331] usb 3-1: Using ep0 maxpacket: 8
[ 1417.115289][ T6331] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1417.135813][ T6331] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2
[ 1417.151276][ T6331] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[ 1417.174393][ T6331] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[ 1417.187097][ T6331] usb 3-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[ 1417.200542][ T6331] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1417.282084][ T6331] hub 3-1:1.0: bad descriptor, ignoring hub
[ 1417.316331][ T6331] hub: probe of 3-1:1.0 failed with error -5
[ 1417.365449][ T6331] cdc_wdm 3-1:1.0: skipping garbage
[ 1417.384452][ T6331] cdc_wdm 3-1:1.0: skipping garbage
[ 1417.397704][ T6331] cdc_wdm 3-1:1.0: cdc-wdm0: USB WDM device
[ 1417.416247][ T6331] cdc_wdm 3-1:1.0: Unknown control protocol
[ 1417.981073][T15337] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1417.990102][T15337] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1418.003037][ T6331] usb 3-1: USB disconnect, device number 39
[ 1418.009120][    C1] cdc_wdm 3-1:1.0: nonzero urb status received: -71
[ 1418.009150][    C1] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes
[ 1418.009174][    C1] cdc_wdm 3-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19
17:13:21 executing program 2:
syz_open_dev$hidraw(&(0x7f0000000080), 0x0, 0x0)
r0 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000090000082502000000000000000109025c00020100f92a0904000001020900000524060001053408006f0d240f0100000000000000000006471a010000190581"], 0x0)
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
syz_usb_disconnect(0xffffffffffffffff)
write$char_usb(r1, 0x0, 0x0)
syz_usb_disconnect(r0)
syz_usb_connect(0x0, 0x2d, 0x0, 0x0)

17:13:21 executing program 1:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)

17:13:21 executing program 0:
prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x61, 0x0, 0x0)

17:13:21 executing program 3:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

17:13:21 executing program 4:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
getpid()
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

17:13:21 executing program 5:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
ioctl$KVM_GET_NESTED_STATE(0xffffffffffffffff, 0xc080aebe, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

17:13:21 executing program 1:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)

17:13:21 executing program 0:
prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x61, 0x0, 0x0)

[ 1418.927858][T10972] usb 3-1: new high-speed USB device number 40 using dummy_hcd
17:13:21 executing program 3:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

17:13:21 executing program 0:
prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, 0x0}], 0x1, 0x61, 0x0, 0x0)

17:13:21 executing program 4:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
process_vm_readv(0x0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[ 1419.214661][T10972] usb 3-1: Using ep0 maxpacket: 8
17:13:21 executing program 1:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)

[ 1419.365103][T10972] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1419.427155][T10972] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2
[ 1419.460365][T10972] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[ 1419.597118][T10972] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[ 1419.694697][T10972] usb 3-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[ 1419.734705][T10972] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1419.817205][T10972] hub 3-1:1.0: bad descriptor, ignoring hub
[ 1419.824162][T10972] hub: probe of 3-1:1.0 failed with error -5
[ 1419.855868][T10972] cdc_wdm 3-1:1.0: skipping garbage
[ 1419.861123][T10972] cdc_wdm 3-1:1.0: skipping garbage
[ 1419.869367][T10972] cdc_wdm 3-1:1.0: cdc-wdm0: USB WDM device
[ 1419.879009][T10972] cdc_wdm 3-1:1.0: Unknown control protocol
[ 1423.369854][ T1223] ieee802154 phy0 wpan0: encryption failed: -22
[ 1423.376398][ T1223] ieee802154 phy1 wpan1: encryption failed: -22
17:13:27 executing program 2:
syz_open_dev$hidraw(&(0x7f0000000080), 0x0, 0x0)
r0 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000090000082502000000000000000109025c00020100f92a0904000001020900000524060001053408006f0d240f0100000000000000000006471a010000190581"], 0x0)
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
syz_usb_disconnect(0xffffffffffffffff)
write$char_usb(r1, 0x0, 0x0)
syz_usb_disconnect(r0)
syz_usb_connect(0x0, 0x2d, 0x0, 0x0)

17:13:27 executing program 4:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
process_vm_readv(0x0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

17:13:27 executing program 0:
prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)

17:13:27 executing program 1:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)

17:13:27 executing program 3:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

17:13:27 executing program 5:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
ioctl$KVM_GET_NESTED_STATE(0xffffffffffffffff, 0xc080aebe, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

[ 1424.476582][ T5154] usb 3-1: USB disconnect, device number 40
17:13:27 executing program 1:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)

[ 1424.924720][ T5154] usb 3-1: new high-speed USB device number 41 using dummy_hcd
17:13:27 executing program 3:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

17:13:27 executing program 1:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)

17:13:27 executing program 0:
prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)

[ 1425.216860][ T5154] usb 3-1: Using ep0 maxpacket: 8
17:13:28 executing program 4:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
process_vm_readv(0x0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[ 1425.366520][ T5154] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
17:13:28 executing program 1:
prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)

[ 1425.468723][ T5154] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2
[ 1425.512744][ T5154] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[ 1425.570676][ T5154] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[ 1425.635096][ T5154] usb 3-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[ 1425.663954][ T5154] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1425.760102][ T5154] hub 3-1:1.0: bad descriptor, ignoring hub
[ 1425.783005][ T5154] hub: probe of 3-1:1.0 failed with error -5
[ 1425.823406][ T5154] cdc_wdm 3-1:1.0: skipping garbage
[ 1425.838126][ T5154] cdc_wdm 3-1:1.0: skipping garbage
[ 1425.848905][ T5154] cdc_wdm 3-1:1.0: cdc-wdm0: USB WDM device
[ 1425.887084][ T5154] cdc_wdm 3-1:1.0: Unknown control protocol
17:13:33 executing program 2:
syz_open_dev$hidraw(&(0x7f0000000080), 0x0, 0x0)
r0 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000090000082502000000000000000109025c00020100f92a0904000001020900000524060001053408006f0d240f0100000000000000000006471a010000190581"], 0x0)
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
syz_usb_disconnect(0xffffffffffffffff)
write$char_usb(r1, 0x0, 0x0)
syz_usb_disconnect(r0)
syz_usb_connect(0x0, 0x2d, 0x0, 0x0)

17:13:33 executing program 0:
prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)

17:13:33 executing program 4:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x0)
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

17:13:33 executing program 3:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r0, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r0, 0xae80, 0x0)
ioctl$KVM_RUN(r0, 0xae80, 0x0)

17:13:33 executing program 1:
prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)

17:13:33 executing program 5:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
ioctl$KVM_GET_NESTED_STATE(0xffffffffffffffff, 0xc080aebe, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

[ 1430.391636][ T5154] usb 3-1: USB disconnect, device number 41
17:13:33 executing program 3:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r0, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r0, 0xae80, 0x0)
ioctl$KVM_RUN(r0, 0xae80, 0x0)

17:13:33 executing program 0:
syz_emit_ethernet(0x14, &(0x7f0000000040)={@local, @broadcast, @val={@void, {0x8100, 0x0, 0x1}}, {@generic={0x0, '2a'}}}, &(0x7f0000000100))

17:13:33 executing program 3:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r0, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r0, 0xae80, 0x0)
ioctl$KVM_RUN(r0, 0xae80, 0x0)

[ 1430.914636][ T5154] usb 3-1: new high-speed USB device number 42 using dummy_hcd
17:13:33 executing program 1:
prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x200, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)

17:13:33 executing program 1:
prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x200, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)

17:13:33 executing program 3:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[ 1431.204830][ T5154] usb 3-1: Using ep0 maxpacket: 8
[ 1431.415293][ T5154] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1431.474411][ T5154] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2
[ 1431.530157][ T5154] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[ 1431.550079][ T5154] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[ 1431.624002][ T5154] usb 3-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[ 1431.662022][ T5154] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1431.736942][ T5154] hub 3-1:1.0: bad descriptor, ignoring hub
[ 1431.742914][ T5154] hub: probe of 3-1:1.0 failed with error -5
[ 1431.789450][ T5154] cdc_wdm 3-1:1.0: skipping garbage
[ 1431.795964][ T5154] cdc_wdm 3-1:1.0: skipping garbage
[ 1431.809861][ T5154] cdc_wdm 3-1:1.0: cdc-wdm0: USB WDM device
[ 1431.818378][ T5154] cdc_wdm 3-1:1.0: Unknown control protocol
17:13:39 executing program 1:
prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x200, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)

17:13:39 executing program 0:
openat$damon_init_regions(0xffffffffffffff9c, &(0x7f0000000100), 0x109801, 0x0)

17:13:39 executing program 5:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
ioctl$KVM_GET_NESTED_STATE(0xffffffffffffffff, 0xc080aebe, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

17:13:39 executing program 3:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

17:13:39 executing program 4:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x0)
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

17:13:39 executing program 2:
msgctl$MSG_INFO(0x0, 0xc, &(0x7f00000001c0)=""/37)
getrusage(0xffffffffffffffff, &(0x7f0000000040))

[ 1436.404949][ T6331] usb 3-1: USB disconnect, device number 42
17:13:39 executing program 0:
unshare(0x40000400)
syz_mount_image$f2fs(&(0x7f00000000c0), &(0x7f0000000080)='./bus\x00', 0x2008410, &(0x7f0000000100)=ANY=[@ANYBLOB="66617374626f6f742c71756f7461000000000000003b814e50a959736d6572462abc30ef5bccc70f73ecea54b5e5be45aca9836c319f43715d8524212c666d0200685f6d653557e79a002208ce996dda65ffffba0f4ce5c2080002223dc60000000000000044cd0a1e368652334a4127a5f789d267fd92f6a55493b4b851270512b40fe4d76afc3a989c6d60045663c29cbdc4c766a7eb77cc369c71e57fafab52f325ca91e684d3a09c160191ac35177056b06e7068c40f757dbb23d2600b1c544f1525aa8d000000000000000020000000000000000000000000b1edb8217219545fbb05839369a4f7d57ec76a15f90300d884ea83f1c7150db3925c5a88fbed901ef3ae"], 0x1, 0x551a, &(0x7f00000056c0)="$eJzs3EtvG1UbB/AzTtP72zdCLNh1pAopkWqrzqWCXYBWXESqiMuCFTj2xHJre6LYcUJWLFgiFnwTBBIrlnwGFqzZIRYgdkggz5lAQ7lVcWKa/H7S+D9zPH7mzMiK9MxEDsCZNZf+9EMSroVLIYSZEMLVJBTrSbkUVmM8E0K4HkKoPLQk5fhvA+dDCJdDCNfGxWPNpHzrk5ujGyvfv/bjl19fOHfl0y++md5ZA9P2bAihtxXXd3sx83bM++V4Y9Qpsrc8KjO+0XtQbucxd7ONosJu42C/RpFL7bh/vrUzGOdmt9EcZ7uzWYxv9eMBB6P2QZ3iA/cb28V2K9sosjPIi2zvx3nt7ce/bfuDYazTKuu9X5QPw+FBxvFsL4vns/WgyGZ/WI7Hunkr2xvnqMzycKGZd1vFPDaOcqX/217v9Hf20lG2Pejk/XSlVn+uVr9drW/nrWyYLVcbvdbt5XS+3R3vVh1mjd5qO8/b3azWzHsL6Xy72azW6+n8nWyj0+in9XptqXarurJQrt1MX773dtptpfPjfLHT3xl2uoN0M99O4ycW0sXa0vML6Y16+ubaerr+xt27a+tvvXvnnXsvrL36UrnTI9NK5xdvLS5W67eqi/WFM3T+H5aTfozzT452eeDv+YIBPLZH+v+g/weO35Pe/4dJ9v/jlkr//8/9b0X/f9rOH45E/w8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcGZ9O/vZK8XKXNy+Uo7/rxx6qtxOQgiVEMIvf2ImnD9Uc6asM/sX+8/+YQ5fJaGoMD7GhXK5HEJYLZef/3/cVwEAAABOr88/uP5x7Nbjy9y0J8RJijdtKlffm1C9JIQwO/fdhKpVxi9PT6hY8f0+F/YmVK24gXVxQsXiLbdzk6r2r8wciosPRRKjcqLTAQAATsThTuBkuxAAAABO0kfTngDTkYSDR5kHz4KL/7z//YHgpUPvAQAAAE+gZNoTAAAAAI5d0f/7/T8AAAA43eLv/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCv7NzPbeJAFAfgZ4OB/adFq71vK3uDMlJCjjkGCkgTlEBaSAPUQG4pIYIIe4TkCKRIjGMFfZ/kccaOfjMDXN5YMgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0KXnaj1/vP/3cGnObn+ZPKsBAAAATtlW63n9x7Tp/0jXf6VLf1K/iIgyIk7V7oMYtTIHKac68//Vuzk8RdQJhzHG6fgeEf/T8fq7608BAAAArtdmuZo11XrTTPueEJ+p2bQpf95kyisiopq+ZEorD83fTGH173sYd5nS6g2sSaawZsttePreKNcgbYPWKa1ksqi/xLpXdjMuAADQp3YlcKYKAQAA4Arc9j0B+lEcm+NzxnFzSg8Ev7V6AAAAwBdU9D0BAAAAoHN1/e/9fwAAAHDdmvf/AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0KVttZ5vlqvZufuLD+bs9pfJtyIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3tifdxQIgTAIg73rO5O5/2GlQUNjkyoQPv7GYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAN7/7y/+JqXEmmXttLD2PJGunxtapsXduHP1hfP0aAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgYn9eUiAEgiAK5oz/nfT9DysJegYRIqDhUUUtGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCLfvfL/4mpcSaZO20sHY8ka1eNravG3oPG0YPx9m8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgYuf+feOm4gCAf22frz8AEQLKEEBFYoCFptfS0pUBFDHwJyBF6aUErhTaDLSKkLKwocxdEIwIIYHC1v+hcyN1KVuHDEFiBtlnp24b4FSKfU0+H+n5fe9qvfd9vlOVr58TAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACo7bwbr6RVnBWHmXFcv3d7d3256Lcf6gs3N+/MF62Ik5bzfgq82nxxYq67RAAAADg8srq+j4i7+dZi0aczZf2f1+cUNf93z43jup5/uO7f3l0/Wv3TfF3///rLvZf2JpoZz1MMurI6Gp56NJXe/7TEqff8v57RK698ee8lKz+Q9IONF3fy8nom39y69V6/DI+0kS0A8DhO1n0V1D8PFf2gy8QAODR6jcK7rv+zmW5zAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGjDzkY8U8dJRMz37seF7d315f36m5t35ut27saNzeaYxRB5RKysjoanWlzLtLt67fqnS6PR8Er7wYmI6G72KvhognMi/vmc6usZ3a3i74NkOtLoNEirz2da8nmSQf3de/Ijd/QfEgAAB1ZetaKuv5tvLRbvJbMRf37/YP3/RiOOCev/ex+fu92cq1n/D1pb4fRbWLv0+cLVa9ffWr20dHF4cfjZ26cH7wzOnD979vxCea9kYSVSd0wAAAD4D/pVa9b/6eyj+//HG3FMWP9/8e3gq+Zcmfp/X/c3/brOBAAA4DDq70UvvPbH78k+ZyT9fny5tLZ2ZTA+7r0+PT62mu5jOlK1Zv2fzXadFQAAANCGnY3kgf3/C404Jtz/f/aHl39qjplFxLGIyxExPLl8eXShveVMtTZ+UbmcqN/1SgEAAOjKsao19//z8vn/dO+RhzQi3nx9HNd/62qS+j97/+sfm3M1n/8/094Sp1I6N74eZT8X0ZvrOiMAAAAOsqNVK4r93/KtxU9+Pv5h3/P/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG37KwAA//+cMzW5")
r0 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_inet_SIOCADDRT(r0, 0x890b, &(0x7f0000000140)={0x0, {0x2, 0x0, @dev}, {0x2, 0x0, @loopback}, {}, 0x2cd})

17:13:39 executing program 1:
prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)

17:13:39 executing program 2:
pipe2$watch_queue(&(0x7f0000000280)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x80)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000000)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, r0, 0x0, 0x2}, 0x48)

17:13:39 executing program 2:
bpf$BPF_PROG_QUERY(0x10, &(0x7f00000003c0)={@cgroup, 0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)

17:13:39 executing program 2:
prctl$PR_SET_SECCOMP(0x22, 0x0, &(0x7f0000000100)={0x0, 0x0})

17:13:39 executing program 1:
prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)

17:13:39 executing program 3:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

17:13:39 executing program 2:
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{}, {0x3d}, {0x6}]})

[ 1437.344935][   T28] audit: type=1326 audit(1701278020.037:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15515 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9fdb47cae9 code=0x0
17:13:40 executing program 1:
prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)

17:13:40 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_PIT2(0xffffffffffffffff, 0x4040ae77, &(0x7f0000000200))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000440)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e38e06c5fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b53606000000000000007c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df1001000000000694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde317fad4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c1ff53bf79a1f5c5dc34cf2645cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f580968af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28a774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a80047fe17dee6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb010100000000000001a047526865c888c9ff36056cc4ad258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d819164300"})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(0xffffffffffffffff, 0x8048ae66, 0x0)

17:13:40 executing program 4:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x0)
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

17:13:40 executing program 5:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
ioctl$KVM_GET_NESTED_STATE(0xffffffffffffffff, 0xc080aebe, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

[ 1438.104625][T15508] loop0: detected capacity change from 0 to 40427
17:13:41 executing program 3:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

17:13:41 executing program 1:
prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)

17:13:41 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_PIT2(0xffffffffffffffff, 0x4040ae77, &(0x7f0000000200))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000440)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e38e06c5fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b53606000000000000007c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df1001000000000694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde317fad4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c1ff53bf79a1f5c5dc34cf2645cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f580968af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28a774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a80047fe17dee6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb010100000000000001a047526865c888c9ff36056cc4ad258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d819164300"})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(0xffffffffffffffff, 0x8048ae66, 0x0)

17:13:41 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_PIT2(0xffffffffffffffff, 0x4040ae77, &(0x7f0000000200))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000440)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e38e06c5fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b53606000000000000007c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df1001000000000694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde317fad4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c1ff53bf79a1f5c5dc34cf2645cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f580968af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28a774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a80047fe17dee6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb010100000000000001a047526865c888c9ff36056cc4ad258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d819164300"})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(0xffffffffffffffff, 0x8048ae66, 0x0)

17:13:41 executing program 1:
prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)

[ 1439.352971][T15544] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (128 ns). Using initial count to start timer.
17:13:42 executing program 3:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

17:13:42 executing program 1:
prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)

[ 1439.623660][T15548] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (128 ns). Using initial count to start timer.
17:13:42 executing program 1:
prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)

17:13:42 executing program 5:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
ioctl$KVM_GET_NESTED_STATE(0xffffffffffffffff, 0xc080aebe, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

17:13:42 executing program 4:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

17:13:42 executing program 3:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

17:13:42 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_PIT2(0xffffffffffffffff, 0x4040ae77, &(0x7f0000000200))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000440)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e38e06c5fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b53606000000000000007c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df1001000000000694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde317fad4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c1ff53bf79a1f5c5dc34cf2645cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f580968af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28a774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a80047fe17dee6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb010100000000000001a047526865c888c9ff36056cc4ad258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d819164300"})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(0xffffffffffffffff, 0x8048ae66, 0x0)

17:13:42 executing program 1:
prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)

17:13:42 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_PIT2(0xffffffffffffffff, 0x4040ae77, &(0x7f0000000200))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000440)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e38e06c5fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b53606000000000000007c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df1001000000000694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde317fad4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c1ff53bf79a1f5c5dc34cf2645cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f580968af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28a774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a80047fe17dee6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb010100000000000001a047526865c888c9ff36056cc4ad258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d819164300"})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(0xffffffffffffffff, 0x8048ae66, 0x0)

17:13:43 executing program 3:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)

17:13:43 executing program 1:
prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)

17:13:43 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_PIT2(0xffffffffffffffff, 0x4040ae77, &(0x7f0000000200))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000440)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e38e06c5fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b53606000000000000007c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df1001000000000694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde317fad4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c1ff53bf79a1f5c5dc34cf2645cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f580968af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28a774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a80047fe17dee6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb010100000000000001a047526865c888c9ff36056cc4ad258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d819164300"})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(0xffffffffffffffff, 0x8048ae66, 0x0)

17:13:43 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_PIT2(0xffffffffffffffff, 0x4040ae77, &(0x7f0000000200))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000440)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e38e06c5fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b53606000000000000007c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df1001000000000694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde317fad4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c1ff53bf79a1f5c5dc34cf2645cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f580968af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28a774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a80047fe17dee6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb010100000000000001a047526865c888c9ff36056cc4ad258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d819164300"})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_PIT(0xffffffffffffffff, 0x8048ae66, 0x0)

17:13:43 executing program 3:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)

17:13:43 executing program 1:
prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)

[ 1441.259668][T15596] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (128 ns). Using initial count to start timer.
17:13:44 executing program 5:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
ioctl$KVM_GET_NESTED_STATE(0xffffffffffffffff, 0xc080aebe, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

17:13:44 executing program 3:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)

17:13:44 executing program 4:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

17:13:44 executing program 1:
prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)

17:13:44 executing program 2:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$UI_SET_PHYS(r0, 0x4008556c, 0x0)
ioctl$UI_SET_LEDBIT(r0, 0x40005504, 0x0)

17:13:44 executing program 2:
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000100)={0x1, &(0x7f00000000c0)=[{0x74, 0x0, 0x0, 0x7fb4}]})

17:13:44 executing program 3:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

17:13:44 executing program 2:
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
setrlimit(0x0, &(0x7f0000000440)={0x8, 0x5})
sched_setscheduler(0x0, 0x2, &(0x7f0000001700)=0x4)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000540)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x2000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
r2 = getpid()
ptrace$setregset(0x4205, r0, 0x0, &(0x7f0000000400)={&(0x7f0000000380)="9b6e75e5646d991f9df938ab6482e004374e4e96be3123650fb8265fa0318cffcd3e5cc318a9298444761a9c828ba59a1f8c91b5cfc8b0f03cfca3d8218261b825392072f1dc56", 0x47})
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
waitid(0x0, 0x0, 0x0, 0x8, 0x0)
setxattr$trusted_overlay_redirect(0x0, &(0x7f0000000680), &(0x7f0000000800)='./file0\x00', 0x8, 0x1)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x58, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="4000000010001fff000000000000f4f309000000", @ANYRES32=0x0, @ANYBLOB="81ffff0100000000180012800e0001007769726567756172640000000381028008000a00", @ANYRES32, @ANYBLOB], 0x40}}, 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/slabinfo\x00', 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000480)={&(0x7f00000005c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x1c, 0x1c, 0x2, [@int={0x0, 0x0, 0x0, 0x1, 0x0, 0x3b, 0x0, 0x8, 0x3}, @struct={0xc, 0x0, 0x0, 0x4, 0x0, 0x2}]}}, &(0x7f0000000740)=""/184, 0x36, 0xb8, 0x201}, 0x20)
r4 = syz_open_procfs(0x0, &(0x7f0000000180)='fd/3\x00')
ioctl$HIDIOCINITREPORT(r4, 0x4805, 0x0)
r5 = socket$inet6(0xa, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r5, 0x29, 0x20, &(0x7f00000000c0)={@rand_addr=' \x01\x00', 0x600, 0x0, 0x1, 0x1}, 0x20)

[ 1441.987486][T15629] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
17:13:44 executing program 1:
prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)

17:13:44 executing program 0:
clock_gettime(0x0, &(0x7f00000001c0))

17:13:44 executing program 3:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[ 1442.250084][T15629] wireguard0: entered promiscuous mode
[ 1442.303197][T15629] wireguard0: entered allmulticast mode
17:13:45 executing program 0:
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = dup(r0)
write$UHID_INPUT(r1, &(0x7f0000001040)={0xc, {"a2e3ad21ed0d52f91b3e090987f70e06d038e7ff7fc6e5539b326c078b089b0c08385d090890e0878f0e1ac6e7049b3367959b4b9a240a5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31070d076d0936cd3b78130daa61d8e809ea882f5802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1008892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928900d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b03000000cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c113d12a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571ebff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4804afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5136651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa34046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d789364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c220300000007b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e36bb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000900", 0x1000}}, 0x1006)

17:13:45 executing program 1:
prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x61, 0x0, 0x0)

17:13:45 executing program 3:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

17:13:45 executing program 4:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

17:13:45 executing program 2:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$sock_int(r0, 0x1, 0xc, &(0x7f0000000080), 0x4)

17:13:45 executing program 5:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
getpid()
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
ioctl$KVM_GET_NESTED_STATE(0xffffffffffffffff, 0xc080aebe, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

17:13:45 executing program 0:
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x3c}, {0x6}]})

17:13:46 executing program 1:
prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x61, 0x0, 0x0)

17:13:46 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r4 = dup(r3)
syz_kvm_setup_cpu$x86(r4, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0)

[ 1443.383994][   T28] audit: type=1326 audit(1701278026.087:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15656 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f988ba7cae9 code=0x0
17:13:46 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f0000000480)=ANY=[])

17:13:46 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

17:13:46 executing program 2:
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x4c}, {0x6}]})

17:13:46 executing program 1:
prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x61, 0x0, 0x0)

[ 1443.779226][   T28] audit: type=1326 audit(1701278026.467:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15670 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9fdb47cae9 code=0x0
17:13:46 executing program 2:
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{}, {0x4c}, {0x6}]})

17:13:46 executing program 5:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
getpid()
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
ioctl$KVM_GET_NESTED_STATE(0xffffffffffffffff, 0xc080aebe, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

[ 1444.069972][   T28] audit: type=1326 audit(1701278026.777:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15680 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9fdb47cae9 code=0x0
17:13:47 executing program 4:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

17:13:47 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_RUN(r2, 0x8004ae98, 0x20000000)

17:13:47 executing program 0:
syz_open_dev$loop(&(0x7f0000000000), 0x0, 0xc0)

17:13:47 executing program 1:
prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, 0x0}], 0x1, 0x61, 0x0, 0x0)

17:13:47 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

17:13:47 executing program 5:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
getpid()
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
ioctl$KVM_GET_NESTED_STATE(0xffffffffffffffff, 0xc080aebe, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

17:13:47 executing program 0:
bpf$BPF_PROG_QUERY(0x10, &(0x7f00000000c0)={@cgroup, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)

17:13:47 executing program 1:
prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)

17:13:47 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_RUN(r2, 0x8004ae98, 0x20000000)

17:13:47 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_RUN(r2, 0x8004ae98, 0x20000000)

17:13:47 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

17:13:47 executing program 5:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
process_vm_readv(0x0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
ioctl$KVM_GET_NESTED_STATE(0xffffffffffffffff, 0xc080aebe, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

17:13:48 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_RUN(r2, 0x8004ae98, 0x20000000)

17:13:48 executing program 1:
prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)

17:13:48 executing program 0:
setitimer(0x0, &(0x7f0000000300)={{}, {0x0, 0xffffffffffffad5f}}, 0x0)

17:13:48 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

17:13:48 executing program 5:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
process_vm_readv(0x0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
ioctl$KVM_GET_NESTED_STATE(0xffffffffffffffff, 0xc080aebe, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

17:13:48 executing program 4:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

17:13:48 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

17:13:48 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
writev(r0, &(0x7f0000000700)=[{&(0x7f0000000040)="5b0d21a8d72fab25b4a673368e098278641aaffb5fb489ef8fff34e2e6be5c8ba0ba72085cc98a89772291b49744870599ec9aa72a55a716645a87fc9be373b64546dbb69ca884e9f39b06d4e5cf7eae48227d10ebe97309c6731752ce19a2b960c5f2e13cae2c47601db2cfd3cc6428a183b30d087719de2b7132caf2461ddc08f73d65bc29dc0eb1c65a9e106751a67f", 0x91}], 0x1)

17:13:48 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

17:13:48 executing program 1:
prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)

17:13:48 executing program 0:
r0 = socket$unix(0x1, 0x1, 0x0)
setsockopt$sock_int(r0, 0xffff, 0x800, 0x0, 0x0)

17:13:49 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_RUN(r2, 0x8004ae98, 0x20000000)

17:13:49 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

17:13:49 executing program 0:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff})
bind(r0, &(0x7f0000000080)=@un=@abs={0x0, 0x0, 0x3}, 0x8)

17:13:49 executing program 0:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
shutdown(r0, 0x1)

17:13:49 executing program 5:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
process_vm_readv(0x0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
ioctl$KVM_GET_NESTED_STATE(0xffffffffffffffff, 0xc080aebe, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

17:13:49 executing program 1:
r0 = socket$unix(0x1, 0x1, 0x0)
setsockopt$sock_int(r0, 0xffff, 0x4, &(0x7f0000000180), 0x0)

17:13:49 executing program 4:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

17:13:49 executing program 0:
r0 = socket$unix(0x1, 0x1, 0x0)
setsockopt$sock_int(r0, 0xffff, 0x1002, 0x0, 0x0)

17:13:49 executing program 2:
r0 = open(&(0x7f0000000080)='./file0\x00', 0x205, 0x0)
fcntl$lock(r0, 0x8, &(0x7f0000000280)={0x0, 0x2, 0x0, 0x1000301010005})
r1 = open(&(0x7f00000000c0)='./file0\x00', 0x205, 0x0)
fcntl$lock(r1, 0x8, &(0x7f0000000280)={0x0, 0x0, 0x1, 0x1000301010005})
r2 = open(&(0x7f00000000c0)='./file0\x00', 0x205, 0x0)
fcntl$lock(r2, 0x8, &(0x7f0000000280)={0x0, 0x0, 0x1ff, 0x1000301010008})

17:13:49 executing program 1:
syz_emit_ethernet(0x32, &(0x7f0000000080)={@broadcast, @random="958cdf5fda34", @val, {@ipv4}}, 0x0)

17:13:49 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

17:13:49 executing program 5:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
ioctl$KVM_GET_NESTED_STATE(0xffffffffffffffff, 0xc080aebe, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

17:13:50 executing program 2:
r0 = socket$unix(0x1, 0x1, 0x0)
setsockopt$sock_int(r0, 0xffff, 0x100, &(0x7f0000000180), 0x4)

17:13:50 executing program 1:
socket$unix(0x1, 0xd1511ba017e71b4f, 0x0)

17:13:50 executing program 0:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040))
mprotect(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0)

17:13:50 executing program 2:
r0 = socket$inet(0x2, 0x1, 0x0)
setsockopt$inet_opts(r0, 0x0, 0x1, &(0x7f0000000140)='O', 0x1)

17:13:50 executing program 2:
madvise(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x0)
munmap(&(0x7f0000ff8000/0x6000)=nil, 0x6000)

17:13:50 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

17:13:51 executing program 4:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r0 = getpid()
process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r1, 0xae80, 0x0)

17:13:51 executing program 0:
syz_emit_ethernet(0xe, &(0x7f0000000000)={@broadcast, @remote}, 0x0)

17:13:51 executing program 1:
r0 = socket(0x2, 0x3, 0x0)
listen(r0, 0x0)

17:13:51 executing program 2:
clock_gettime(0x4, &(0x7f00000005c0))

17:13:51 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

17:13:51 executing program 2:
pipe(&(0x7f0000000000)={<r0=>0xffffffffffffffff})
r1 = socket$inet(0x2, 0x2, 0x0)
poll(&(0x7f0000000100)=[{r1}], 0x1, 0x0)
dup2(r0, r1)

17:13:51 executing program 0:
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000100)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x5}, 0x48)

17:13:51 executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f00000027c0)=@raw={'raw\x00', 0x9, 0x3, 0x2c8, 0x0, 0xffffffff, 0xffffffff, 0x108, 0xffffffff, 0x230, 0xffffffff, 0xffffffff, 0x230, 0xffffffff, 0x3, 0x0, {[{{@uncond, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@ah={{0x30}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'syz0\x00', 'syz1\x00'}}}, {{@uncond, 0x0, 0xc8, 0x128, 0x0, {}, [@inet=@rpfilter={{0x28}}, @common=@addrtype={{0x30}}]}, @common=@SET={0x60}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x328)

17:13:51 executing program 5:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
ioctl$KVM_GET_NESTED_STATE(0xffffffffffffffff, 0xc080aebe, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

17:13:51 executing program 0:
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
getsockopt$inet6_mptcp_buf(r0, 0x11c, 0x3, 0x0, &(0x7f0000000000))

17:13:51 executing program 3:
openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)

[ 1448.946149][T15830] x_tables: duplicate underflow at hook 3
17:13:51 executing program 2:
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_sctp_SCTP_I_WANT_MAPPED_V4_ADDR(r0, 0x84, 0xc, &(0x7f00000011c0)=0x800, 0x4)

17:13:52 executing program 2:
bpf$OBJ_PIN_PROG(0x6, 0x0, 0x0)
syz_genetlink_get_family_id$wireguard(0x0, 0xffffffffffffffff)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(0xffffffffffffffff, 0x84, 0x76, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000fc0)={{}, &(0x7f0000000f40), &(0x7f0000000f80)}, 0x20)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f00000027c0)=@raw={'raw\x00', 0x9, 0x3, 0x240, 0x0, 0xffffffff, 0xffffffff, 0x108, 0xffffffff, 0x230, 0xffffffff, 0xffffffff, 0x230, 0xffffffff, 0x3, 0x0, {[{{@uncond, 0x0, 0x70, 0xd8}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x6, 0x0, 0x0, 'syz0\x00', 'syz1\x00'}}}, {{@uncond, 0x0, 0x70, 0xd0}, @common=@SET={0x60, 'SET\x00', 0x0, {{0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x2], 0x4}, {0x2, [0x0, 0x2, 0x2]}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x2a0)

17:13:52 executing program 1:
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000540)=@o_path={&(0x7f0000000500)='./file0\x00'}, 0x18)
syz_genetlink_get_family_id$wireguard(&(0x7f00000005c0), 0xffffffffffffffff)
sendmsg$WG_CMD_SET_DEVICE(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000640)={0x0}}, 0x24004000)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_EVENTS(0xffffffffffffffff, 0x84, 0xb, &(0x7f0000000a80), 0x0)
bpf$BPF_PROG_ATTACH(0x8, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffffff, 0x84, 0xa, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_MAXSEG(0xffffffffffffffff, 0x84, 0xd, &(0x7f0000000e00), 0x4)
getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(0xffffffffffffffff, 0x84, 0x73, &(0x7f0000000e40)={0x0, 0x1, 0x20}, &(0x7f0000000e80)=0x18)
getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(0xffffffffffffffff, 0x84, 0x76, &(0x7f0000000ec0)={0x0, 0x401}, &(0x7f0000000f00)=0x8)
getsockopt$inet_sctp6_SCTP_PEER_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1a, 0x0, &(0x7f00000019c0))
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f00000027c0)=@raw={'raw\x00', 0x9, 0x3, 0x2c8, 0x0, 0xffffffff, 0xffffffff, 0x108, 0xffffffff, 0x230, 0xffffffff, 0xffffffff, 0x230, 0xffffffff, 0x3, &(0x7f0000002780), {[{{@uncond, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@ah={{0x30}, {[0x5]}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x6, 0x0, 0x0, 'syz0\x00', 'syz1\x00', {0x7ff}}}}, {{@uncond, 0x0, 0xc8, 0x128, 0x0, {}, [@inet=@rpfilter={{0x28}, {0x6}}, @common=@addrtype={{0x30}, {0x222, 0x4, 0x1}}]}, @common=@SET={0x60, 'SET\x00', 0x0, {{0x0, [0x627ec71bf0af0d0d, 0x1, 0x6, 0x0, 0x0, 0x2]}, {0x2, [0x0, 0x2, 0x0, 0x2, 0x6, 0x1], 0x3}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x328)

17:13:52 executing program 4:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r0 = getpid()
process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r1, 0xae80, 0x0)

17:13:52 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f00000027c0)=@raw={'raw\x00', 0x9, 0x3, 0x240, 0x0, 0xffffffff, 0xffffffff, 0x108, 0xffffffff, 0x230, 0xffffffff, 0xffffffff, 0x230, 0xffffffff, 0x3, 0x0, {[{{@uncond, 0x0, 0x70, 0xd8}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'syz0\x00', 'syz1\x00'}}}, {{@uncond, 0x0, 0x70, 0xd0}, @common=@SET={0x60}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x2a0)

17:13:52 executing program 3:
openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)

[ 1449.641919][T15844] x_tables: duplicate underflow at hook 3
17:13:52 executing program 0:
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000a40)={0xffffffffffffffff, 0x0, 0x0}, 0x10)

17:13:52 executing program 3:
openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)

17:13:52 executing program 1:
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@bloom_filter={0x1e, 0x0, 0x2, 0x1, 0x0, 0x1}, 0x48)

17:13:53 executing program 5:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
ioctl$KVM_GET_NESTED_STATE(0xffffffffffffffff, 0xc080aebe, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

17:13:53 executing program 2:
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000007c0)={0x6, 0x17, &(0x7f00000004c0)=@raw=[@cb_func, @func, @tail_call, @cb_func, @snprintf], &(0x7f00000006c0)='GPL\x00'}, 0x90)

17:13:53 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

17:13:53 executing program 0:
socketpair$tipc(0x1e, 0x0, 0x0, &(0x7f0000000080))

17:13:53 executing program 1:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmsg$inet6(r0, &(0x7f0000000840)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001000)=ANY=[@ANYBLOB='@'], 0x2c8}, 0x0)

17:13:53 executing program 0:
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000000640), 0x4)

[ 1450.619519][T15873] sctp: [Deprecated]: syz-executor.0 (pid 15873) Use of int in maxseg socket option.
[ 1450.619519][T15873] Use struct sctp_assoc_value instead
17:13:53 executing program 4:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r0 = getpid()
process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r1, 0xae80, 0x0)

17:13:53 executing program 1:
bpf$BPF_PROG_GET_NEXT_ID(0xb, &(0x7f00000001c0)={0x1d8}, 0x8)

17:13:53 executing program 2:
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
getsockopt$inet_sctp_SCTP_RTOINFO(r0, 0x84, 0xf, 0x0, &(0x7f0000000ec0))

17:13:53 executing program 0:
socketpair(0x30, 0x80000, 0x0, &(0x7f0000000a40))

17:13:53 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

17:13:53 executing program 2:
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_REM(r0, 0x84, 0x65, &(0x7f0000001000)=[@in6={0xa, 0x0, 0x0, @private2}], 0x1c)

17:13:54 executing program 5:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
ioctl$KVM_GET_NESTED_STATE(0xffffffffffffffff, 0xc080aebe, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

17:13:54 executing program 2:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x42241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="000008000304000010"], 0xfdef)

17:13:54 executing program 1:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg(r0, &(0x7f00000033c0)=[{{&(0x7f0000000140)=@in={0x2, 0x0, @local}, 0x80, &(0x7f0000000840)=[{&(0x7f00000001c0)="8e", 0x1}], 0x1, &(0x7f0000000900)=[{0x28, 0x0, 0x0, "ab54ce017dabc8569da746bed232c42171"}], 0x28}}], 0x1, 0xc0)

17:13:54 executing program 0:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_buf(r0, 0x6, 0x2, &(0x7f0000000000)="d49fcdf0", 0x4)

17:13:54 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

17:13:54 executing program 0:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, 0xfffffffffffffffd, 0x0)

17:13:55 executing program 4:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r1 = getpid()
process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

17:13:55 executing program 1:
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendmsg$inet6(r0, &(0x7f0000000440)={&(0x7f0000000000)={0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, 0x1c, &(0x7f0000000040)=[{&(0x7f0000000080)="ad", 0x1}], 0x1}, 0x0)

17:13:55 executing program 0:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet6_int(r0, 0x29, 0x46, 0x0, &(0x7f0000000040))

17:13:55 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

17:13:55 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c)

17:13:55 executing program 2:
pipe(&(0x7f0000000200))

17:13:55 executing program 0:
socket$inet6_tcp(0xa, 0x1, 0x0)
unshare(0x42000000)

17:13:55 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

17:13:55 executing program 2:
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet6_IPV6_RTHDR(r0, 0x29, 0x39, &(0x7f0000000000), 0x8)

17:13:55 executing program 5:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
ioctl$KVM_GET_NESTED_STATE(0xffffffffffffffff, 0xc080aebe, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

17:13:55 executing program 2:
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff})
setsockopt$TIPC_MCAST_BROADCAST(r0, 0x10f, 0x85)

17:13:55 executing program 2:
r0 = socket$l2tp6(0xa, 0x2, 0x73)
connect$l2tp6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, 0x20)

17:13:56 executing program 4:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r1 = getpid()
process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

17:13:56 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$devlink(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_PORT_SPLIT(r0, &(0x7f00000005c0)={&(0x7f0000000380), 0xc, &(0x7f0000000580)={&(0x7f0000000400)={0x44, r1, 0x1, 0x0, 0x0, {}, [{{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x77}}, {0x8}}]}, 0x44}}, 0x0)

17:13:56 executing program 2:
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_sctp_SCTP_I_WANT_MAPPED_V4_ADDR(r0, 0x84, 0xc, &(0x7f00000011c0), 0x4)

17:13:56 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

17:13:56 executing program 0:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2f, &(0x7f0000000040)={0xfff, {{0xa, 0x0, 0x0, @mcast1}}, {{0xa, 0x0, 0x0, @mcast1}}}, 0x108)

17:13:56 executing program 0:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000001100)={'gretap0\x00', 0x0})

17:13:56 executing program 2:
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendmsg$inet6(r0, &(0x7f0000000480)={&(0x7f0000000240)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c, &(0x7f0000000340)=[{&(0x7f0000000280)="8d", 0x1}], 0x1}, 0x0)

17:13:56 executing program 1:
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f00000001c0)={<r0=>0xffffffffffffffff})
getsockopt$inet_sctp6_SCTP_INITMSG(r0, 0x84, 0x2, &(0x7f0000000200), &(0x7f0000000240)=0x8)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
getsockopt$inet_sctp6_SCTP_INITMSG(0xffffffffffffffff, 0x84, 0x2, 0x0, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f0000000640), 0x4)

17:13:56 executing program 0:
r0 = socket$inet6(0xa, 0x3, 0x4)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, 0x0, 0x0)

[ 1453.991197][T15961] sctp: [Deprecated]: syz-executor.1 (pid 15961) Use of int in maxseg socket option.
[ 1453.991197][T15961] Use struct sctp_assoc_value instead
17:13:56 executing program 5:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
ioctl$KVM_GET_NESTED_STATE(0xffffffffffffffff, 0xc080aebe, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

17:13:56 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
openat$btrfs_control(0xffffffffffffff9c, 0x0, 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

17:13:56 executing program 0:
r0 = add_key$user(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x3}, &(0x7f0000000080)='M', 0x1, 0xfffffffffffffffb)
r1 = add_key$user(&(0x7f0000000100), &(0x7f0000000140)={'syz', 0x1}, &(0x7f0000000180)="61c85d8d190cc2783c902dbc1eaa68d661a80075b7e674fea196d2f8c94de8fe", 0x20, 0xfffffffffffffffc)
r2 = add_key$user(&(0x7f0000000280), &(0x7f00000002c0)={'syz', 0x0}, &(0x7f0000000300)="85", 0x1, 0xfffffffffffffffb)
keyctl$dh_compute(0x17, &(0x7f0000000340)={r0, r1, r2}, 0x0, 0x0, 0x0)

17:13:57 executing program 4:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r1 = getpid()
process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

17:13:57 executing program 1:
r0 = io_uring_setup(0x40cc, &(0x7f0000000300))
io_uring_register$IORING_REGISTER_PBUF_RING(r0, 0x16, &(0x7f0000000000)={&(0x7f0000001000)={[{0x0}]}, 0x1}, 0x1)

17:13:57 executing program 0:
r0 = add_key$user(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x3}, &(0x7f0000000080)='M', 0x1, 0xfffffffffffffffb)
r1 = add_key$user(&(0x7f0000000100), &(0x7f0000000140)={'syz', 0x1}, &(0x7f0000000180)="61c85d8d190cc2783c902dbc1eaa68d661a80075b7e674fea196d2f8c94de8fe", 0x20, 0xfffffffffffffffc)
r2 = add_key$user(&(0x7f0000000280), &(0x7f00000002c0)={'syz', 0x0}, &(0x7f0000000300)="85", 0x1, 0xfffffffffffffffb)
keyctl$dh_compute(0x17, &(0x7f0000000340)={r0, r1, r2}, 0x0, 0x0, 0x0)

17:13:57 executing program 2:
r0 = add_key$user(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x3}, &(0x7f0000000080)='M)', 0x2, 0xfffffffffffffffb)
r1 = add_key$user(&(0x7f0000000100), &(0x7f0000000140)={'syz', 0x1}, &(0x7f0000000180)="61c85d8d190cc2783c902dbc1eaa68d661a80075b7e674fea196d2f8c94de8fe1a5e8eef81226c08d73e9139f0516d9e9c95a0217b5ccf89b3cdfcce6c3ffd38609e2ae0e6285eff142633db108ee48b6f84434222fdcec43d90a216d858d1810b6a962a511989b254f58e2a22dbb761bc1b072a3c8af1639f35d6275d1d45f456d0f87c3202f1bd912f48b7d740c099919ecd121e1dc6cd268e92ab391eb8d79a64e70437f27bd808b00224b7677cc2c44c0109c0978161cde08ea8f709b676", 0xc0, 0xfffffffffffffffc)
r2 = add_key$user(&(0x7f0000000280), &(0x7f00000002c0)={'syz', 0x0}, &(0x7f0000000300)="850c77718e3555a861a8386a0648ead8a9a6ea52f0e9af4d", 0x18, 0xfffffffffffffffb)
keyctl$dh_compute(0x17, &(0x7f0000000340)={r0, r1, r2}, &(0x7f0000000380)=""/217, 0xd9, 0x0)

17:13:57 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
openat$btrfs_control(0xffffffffffffff9c, 0x0, 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

17:13:57 executing program 0:
r0 = syz_open_dev$sndpcmc(&(0x7f0000000040), 0x0, 0x0)
mmap$snddsp_control(&(0x7f0000ffd000/0x3000)=nil, 0x1000, 0x1, 0x12, r0, 0x83000000)

17:13:57 executing program 2:
unshare(0x40000400)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
unshare(0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$IPVS_CMD_NEW_DAEMON(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000840)={0x3c, r1, 0x1, 0x0, 0x0, {}, [@IPVS_CMD_ATTR_DAEMON={0x28, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'sit0\x00'}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}]}]}, 0x3c}}, 0x0)

17:13:57 executing program 1:
r0 = socket$igmp(0x2, 0x3, 0x2)
getsockopt$inet_mreqn(r0, 0x0, 0x20, 0x0, &(0x7f00000001c0))

17:13:58 executing program 0:
r0 = syz_open_dev$sndpcmc(&(0x7f0000000040), 0x0, 0x0)
ioctl$SNDRV_PCM_IOCTL_HW_REFINE_OLD(r0, 0xc1004110, &(0x7f0000000300)={0x0, [0x7, 0x54ed, 0x800], [{}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]})

17:13:58 executing program 5:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
ioctl$KVM_GET_NESTED_STATE(0xffffffffffffffff, 0xc080aebe, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

17:13:58 executing program 1:
openat$capi20(0xffffffffffffff9c, &(0x7f0000001580), 0x0, 0x0)

17:13:58 executing program 0:
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1, 0x200000005c831, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000f67fe4)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}}, 0x1c)
r1 = socket$inet6(0xa, 0x2, 0x0)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_inet6_SIOCDELRT(r2, 0x890c, &(0x7f0000000000)={@ipv4={'\x00', '\xff\xff', @loopback}, @private2, @loopback})
setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000d1c000), 0x4)

17:13:59 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
openat$btrfs_control(0xffffffffffffff9c, 0x0, 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

17:13:59 executing program 0:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000240)={'wlan1\x00', <r1=>0x0})
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_HARDIF(0xffffffffffffffff, 0x0, 0x0)
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000240), 0xc, &(0x7f00000002c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="00012abd7000ffdbdf250a00000006002800020000000500300000000000080032"], 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f0000000280), 0xc, 0x0}, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_FRAME(r3, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="48040000", @ANYRES16=r2, @ANYBLOB="01e5ffb517ff000004003b1c210008000300", @ANYRES32=r1, @ANYBLOB="2c0433005000de295b3acba52ee4080211000001505050505050"], 0x448}}, 0x0)

17:13:59 executing program 1:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000600)=ANY=[@ANYBLOB="38000000240007750000004007a2a30005000000", @ANYRES32=r4, @ANYBLOB="00000000ffffffff00000000090001006866736300000000080002"], 0x38}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000032c0)=ANY=[@ANYBLOB="6800000028002705000800e0ffffffffffffff00", @ANYRES32=r4, @ANYBLOB="040000000c000000000000000b0001006367726f75700000380002"], 0x68}}, 0x0)

17:13:59 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

[ 1456.319646][T16003] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'.
17:13:59 executing program 1:
r0 = add_key$user(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x3}, &(0x7f0000000080)='M', 0x1, 0xfffffffffffffffb)
r1 = add_key$user(&(0x7f0000000100), &(0x7f0000000140)={'syz', 0x1}, &(0x7f0000000180)="61c85d8d190cc2783c902dbc1eaa68d661a80075b7e674fea196d2f8c94de8fe1a5e8eef81226c08d73e9139f0516d9e9c95a0217b5ccf89b3cdfcce6c3ffd38609e2ae0e6285eff142633db108ee48b6f84434222fdcec43d90a216d858d1810b6a962a511989b254f58e2a22dbb761bc1b072a3c8af1639f35d6275d1d45f456d0f87c3202f1bd912f48b7d740c099919ecd121e1dc6cd268e92ab391eb8d79a64e70437f27bd808b00224b7677cc2c44c0109c0978161cde08ea8f709b676", 0xc0, 0xfffffffffffffffc)
r2 = add_key$user(&(0x7f0000000280), &(0x7f00000002c0)={'syz', 0x0}, &(0x7f0000000300)="850c77718e3555a861a8386a0648ea", 0xf, 0xfffffffffffffffb)
keyctl$dh_compute(0x17, &(0x7f0000000340)={r0, r1, r2}, 0x0, 0x0, 0x0)

17:13:59 executing program 0:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000240)={'wlan1\x00', <r1=>0x0})
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_HARDIF(0xffffffffffffffff, 0x0, 0x0)
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000240), 0xc, &(0x7f00000002c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="00012abd7000ffdbdf250a00000006002800020000000500300000000000080032"], 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f0000000280), 0xc, 0x0}, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_FRAME(r3, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="48040000", @ANYRES16=r2, @ANYBLOB="01e5ffb517ff000004003b1c210008000300", @ANYRES32=r1, @ANYBLOB="2c0433005000de295b3acba52ee4080211000001505050505050"], 0x448}}, 0x0)

[ 1457.100575][T15988] IPVS: You probably need to specify IP address on multicast interface.
[ 1457.145058][T15988] IPVS: Error connecting to the multicast addr
17:14:00 executing program 2:
unshare(0x40000400)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
unshare(0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$IPVS_CMD_NEW_DAEMON(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000840)={0x3c, r1, 0x1, 0x0, 0x0, {}, [@IPVS_CMD_ATTR_DAEMON={0x28, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'sit0\x00'}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}]}]}, 0x3c}}, 0x0)

17:14:00 executing program 0:
r0 = io_uring_setup(0x2ec, &(0x7f0000000240))
socket$inet(0x2, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_RING_FDS(r0, 0x15, &(0x7f0000000900)=[{0x0, 0x0, 0x0, 0x0, 0x0}], 0x1)

17:14:00 executing program 5:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
ioctl$KVM_GET_NESTED_STATE(0xffffffffffffffff, 0xc080aebe, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

17:14:00 executing program 1:
r0 = add_key$user(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x3}, &(0x7f0000000080)='M', 0x1, 0xfffffffffffffffb)
r1 = add_key$user(&(0x7f0000000100), &(0x7f0000000140)={'syz', 0x1}, &(0x7f0000000180)="61c85d8d190cc2783c902dbc1eaa68d661a80075b7e674fea196d2f8c94de8fe1a5e8eef81226c08d73e9139f0516d9e9c95a0217b5ccf89b3cdfcce6c3ffd38609e2ae0e6285eff142633db108ee48b6f84434222fdcec43d90a216d858d1810b6a962a511989b254f58e2a22dbb761bc1b072a3c8af1639f35d6275d1d45f456d0f87c3202f1bd912f48b7d740c099919ecd121e1dc6cd268e92ab391eb8d79a64e70437f27bd808b00224b7677cc2c44c0109c0978161cde08ea8f709b676", 0xc0, 0xfffffffffffffffc)
r2 = add_key$user(&(0x7f0000000280), &(0x7f00000002c0)={'syz', 0x0}, &(0x7f0000000300)="850c77718e3555a861a8386a0648ead8a9a6ea52f0e9af4d60b6c67058a884d3d5", 0x21, 0xfffffffffffffffb)
keyctl$dh_compute(0x17, &(0x7f0000000340)={r0, r1, r2}, &(0x7f0000000380)=""/217, 0xd9, 0x0)

17:14:00 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

17:14:00 executing program 1:
r0 = add_key$user(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x3}, &(0x7f0000000080)="4d298e8c2d17fa0ac82373a014", 0xd, 0xfffffffffffffffb)
r1 = add_key$user(&(0x7f0000000100), &(0x7f0000000140)={'syz', 0x1}, &(0x7f0000000180)="61c85d8d190cc2783c902dbc1eaa68d661a80075b7e674fea196d2f8c94de8fe1a5e8eef81226c08d73e9139f0516d9e9c95a0217b5ccf89b3cdfcce6c3ffd38609e2ae0e6285eff142633db108ee48b6f84434222fdcec43d90a216d858d1810b6a962a511989b254f58e2a22dbb761bc1b072a3c8af1639f35d6275d1d45f456d0f87c3202f1bd912f48b7d740c099919ecd121e1dc6cd268e92ab391eb8d79a64e70437f27bd808b00224b7677cc2c44c0109c0978161cde08ea8f709b676", 0xc0, 0xfffffffffffffffc)
r2 = add_key$user(&(0x7f0000000280), &(0x7f00000002c0)={'syz', 0x0}, &(0x7f0000000300)="85", 0x1, 0xfffffffffffffffb)
keyctl$dh_compute(0x17, &(0x7f0000000340)={r0, r1, r2}, 0x0, 0x0, 0x0)

17:14:00 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

17:14:00 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

17:14:00 executing program 1:
r0 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
socket$inet6(0xa, 0x0, 0x0)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x0, 0x0, 0x0)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x0, 0x0, 0x0)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x0, 0x0, 0x0)
mmap(&(0x7f00009ff000/0x600000)=nil, 0x600000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
setsockopt$inet6_MCAST_MSFILTER(0xffffffffffffffff, 0x29, 0x30, 0x0, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0xfffffeffffff7ffe, &(0x7f0000000140)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x0)
sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0)
sendto$inet6(r0, &(0x7f0000000300)="c20f0d278934358545ad914303ca8e5623f4e94f7757310aeb9be547737e99f4d69e56a1b04760ce19b9c49cf49899da97f06ed548da74c59c3b2b4accc8ab42b6692fd338754fa39cf2b1b3023087f14795eb9428d6b88dbcad93e31f408f29794fdd045cb7d20b50c90faf7c88f2d810cdf1f8a844ce26c88d35ffe1db7a32ed6414244405f5554171e7d8641ade39454166936a84fa7f36e277ce1c53f4078dfe0bde514650611ce4c369ecc034f452eff839a6d4ed0e75c47fbb9a865eaf3d464c10fb5ec0873cda96608db92b5cb5691303f236e4200628056c30a501276567fb2ea522967d39c4b463622152dd8b6ca76c9192998eaeafd36fb07caeee73a4a311f9b24a1004ec9d3625b0b79060199c9b4849e912b7c63fcb85f3ecd752425fc8afb417394ed9cecc4cd51eefb1f6304aecb16fd328d1cc98223b2a34a8392383ec2781d766e674333bdb08dcfbada438217fbd1a133bd484cc8690f197784a09937b2b14e2d5472c7e6ce53745768bf229d3049d79ba2df079f57223773abe9d54c27c6464b59a0936b03b3c01b388d47fdf657357cca707d72a4c679c33d8b8edadecbbd72a9baa6f146c84e924db435186cc135a9c1343d248132e38c6ee52909bd989f8116bebbc271f0513af53e4354c719380625dbd5e89264dc9716fa64db17807f2f72d6fa8b58360c372f3a6e8d22c18b4b1c5de94ea4917ba8dae90a8b0c72d3629cb72bd96748803a61b66f4064c9090354352b054e29a97342704393033429211d51c491cc1d8e34b27a3d526f31dd3d4fd21e782698efcbd0e2e8c55e28ed06e1064d0170a33587aacf8effd7d36ae9451caa541a9cbeb08d52d6d560403c7a57ed74f5bdcb3e580c7c261c58517afc81cbbab1861bcd69c183b398aa11d573e57218912d00914e50f0777c887199f90ff67d1e1f3f1a63086c14acf830165097faa385e1b94fd87c8018fa53ba8696b0ebaebfe3ee6d4c62937fa24921ddc6a4c8fcbc42023fb29bf96975fc1a2172e114dc7365a0d6a27d497ea2ba1b304673ac2d83dc26c8e3005da2b4730afea6ac54ac29cbd115fce5144ed383348fd781ab19ec9de9c07b2c6556596be3df2b5e465f91c46b2cf50b717c5b58d886b2695d10cdbb09803ab381a3a1d513a6a977d05c24a44263fde79cdc66ca32ce2883760433a5ff4faa329a0c126e4903ea3dec1e07e057dd8fb8ba5ab390e81234bca767a5dd209e588a41d765668bcca077003cb3b332ef54549777678fed3f17d946990ca0812b207e704eda95dcaee23d6795db34779433869fb2ef9a0eeff13c43a42dabeee9f4a69a74008ea973c3a8e4c30c850b30d48915b7cbbba1e7db1988d27d036845c5fb8520bfec10bd70a5bc5853ee8985db9c7135813c32657b13747fd02735bc0f3fc54774f9ef97fac6f12ec24a55fa066e8f387170208da8615355e2e21a7363b11a3cab94b8ee411bbecf9b1f71662f50557f03e1fb64e5da0a18c18225a612235ed6337480debc9e4f45a32297a09735285cbb3254431980626bb46ab07993284629ff28558dea766cc4a8c511982a934d25088531aba09169c5855070924f36180abf8ca9fb6669e7bca5df76a3e0d8ddd4eaa99fbce9f24b91f8d1316791de91f9d6a96d2a8ee9f7bebf95804d0c136745acf372e38ff88a69167e79ff3ef3058f9ab2f4e8250de697ceca6a9f67477d6fe450bb23cba11dda80c7b3634d50bf22002d269e69a6c43a6888d0d20759bf2dcac1c18492f2ce4d85547fd7e6dc03fdbe02c63b656190929f1f4198b46b44623fa500402ff56a87107b9a3e668687899c3c06b73e94000349c14f56d5f730cc75cd628f931a187b11ad4f240218c9cb6b1e036e560aa68d8e7258d8236ba1f1805ea4d75258bbc321c9eb7aa0f4d7eccfb630faff7e3c8c278570bd5ea77719bd33b83d1f8580496282859cc48fe99680ec546cf9f6e10b89f08d659dc0b2636398135c64c37aa567bf5fb157627c8fa9fe404924ba4e60363b353f4f3eaaf8b4197785ae04ee3b64aee53a8f961f79a3e6076d217c1692596e5bf9a7f94dc92072c53994dc658c74ff68c329a92ee2d6602d6b9acbedd19db3b717b7d4c816b1fd6c3e77a03fd0eae9a40140779899b3a770b3c20a889971fce8b35e768ef387cce2c777b915ce4e7df9463f5eef54e0e918d3e904c8770c1bbc6eb77c3e43353e13d1c0b7667d06b20715526b17e0b8968ae3254f626c59ab232ac0835e5b07ad838e81ca7a86a4b42e5807e8a316eb7fe6afae53877e1d87b3e1e9302d595cf033e95c42d42f7e31f8d46e78d412be66120948ce552b68d3f8b4fd1a0eed888c514a37040fb28dbf96af88ec96e5d7e476cfeaa4092dd80f5fe6f67fbf27c20e3169d9971602caf6a4d8679558aa2119a751fc1ad9870086370fcdcccb280ee591a7fe8b319be2d9f0ab3fb0040d45ca6e3b938c991b5beb93499bf77e098c662d075dd66dd6a2df2b48f649ce9ec01f17eb287f6eef766b26b014a7cd459d368b00bc4c73af17fbec17b663f619b68ca517d55e50e498b91d609dbcbec3a5ac0cd47506ef493ecf7ef9bf66ae3e706bcc7d8894f1cf05e7841e6f1198e2b27a1b2dd5e39cf7b0d97319f6d4711c6ddde8f8e0226d19a5f65ce2c35c5ae2bbfbb016a518ea97f9a7b62a7860b9c98563b7727d6c462df0cd98dedb9f3559e020f5b513513976c8a8080addb6e57a0b9beaa744ed818e24e687ca0b3aee27448ccbd918a6773ae7c37a00ebce5c8eee030930e806234d884ba4038feebf05ddd946b6d78c543c198612fb9fa7634c1463428b9eef86cb9c703f9e6be22367a55926c2ff1e31f0caabaceaac08872807dcbf41c1ac46a411e80e7a87a14282b837a4c5e016aac38e5ba5a6463421612ba493ac7cd2decd0d63e58410f43d169c8bb649f44aeac5d3f17c3709bc9f9533d307a7a062d87d0ce5e726de778d502bdcaa441db875dcb8a9e8c49607ab5c8a233ded286e8d1ee4a98cd18085c808d9409560a205f0bb979f3c9c31b2a13bcbd4cfa91b6d8fe6a3a6167da6a6b3eef799358829e3e95cd007d2eb49e38fede07b042b0485bd9311fbd2c89e3c11ed179f1a7c71cf743642533e9fa2ae41d9972b2c6a3ca01484c2abb563311927b97f21ec6573bc25918f8110028c63f16d7bffd29f753cb7bd00124b00159e94ebd875ad899f9e92148b331fc88b02d80b5c1c290177083c0a002a92936a6b304936393688e8e7af019ac6b0760fd04b63ac5f89a0d0b99dab49c56b6373116c2056bd4c9227be7ec1970e1f2544150172d10ab759c68d5646b1673b083e87b62c0b60da658e0e397b4c283edd70ad164d7f43c7c2b38ca7ec47df6a0d7c534d48931523fa29ac0d950ac0c13335769f8e957e686abf02fa8974a4ffca48f08656e7d8a944affab6beb622afc5e444e5345ac416ce1d2ba2ef34641641fcd2d632680b98ea1e917d7e6c9505c99d0f487fcb00880a9eeee91a2c9f3601fbfd810dc55731d17317381e3c78c62dc3fad2ad1d269469c1b9da265f185feba1c1bde19e71a4e5e0bea38065081d28c6fb189087c32cf277212cc6fb12fd1af3692a1c9817f531b7ee4323cd7a3b8e61c6ea2e4c3f6a1e8f0c35374d3eda3054bee6293ce306613d24f5b7316cc10b1ae66d70839948eb71be7a0b31d69c7b07777cb6dc07ddb667f88e20f25e51e710c5bfbdf8baa2ac11c4a25b635a92b68eb32fce851409b7d96e403647ed85a0419db468ed36b1a0cd08691b08f054d237629d3c1a4bb85ca5a9c8ce7ae0ec0976e885ca29ff7049a77867b3a49d597e4d71a50110f508247682f85b992d38bc49982f6065a5e8c1589bb05227f966964f651811c050613a109faa70b9593b77c4ad395cd294f05d3ef30debb452f67cc487e9da4652aebe4dbb06ba2e320399df21bfae5c929ca97bae41b58c37d0ab54d8e8303f923faec1eb576f2a39b29fc94532c147c48221e1cc7305df72ed7c97897059403894eddab4adc4b86d415694562c62191f827b9de4e1f5c98c7cd6a9afc235e63112e88a13c2f53e419f277def82d8d2f51944bea4028e5b84f1cc42510ee5f73f339b83b0d64d1213c0a296da16dc1e0ec4ea71770999fba35108b1adce0b2639c8e95f3bca00191815a8e748e57e36d1958eda0be07a35b5f92a913d04812b0454fe57e0f3b3ebd37aca1b53cf2454d8c7cbb12e7f303af33aa50f96e0c2758990126d6630bb22e93cac0ceef3ad9028cb203d0b191f25a92384684b0421258be9a057f5b1b40e6418dac1b9bc349e5d20cbe9e0aa4b1e4483f07cb55417b9f58cbb4ae92cbe5a81f17dba9d48a330b7acde8dab0583fe603bae9d5a5308287996053919eabf8ea5a0a1677a269d8fd4926697a4eb0ced0858e3185247bad3be05733a4165470de6a533d1b24059f913339a09a6eace182b6c9280a7fc1af0c836c132f1d7dff8871353832c7f5b25614dc2a7c8e8237bec5425618cf353cf146ff21f672e4b06ccbe6bef2f2e51a47f153a97c9370be6b5832d2063ffc17614880d87682cd2d897ad19e040eb0d3bddb066c30a3c670e8e9a097d4b2244485e90912a0154b72db0a37c42c3ffcdf9272a5d2ad68139bb87cb641eaa1b0df9588570ca05c9840011b29a6cfe053e1095d59128bfb9665157d2665c66cacd39a681975ed24c336856f0cd98ac15c9cda2b6e556fb4b54b7b11840e2d2bf190391f1bd6e381bbeed39d8005bd6b725ad18c6d50836f5af027512753941447cf02e92d011ae6f094ee0a23804c800945d706771218bf6e18eee81fa1cb9e27fec38b1f575610604f7cacb35d7c37933df72fa189db607a752d5f3badd0385bf93ca4f2887458da090cd42f87b8def0c6341900dd6f16cf7c77393581ba1551482c757af4e6ace754d75dd010ca34cc2b68f6946b189e67867ca53ef6aff36e23c7f694427a9475e8acf2130d3841730530d49021833ab506a7eb9652a10df25f7b2007998e4e6aa41d130b2bcf41851df9ed76f8cba800f4a093c43c7717f204275942d822c739539dc11fdca1b9b1fa5f17232c5ce12873692fbf054796e9b435db5145b87b67e3de45d252fd6805f31dec22eb88757316800be404b5ff7dcb196c92ecab9fb04032b5fd42ef585e2ca10f109ddabf0941017747d39cdc65717f4ca7cc0bbe98d5dc2d11eed68efba99ea2ba26a4e3a5173805c4c97656d233799174f908ae50465337968903adb91bd658833327865865cf3875b2503a105942620e6dd62526aa8e9a05b5ab348b2ca68b4ca4f4c487ade7ca7650a6bfb4e27b65161462928d6a0ba186db908be3d8afd409c489969ef0f8b1dd71bea5a5c438a32010d1fccc34adee482bdc6d7d654b2ff5879467ea22d18da9884486273a51ceca842cfe0cd6fd50e5116acb58e7657ac6ec7b99d58a6e7232c84b28ebafdf2ec5737ce837223d3d59f48ec5fd37e36929c342a853047ea1f4eb4543757b27dbadfeadcc16205f9486bcf4ad479a7c75f8c34820b57431aab2b4e509e18728727e1de74104c5be581ac4ae9b2bf894bb8495f1cff51d44e9079cb0332ad5d40df729da592e2029bc13f1f467e70c529467577ac39c24e4d33c53f476078ba843a807a281767fb6f68c0ac79709134270642853c7b914b5b21b5235b57a63331e9d646463dc7595066c42efcebe786d9abd6c25c3e10a16beff021223c9db08505de524040bcc4f335faeaa199fe1692a2c9568ab06d908dd76", 0xfffffffffffffd2c, 0x8811, 0x0, 0x0)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f0000006480)={&(0x7f0000c2b000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, &(0x7f0000005380)=""/231, 0x1c700, 0x0, 0x0}, &(0x7f00000064c0)=0x40)

17:14:01 executing program 0:
semget$private(0x0, 0xe1624d800dcd00ee, 0x0)

17:14:01 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

17:14:01 executing program 0:
r0 = socket(0x11, 0x800000003, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001000)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r2}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}, 0x1, 0xf000}, 0x0)

[ 1459.079060][T16061] bridge: RTM_NEWNEIGH with invalid state 0x0
[ 1459.676768][T16034] IPVS: You probably need to specify IP address on multicast interface.
[ 1459.685547][T16034] IPVS: Error connecting to the multicast addr
17:14:02 executing program 2:
unshare(0x40000400)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
unshare(0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$IPVS_CMD_NEW_DAEMON(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000840)={0x3c, r1, 0x1, 0x0, 0x0, {}, [@IPVS_CMD_ATTR_DAEMON={0x28, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'sit0\x00'}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}]}]}, 0x3c}}, 0x0)

17:14:02 executing program 0:
r0 = socket(0x11, 0x800000003, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001000)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r2}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}, 0x1, 0xf000}, 0x0)

17:14:02 executing program 1:
r0 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
socket$inet6(0xa, 0x0, 0x0)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x0, 0x0, 0x0)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x0, 0x0, 0x0)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x0, 0x0, 0x0)
mmap(&(0x7f00009ff000/0x600000)=nil, 0x600000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
setsockopt$inet6_MCAST_MSFILTER(0xffffffffffffffff, 0x29, 0x30, 0x0, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0xfffffeffffff7ffe, &(0x7f0000000140)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x0)
sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0)
sendto$inet6(r0, &(0x7f0000000300)="c20f0d278934358545ad914303ca8e5623f4e94f7757310aeb9be547737e99f4d69e56a1b04760ce19b9c49cf49899da97f06ed548da74c59c3b2b4accc8ab42b6692fd338754fa39cf2b1b3023087f14795eb9428d6b88dbcad93e31f408f29794fdd045cb7d20b50c90faf7c88f2d810cdf1f8a844ce26c88d35ffe1db7a32ed6414244405f5554171e7d8641ade39454166936a84fa7f36e277ce1c53f4078dfe0bde514650611ce4c369ecc034f452eff839a6d4ed0e75c47fbb9a865eaf3d464c10fb5ec0873cda96608db92b5cb5691303f236e4200628056c30a501276567fb2ea522967d39c4b463622152dd8b6ca76c9192998eaeafd36fb07caeee73a4a311f9b24a1004ec9d3625b0b79060199c9b4849e912b7c63fcb85f3ecd752425fc8afb417394ed9cecc4cd51eefb1f6304aecb16fd328d1cc98223b2a34a8392383ec2781d766e674333bdb08dcfbada438217fbd1a133bd484cc8690f197784a09937b2b14e2d5472c7e6ce53745768bf229d3049d79ba2df079f57223773abe9d54c27c6464b59a0936b03b3c01b388d47fdf657357cca707d72a4c679c33d8b8edadecbbd72a9baa6f146c84e924db435186cc135a9c1343d248132e38c6ee52909bd989f8116bebbc271f0513af53e4354c719380625dbd5e89264dc9716fa64db17807f2f72d6fa8b58360c372f3a6e8d22c18b4b1c5de94ea4917ba8dae90a8b0c72d3629cb72bd96748803a61b66f4064c9090354352b054e29a97342704393033429211d51c491cc1d8e34b27a3d526f31dd3d4fd21e782698efcbd0e2e8c55e28ed06e1064d0170a33587aacf8effd7d36ae9451caa541a9cbeb08d52d6d560403c7a57ed74f5bdcb3e580c7c261c58517afc81cbbab1861bcd69c183b398aa11d573e57218912d00914e50f0777c887199f90ff67d1e1f3f1a63086c14acf830165097faa385e1b94fd87c8018fa53ba8696b0ebaebfe3ee6d4c62937fa24921ddc6a4c8fcbc42023fb29bf96975fc1a2172e114dc7365a0d6a27d497ea2ba1b304673ac2d83dc26c8e3005da2b4730afea6ac54ac29cbd115fce5144ed383348fd781ab19ec9de9c07b2c6556596be3df2b5e465f91c46b2cf50b717c5b58d886b2695d10cdbb09803ab381a3a1d513a6a977d05c24a44263fde79cdc66ca32ce2883760433a5ff4faa329a0c126e4903ea3dec1e07e057dd8fb8ba5ab390e81234bca767a5dd209e588a41d765668bcca077003cb3b332ef54549777678fed3f17d946990ca0812b207e704eda95dcaee23d6795db34779433869fb2ef9a0eeff13c43a42dabeee9f4a69a74008ea973c3a8e4c30c850b30d48915b7cbbba1e7db1988d27d036845c5fb8520bfec10bd70a5bc5853ee8985db9c7135813c32657b13747fd02735bc0f3fc54774f9ef97fac6f12ec24a55fa066e8f387170208da8615355e2e21a7363b11a3cab94b8ee411bbecf9b1f71662f50557f03e1fb64e5da0a18c18225a612235ed6337480debc9e4f45a32297a09735285cbb3254431980626bb46ab07993284629ff28558dea766cc4a8c511982a934d25088531aba09169c5855070924f36180abf8ca9fb6669e7bca5df76a3e0d8ddd4eaa99fbce9f24b91f8d1316791de91f9d6a96d2a8ee9f7bebf95804d0c136745acf372e38ff88a69167e79ff3ef3058f9ab2f4e8250de697ceca6a9f67477d6fe450bb23cba11dda80c7b3634d50bf22002d269e69a6c43a6888d0d20759bf2dcac1c18492f2ce4d85547fd7e6dc03fdbe02c63b656190929f1f4198b46b44623fa500402ff56a87107b9a3e668687899c3c06b73e94000349c14f56d5f730cc75cd628f931a187b11ad4f240218c9cb6b1e036e560aa68d8e7258d8236ba1f1805ea4d75258bbc321c9eb7aa0f4d7eccfb630faff7e3c8c278570bd5ea77719bd33b83d1f8580496282859cc48fe99680ec546cf9f6e10b89f08d659dc0b2636398135c64c37aa567bf5fb157627c8fa9fe404924ba4e60363b353f4f3eaaf8b4197785ae04ee3b64aee53a8f961f79a3e6076d217c1692596e5bf9a7f94dc92072c53994dc658c74ff68c329a92ee2d6602d6b9acbedd19db3b717b7d4c816b1fd6c3e77a03fd0eae9a40140779899b3a770b3c20a889971fce8b35e768ef387cce2c777b915ce4e7df9463f5eef54e0e918d3e904c8770c1bbc6eb77c3e43353e13d1c0b7667d06b20715526b17e0b8968ae3254f626c59ab232ac0835e5b07ad838e81ca7a86a4b42e5807e8a316eb7fe6afae53877e1d87b3e1e9302d595cf033e95c42d42f7e31f8d46e78d412be66120948ce552b68d3f8b4fd1a0eed888c514a37040fb28dbf96af88ec96e5d7e476cfeaa4092dd80f5fe6f67fbf27c20e3169d9971602caf6a4d8679558aa2119a751fc1ad9870086370fcdcccb280ee591a7fe8b319be2d9f0ab3fb0040d45ca6e3b938c991b5beb93499bf77e098c662d075dd66dd6a2df2b48f649ce9ec01f17eb287f6eef766b26b014a7cd459d368b00bc4c73af17fbec17b663f619b68ca517d55e50e498b91d609dbcbec3a5ac0cd47506ef493ecf7ef9bf66ae3e706bcc7d8894f1cf05e7841e6f1198e2b27a1b2dd5e39cf7b0d97319f6d4711c6ddde8f8e0226d19a5f65ce2c35c5ae2bbfbb016a518ea97f9a7b62a7860b9c98563b7727d6c462df0cd98dedb9f3559e020f5b513513976c8a8080addb6e57a0b9beaa744ed818e24e687ca0b3aee27448ccbd918a6773ae7c37a00ebce5c8eee030930e806234d884ba4038feebf05ddd946b6d78c543c198612fb9fa7634c1463428b9eef86cb9c703f9e6be22367a55926c2ff1e31f0caabaceaac08872807dcbf41c1ac46a411e80e7a87a14282b837a4c5e016aac38e5ba5a6463421612ba493ac7cd2decd0d63e58410f43d169c8bb649f44aeac5d3f17c3709bc9f9533d307a7a062d87d0ce5e726de778d502bdcaa441db875dcb8a9e8c49607ab5c8a233ded286e8d1ee4a98cd18085c808d9409560a205f0bb979f3c9c31b2a13bcbd4cfa91b6d8fe6a3a6167da6a6b3eef799358829e3e95cd007d2eb49e38fede07b042b0485bd9311fbd2c89e3c11ed179f1a7c71cf743642533e9fa2ae41d9972b2c6a3ca01484c2abb563311927b97f21ec6573bc25918f8110028c63f16d7bffd29f753cb7bd00124b00159e94ebd875ad899f9e92148b331fc88b02d80b5c1c290177083c0a002a92936a6b304936393688e8e7af019ac6b0760fd04b63ac5f89a0d0b99dab49c56b6373116c2056bd4c9227be7ec1970e1f2544150172d10ab759c68d5646b1673b083e87b62c0b60da658e0e397b4c283edd70ad164d7f43c7c2b38ca7ec47df6a0d7c534d48931523fa29ac0d950ac0c13335769f8e957e686abf02fa8974a4ffca48f08656e7d8a944affab6beb622afc5e444e5345ac416ce1d2ba2ef34641641fcd2d632680b98ea1e917d7e6c9505c99d0f487fcb00880a9eeee91a2c9f3601fbfd810dc55731d17317381e3c78c62dc3fad2ad1d269469c1b9da265f185feba1c1bde19e71a4e5e0bea38065081d28c6fb189087c32cf277212cc6fb12fd1af3692a1c9817f531b7ee4323cd7a3b8e61c6ea2e4c3f6a1e8f0c35374d3eda3054bee6293ce306613d24f5b7316cc10b1ae66d70839948eb71be7a0b31d69c7b07777cb6dc07ddb667f88e20f25e51e710c5bfbdf8baa2ac11c4a25b635a92b68eb32fce851409b7d96e403647ed85a0419db468ed36b1a0cd08691b08f054d237629d3c1a4bb85ca5a9c8ce7ae0ec0976e885ca29ff7049a77867b3a49d597e4d71a50110f508247682f85b992d38bc49982f6065a5e8c1589bb05227f966964f651811c050613a109faa70b9593b77c4ad395cd294f05d3ef30debb452f67cc487e9da4652aebe4dbb06ba2e320399df21bfae5c929ca97bae41b58c37d0ab54d8e8303f923faec1eb576f2a39b29fc94532c147c48221e1cc7305df72ed7c97897059403894eddab4adc4b86d415694562c62191f827b9de4e1f5c98c7cd6a9afc235e63112e88a13c2f53e419f277def82d8d2f51944bea4028e5b84f1cc42510ee5f73f339b83b0d64d1213c0a296da16dc1e0ec4ea71770999fba35108b1adce0b2639c8e95f3bca00191815a8e748e57e36d1958eda0be07a35b5f92a913d04812b0454fe57e0f3b3ebd37aca1b53cf2454d8c7cbb12e7f303af33aa50f96e0c2758990126d6630bb22e93cac0ceef3ad9028cb203d0b191f25a92384684b0421258be9a057f5b1b40e6418dac1b9bc349e5d20cbe9e0aa4b1e4483f07cb55417b9f58cbb4ae92cbe5a81f17dba9d48a330b7acde8dab0583fe603bae9d5a5308287996053919eabf8ea5a0a1677a269d8fd4926697a4eb0ced0858e3185247bad3be05733a4165470de6a533d1b24059f913339a09a6eace182b6c9280a7fc1af0c836c132f1d7dff8871353832c7f5b25614dc2a7c8e8237bec5425618cf353cf146ff21f672e4b06ccbe6bef2f2e51a47f153a97c9370be6b5832d2063ffc17614880d87682cd2d897ad19e040eb0d3bddb066c30a3c670e8e9a097d4b2244485e90912a0154b72db0a37c42c3ffcdf9272a5d2ad68139bb87cb641eaa1b0df9588570ca05c9840011b29a6cfe053e1095d59128bfb9665157d2665c66cacd39a681975ed24c336856f0cd98ac15c9cda2b6e556fb4b54b7b11840e2d2bf190391f1bd6e381bbeed39d8005bd6b725ad18c6d50836f5af027512753941447cf02e92d011ae6f094ee0a23804c800945d706771218bf6e18eee81fa1cb9e27fec38b1f575610604f7cacb35d7c37933df72fa189db607a752d5f3badd0385bf93ca4f2887458da090cd42f87b8def0c6341900dd6f16cf7c77393581ba1551482c757af4e6ace754d75dd010ca34cc2b68f6946b189e67867ca53ef6aff36e23c7f694427a9475e8acf2130d3841730530d49021833ab506a7eb9652a10df25f7b2007998e4e6aa41d130b2bcf41851df9ed76f8cba800f4a093c43c7717f204275942d822c739539dc11fdca1b9b1fa5f17232c5ce12873692fbf054796e9b435db5145b87b67e3de45d252fd6805f31dec22eb88757316800be404b5ff7dcb196c92ecab9fb04032b5fd42ef585e2ca10f109ddabf0941017747d39cdc65717f4ca7cc0bbe98d5dc2d11eed68efba99ea2ba26a4e3a5173805c4c97656d233799174f908ae50465337968903adb91bd658833327865865cf3875b2503a105942620e6dd62526aa8e9a05b5ab348b2ca68b4ca4f4c487ade7ca7650a6bfb4e27b65161462928d6a0ba186db908be3d8afd409c489969ef0f8b1dd71bea5a5c438a32010d1fccc34adee482bdc6d7d654b2ff5879467ea22d18da9884486273a51ceca842cfe0cd6fd50e5116acb58e7657ac6ec7b99d58a6e7232c84b28ebafdf2ec5737ce837223d3d59f48ec5fd37e36929c342a853047ea1f4eb4543757b27dbadfeadcc16205f9486bcf4ad479a7c75f8c34820b57431aab2b4e509e18728727e1de74104c5be581ac4ae9b2bf894bb8495f1cff51d44e9079cb0332ad5d40df729da592e2029bc13f1f467e70c529467577ac39c24e4d33c53f476078ba843a807a281767fb6f68c0ac79709134270642853c7b914b5b21b5235b57a63331e9d646463dc7595066c42efcebe786d9abd6c25c3e10a16beff021223c9db08505de524040bcc4f335faeaa199fe1692a2c9568ab06d908dd76", 0xfffffffffffffd2c, 0x8811, 0x0, 0x0)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f0000006480)={&(0x7f0000c2b000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, &(0x7f0000005380)=""/231, 0x1c700, 0x0, 0x0}, &(0x7f00000064c0)=0x40)

17:14:02 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

17:14:02 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

17:14:02 executing program 5:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
ioctl$KVM_GET_NESTED_STATE(0xffffffffffffffff, 0xc080aebe, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

[ 1459.897485][T16071] bridge: RTM_NEWNEIGH with invalid state 0x0
17:14:02 executing program 0:
r0 = socket(0x11, 0x800000003, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001000)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r2}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}, 0x1, 0xf000}, 0x0)

[ 1460.291297][T16089] bridge: RTM_NEWNEIGH with invalid state 0x0
17:14:03 executing program 0:
r0 = socket(0x11, 0x800000003, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001000)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r2}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}, 0x1, 0xf000}, 0x0)

[ 1460.563659][T16091] bridge: RTM_NEWNEIGH with invalid state 0x0
17:14:03 executing program 0:
socket(0x11, 0x800000003, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001000)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}, 0x1, 0xf000}, 0x0)

17:14:03 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

17:14:03 executing program 0:
socket(0x11, 0x800000003, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001000)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}, 0x1, 0xf000}, 0x0)

17:14:03 executing program 1:
r0 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
socket$inet6(0xa, 0x0, 0x0)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x0, 0x0, 0x0)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x0, 0x0, 0x0)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x0, 0x0, 0x0)
mmap(&(0x7f00009ff000/0x600000)=nil, 0x600000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
setsockopt$inet6_MCAST_MSFILTER(0xffffffffffffffff, 0x29, 0x30, 0x0, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0xfffffeffffff7ffe, &(0x7f0000000140)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x0)
sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0)
sendto$inet6(r0, &(0x7f0000000300)="c20f0d278934358545ad914303ca8e5623f4e94f7757310aeb9be547737e99f4d69e56a1b04760ce19b9c49cf49899da97f06ed548da74c59c3b2b4accc8ab42b6692fd338754fa39cf2b1b3023087f14795eb9428d6b88dbcad93e31f408f29794fdd045cb7d20b50c90faf7c88f2d810cdf1f8a844ce26c88d35ffe1db7a32ed6414244405f5554171e7d8641ade39454166936a84fa7f36e277ce1c53f4078dfe0bde514650611ce4c369ecc034f452eff839a6d4ed0e75c47fbb9a865eaf3d464c10fb5ec0873cda96608db92b5cb5691303f236e4200628056c30a501276567fb2ea522967d39c4b463622152dd8b6ca76c9192998eaeafd36fb07caeee73a4a311f9b24a1004ec9d3625b0b79060199c9b4849e912b7c63fcb85f3ecd752425fc8afb417394ed9cecc4cd51eefb1f6304aecb16fd328d1cc98223b2a34a8392383ec2781d766e674333bdb08dcfbada438217fbd1a133bd484cc8690f197784a09937b2b14e2d5472c7e6ce53745768bf229d3049d79ba2df079f57223773abe9d54c27c6464b59a0936b03b3c01b388d47fdf657357cca707d72a4c679c33d8b8edadecbbd72a9baa6f146c84e924db435186cc135a9c1343d248132e38c6ee52909bd989f8116bebbc271f0513af53e4354c719380625dbd5e89264dc9716fa64db17807f2f72d6fa8b58360c372f3a6e8d22c18b4b1c5de94ea4917ba8dae90a8b0c72d3629cb72bd96748803a61b66f4064c9090354352b054e29a97342704393033429211d51c491cc1d8e34b27a3d526f31dd3d4fd21e782698efcbd0e2e8c55e28ed06e1064d0170a33587aacf8effd7d36ae9451caa541a9cbeb08d52d6d560403c7a57ed74f5bdcb3e580c7c261c58517afc81cbbab1861bcd69c183b398aa11d573e57218912d00914e50f0777c887199f90ff67d1e1f3f1a63086c14acf830165097faa385e1b94fd87c8018fa53ba8696b0ebaebfe3ee6d4c62937fa24921ddc6a4c8fcbc42023fb29bf96975fc1a2172e114dc7365a0d6a27d497ea2ba1b304673ac2d83dc26c8e3005da2b4730afea6ac54ac29cbd115fce5144ed383348fd781ab19ec9de9c07b2c6556596be3df2b5e465f91c46b2cf50b717c5b58d886b2695d10cdbb09803ab381a3a1d513a6a977d05c24a44263fde79cdc66ca32ce2883760433a5ff4faa329a0c126e4903ea3dec1e07e057dd8fb8ba5ab390e81234bca767a5dd209e588a41d765668bcca077003cb3b332ef54549777678fed3f17d946990ca0812b207e704eda95dcaee23d6795db34779433869fb2ef9a0eeff13c43a42dabeee9f4a69a74008ea973c3a8e4c30c850b30d48915b7cbbba1e7db1988d27d036845c5fb8520bfec10bd70a5bc5853ee8985db9c7135813c32657b13747fd02735bc0f3fc54774f9ef97fac6f12ec24a55fa066e8f387170208da8615355e2e21a7363b11a3cab94b8ee411bbecf9b1f71662f50557f03e1fb64e5da0a18c18225a612235ed6337480debc9e4f45a32297a09735285cbb3254431980626bb46ab07993284629ff28558dea766cc4a8c511982a934d25088531aba09169c5855070924f36180abf8ca9fb6669e7bca5df76a3e0d8ddd4eaa99fbce9f24b91f8d1316791de91f9d6a96d2a8ee9f7bebf95804d0c136745acf372e38ff88a69167e79ff3ef3058f9ab2f4e8250de697ceca6a9f67477d6fe450bb23cba11dda80c7b3634d50bf22002d269e69a6c43a6888d0d20759bf2dcac1c18492f2ce4d85547fd7e6dc03fdbe02c63b656190929f1f4198b46b44623fa500402ff56a87107b9a3e668687899c3c06b73e94000349c14f56d5f730cc75cd628f931a187b11ad4f240218c9cb6b1e036e560aa68d8e7258d8236ba1f1805ea4d75258bbc321c9eb7aa0f4d7eccfb630faff7e3c8c278570bd5ea77719bd33b83d1f8580496282859cc48fe99680ec546cf9f6e10b89f08d659dc0b2636398135c64c37aa567bf5fb157627c8fa9fe404924ba4e60363b353f4f3eaaf8b4197785ae04ee3b64aee53a8f961f79a3e6076d217c1692596e5bf9a7f94dc92072c53994dc658c74ff68c329a92ee2d6602d6b9acbedd19db3b717b7d4c816b1fd6c3e77a03fd0eae9a40140779899b3a770b3c20a889971fce8b35e768ef387cce2c777b915ce4e7df9463f5eef54e0e918d3e904c8770c1bbc6eb77c3e43353e13d1c0b7667d06b20715526b17e0b8968ae3254f626c59ab232ac0835e5b07ad838e81ca7a86a4b42e5807e8a316eb7fe6afae53877e1d87b3e1e9302d595cf033e95c42d42f7e31f8d46e78d412be66120948ce552b68d3f8b4fd1a0eed888c514a37040fb28dbf96af88ec96e5d7e476cfeaa4092dd80f5fe6f67fbf27c20e3169d9971602caf6a4d8679558aa2119a751fc1ad9870086370fcdcccb280ee591a7fe8b319be2d9f0ab3fb0040d45ca6e3b938c991b5beb93499bf77e098c662d075dd66dd6a2df2b48f649ce9ec01f17eb287f6eef766b26b014a7cd459d368b00bc4c73af17fbec17b663f619b68ca517d55e50e498b91d609dbcbec3a5ac0cd47506ef493ecf7ef9bf66ae3e706bcc7d8894f1cf05e7841e6f1198e2b27a1b2dd5e39cf7b0d97319f6d4711c6ddde8f8e0226d19a5f65ce2c35c5ae2bbfbb016a518ea97f9a7b62a7860b9c98563b7727d6c462df0cd98dedb9f3559e020f5b513513976c8a8080addb6e57a0b9beaa744ed818e24e687ca0b3aee27448ccbd918a6773ae7c37a00ebce5c8eee030930e806234d884ba4038feebf05ddd946b6d78c543c198612fb9fa7634c1463428b9eef86cb9c703f9e6be22367a55926c2ff1e31f0caabaceaac08872807dcbf41c1ac46a411e80e7a87a14282b837a4c5e016aac38e5ba5a6463421612ba493ac7cd2decd0d63e58410f43d169c8bb649f44aeac5d3f17c3709bc9f9533d307a7a062d87d0ce5e726de778d502bdcaa441db875dcb8a9e8c49607ab5c8a233ded286e8d1ee4a98cd18085c808d9409560a205f0bb979f3c9c31b2a13bcbd4cfa91b6d8fe6a3a6167da6a6b3eef799358829e3e95cd007d2eb49e38fede07b042b0485bd9311fbd2c89e3c11ed179f1a7c71cf743642533e9fa2ae41d9972b2c6a3ca01484c2abb563311927b97f21ec6573bc25918f8110028c63f16d7bffd29f753cb7bd00124b00159e94ebd875ad899f9e92148b331fc88b02d80b5c1c290177083c0a002a92936a6b304936393688e8e7af019ac6b0760fd04b63ac5f89a0d0b99dab49c56b6373116c2056bd4c9227be7ec1970e1f2544150172d10ab759c68d5646b1673b083e87b62c0b60da658e0e397b4c283edd70ad164d7f43c7c2b38ca7ec47df6a0d7c534d48931523fa29ac0d950ac0c13335769f8e957e686abf02fa8974a4ffca48f08656e7d8a944affab6beb622afc5e444e5345ac416ce1d2ba2ef34641641fcd2d632680b98ea1e917d7e6c9505c99d0f487fcb00880a9eeee91a2c9f3601fbfd810dc55731d17317381e3c78c62dc3fad2ad1d269469c1b9da265f185feba1c1bde19e71a4e5e0bea38065081d28c6fb189087c32cf277212cc6fb12fd1af3692a1c9817f531b7ee4323cd7a3b8e61c6ea2e4c3f6a1e8f0c35374d3eda3054bee6293ce306613d24f5b7316cc10b1ae66d70839948eb71be7a0b31d69c7b07777cb6dc07ddb667f88e20f25e51e710c5bfbdf8baa2ac11c4a25b635a92b68eb32fce851409b7d96e403647ed85a0419db468ed36b1a0cd08691b08f054d237629d3c1a4bb85ca5a9c8ce7ae0ec0976e885ca29ff7049a77867b3a49d597e4d71a50110f508247682f85b992d38bc49982f6065a5e8c1589bb05227f966964f651811c050613a109faa70b9593b77c4ad395cd294f05d3ef30debb452f67cc487e9da4652aebe4dbb06ba2e320399df21bfae5c929ca97bae41b58c37d0ab54d8e8303f923faec1eb576f2a39b29fc94532c147c48221e1cc7305df72ed7c97897059403894eddab4adc4b86d415694562c62191f827b9de4e1f5c98c7cd6a9afc235e63112e88a13c2f53e419f277def82d8d2f51944bea4028e5b84f1cc42510ee5f73f339b83b0d64d1213c0a296da16dc1e0ec4ea71770999fba35108b1adce0b2639c8e95f3bca00191815a8e748e57e36d1958eda0be07a35b5f92a913d04812b0454fe57e0f3b3ebd37aca1b53cf2454d8c7cbb12e7f303af33aa50f96e0c2758990126d6630bb22e93cac0ceef3ad9028cb203d0b191f25a92384684b0421258be9a057f5b1b40e6418dac1b9bc349e5d20cbe9e0aa4b1e4483f07cb55417b9f58cbb4ae92cbe5a81f17dba9d48a330b7acde8dab0583fe603bae9d5a5308287996053919eabf8ea5a0a1677a269d8fd4926697a4eb0ced0858e3185247bad3be05733a4165470de6a533d1b24059f913339a09a6eace182b6c9280a7fc1af0c836c132f1d7dff8871353832c7f5b25614dc2a7c8e8237bec5425618cf353cf146ff21f672e4b06ccbe6bef2f2e51a47f153a97c9370be6b5832d2063ffc17614880d87682cd2d897ad19e040eb0d3bddb066c30a3c670e8e9a097d4b2244485e90912a0154b72db0a37c42c3ffcdf9272a5d2ad68139bb87cb641eaa1b0df9588570ca05c9840011b29a6cfe053e1095d59128bfb9665157d2665c66cacd39a681975ed24c336856f0cd98ac15c9cda2b6e556fb4b54b7b11840e2d2bf190391f1bd6e381bbeed39d8005bd6b725ad18c6d50836f5af027512753941447cf02e92d011ae6f094ee0a23804c800945d706771218bf6e18eee81fa1cb9e27fec38b1f575610604f7cacb35d7c37933df72fa189db607a752d5f3badd0385bf93ca4f2887458da090cd42f87b8def0c6341900dd6f16cf7c77393581ba1551482c757af4e6ace754d75dd010ca34cc2b68f6946b189e67867ca53ef6aff36e23c7f694427a9475e8acf2130d3841730530d49021833ab506a7eb9652a10df25f7b2007998e4e6aa41d130b2bcf41851df9ed76f8cba800f4a093c43c7717f204275942d822c739539dc11fdca1b9b1fa5f17232c5ce12873692fbf054796e9b435db5145b87b67e3de45d252fd6805f31dec22eb88757316800be404b5ff7dcb196c92ecab9fb04032b5fd42ef585e2ca10f109ddabf0941017747d39cdc65717f4ca7cc0bbe98d5dc2d11eed68efba99ea2ba26a4e3a5173805c4c97656d233799174f908ae50465337968903adb91bd658833327865865cf3875b2503a105942620e6dd62526aa8e9a05b5ab348b2ca68b4ca4f4c487ade7ca7650a6bfb4e27b65161462928d6a0ba186db908be3d8afd409c489969ef0f8b1dd71bea5a5c438a32010d1fccc34adee482bdc6d7d654b2ff5879467ea22d18da9884486273a51ceca842cfe0cd6fd50e5116acb58e7657ac6ec7b99d58a6e7232c84b28ebafdf2ec5737ce837223d3d59f48ec5fd37e36929c342a853047ea1f4eb4543757b27dbadfeadcc16205f9486bcf4ad479a7c75f8c34820b57431aab2b4e509e18728727e1de74104c5be581ac4ae9b2bf894bb8495f1cff51d44e9079cb0332ad5d40df729da592e2029bc13f1f467e70c529467577ac39c24e4d33c53f476078ba843a807a281767fb6f68c0ac79709134270642853c7b914b5b21b5235b57a63331e9d646463dc7595066c42efcebe786d9abd6c25c3e10a16beff021223c9db08505de524040bcc4f335faeaa199fe1692a2c9568ab06d908dd76", 0xfffffffffffffd2c, 0x8811, 0x0, 0x0)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f0000006480)={&(0x7f0000c2b000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, &(0x7f0000005380)=""/231, 0x1c700, 0x0, 0x0}, &(0x7f00000064c0)=0x40)

[ 1461.715755][T16076] IPVS: You probably need to specify IP address on multicast interface.
[ 1461.734627][T16076] IPVS: Error connecting to the multicast addr
17:14:04 executing program 4:
prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

17:14:04 executing program 2:
unshare(0x40000400)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
unshare(0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$IPVS_CMD_NEW_DAEMON(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000840)={0x3c, r1, 0x1, 0x0, 0x0, {}, [@IPVS_CMD_ATTR_DAEMON={0x28, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'sit0\x00'}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}]}]}, 0x3c}}, 0x0)

17:14:04 executing program 0:
socket(0x11, 0x800000003, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001000)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}, 0x1, 0xf000}, 0x0)

17:14:04 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

17:14:04 executing program 5:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
ioctl$KVM_GET_NESTED_STATE(0xffffffffffffffff, 0xc080aebe, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

17:14:04 executing program 1:
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000040)=@generic={0x0, 0x0, 0x6c48c9aa73e089fa}, 0x18)

17:14:04 executing program 0:
r0 = socket(0x11, 0x800000003, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r1=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001000)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r1}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}, 0x1, 0xf000}, 0x0)

17:14:05 executing program 1:
setregid(0xee00, 0xee01)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)

17:14:05 executing program 0:
r0 = socket(0x11, 0x800000003, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r1=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001000)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r1}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}, 0x1, 0xf000}, 0x0)

17:14:05 executing program 1:
r0 = openat$drirender128(0xffffffffffffff9c, &(0x7f0000000940), 0x0, 0x0)
ioctl$DRM_IOCTL_SYNCOBJ_SIGNAL(r0, 0xc01064c5, &(0x7f0000000240)={0x0})

17:14:05 executing program 0:
r0 = socket(0x11, 0x800000003, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r1=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001000)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r1}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}, 0x1, 0xf000}, 0x0)

17:14:05 executing program 1:
syz_open_dev$dri(&(0x7f0000000780), 0x7ff, 0x40241)

17:14:06 executing program 4:
prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

[ 1463.655748][T16121] IPVS: You probably need to specify IP address on multicast interface.
[ 1463.664171][T16121] IPVS: Error connecting to the multicast addr
17:14:06 executing program 1:
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000900)={0x1b, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x3}, 0x48)

17:14:06 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001000)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r1}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}, 0x1, 0xf000}, 0x0)

17:14:06 executing program 2:
unshare(0x40000400)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
unshare(0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPVS_CMD_NEW_DAEMON(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000840)={0x3c, 0x0, 0x1, 0x0, 0x0, {}, [@IPVS_CMD_ATTR_DAEMON={0x28, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'sit0\x00'}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}]}]}, 0x3c}}, 0x0)

17:14:06 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, 0x0}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

17:14:06 executing program 5:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
ioctl$KVM_GET_NESTED_STATE(0xffffffffffffffff, 0xc080aebe, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

17:14:06 executing program 1:
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000300), r0)

17:14:06 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001000)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r1}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}, 0x1, 0xf000}, 0x0)

17:14:06 executing program 1:
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x3, 0x1)
ioctl$sock_inet_udp_SIOCINQ(r0, 0x89a1, &(0x7f0000000040))

17:14:07 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001000)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r1}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}, 0x1, 0xf000}, 0x0)

17:14:07 executing program 1:
r0 = syz_open_dev$vcsu(&(0x7f0000000e40), 0x6, 0x0)
sendmsg$DEVLINK_CMD_TRAP_POLICER_SET(r0, 0x0, 0x0)

17:14:07 executing program 1:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000003580)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000100)='|', 0x1}], 0x1, &(0x7f0000000300)=[{0x28, 0x0, 0x0, "b0fdd5999b3047f8609a59094a1b75fc31"}], 0x28}, 0x0)

17:14:07 executing program 1:
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000014c0), 0x0, 0x0)
ioctl$TIOCSERGETLSR(r0, 0x5417, &(0x7f0000000000))

17:14:07 executing program 0:
r0 = socket(0x0, 0x800000003, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001000)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r2}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}, 0x1, 0xf000}, 0x0)

17:14:07 executing program 4:
prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

17:14:08 executing program 2:
unshare(0x40000400)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
unshare(0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPVS_CMD_NEW_DAEMON(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000840)={0x3c, 0x0, 0x1, 0x0, 0x0, {}, [@IPVS_CMD_ATTR_DAEMON={0x28, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'sit0\x00'}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}]}]}, 0x3c}}, 0x0)

17:14:08 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, 0x0}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

17:14:08 executing program 5:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
ioctl$KVM_GET_NESTED_STATE(0xffffffffffffffff, 0xc080aebe, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

17:14:08 executing program 0:
r0 = socket(0x0, 0x800000003, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001000)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r2}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}, 0x1, 0xf000}, 0x0)

17:14:08 executing program 1:
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000014c0), 0x0, 0x0)
ioctl$TIOCSERGETLSR(r0, 0x5417, &(0x7f0000000000))

17:14:08 executing program 1:
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000014c0), 0x0, 0x0)
ioctl$TIOCSERGETLSR(r0, 0x5417, &(0x7f0000000000))

17:14:08 executing program 0:
r0 = socket(0x0, 0x800000003, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001000)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r2}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}, 0x1, 0xf000}, 0x0)

17:14:08 executing program 1:
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000014c0), 0x0, 0x0)
ioctl$TIOCSERGETLSR(r0, 0x5417, &(0x7f0000000000))

17:14:09 executing program 1:
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000014c0), 0x0, 0x0)
ioctl$TIOCSERGETLSR(r0, 0x5423, &(0x7f0000000000))

17:14:09 executing program 4:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

17:14:09 executing program 0:
r0 = socket(0x11, 0x0, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001000)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r2}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}, 0x1, 0xf000}, 0x0)

17:14:09 executing program 1:
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000014c0), 0x0, 0x0)
ioctl$TIOCSERGETLSR(r0, 0x5423, &(0x7f0000000000))

17:14:10 executing program 2:
unshare(0x40000400)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
unshare(0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPVS_CMD_NEW_DAEMON(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000840)={0x3c, 0x0, 0x1, 0x0, 0x0, {}, [@IPVS_CMD_ATTR_DAEMON={0x28, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'sit0\x00'}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}]}]}, 0x3c}}, 0x0)

17:14:10 executing program 5:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
sendmsg$TIPC_NL_MON_SET(0xffffffffffffffff, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
ioctl$KVM_GET_NESTED_STATE(0xffffffffffffffff, 0xc080aebe, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

17:14:10 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, 0x0}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

17:14:10 executing program 0:
r0 = socket(0x11, 0x0, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001000)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r2}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}, 0x1, 0xf000}, 0x0)

17:14:10 executing program 1:
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000014c0), 0x0, 0x0)
ioctl$TIOCSERGETLSR(r0, 0x5423, &(0x7f0000000000))

17:14:10 executing program 0:
r0 = socket(0x11, 0x0, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001000)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r2}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}, 0x1, 0xf000}, 0x0)

17:14:10 executing program 1:
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000014c0), 0x0, 0x0)
ioctl$TIOCSERGETLSR(r0, 0x5423, &(0x7f0000000000))

17:14:10 executing program 0:
socket(0x11, 0x800000003, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001000)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r1}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}, 0x1, 0xf000}, 0x0)

17:14:11 executing program 1:
r0 = syz_open_dev$loop(&(0x7f0000000040), 0x0, 0x44002)
ioctl$BLKSECDISCARD(r0, 0x127d, 0x0)

17:14:11 executing program 4:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

17:14:11 executing program 1:
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x1a01, 0x0)
ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000340))
pwritev(r0, &(0x7f0000000380)=[{&(0x7f00000010c0)="aabf", 0x2}], 0x1, 0x0, 0x0)

17:14:11 executing program 0:
socket(0x11, 0x800000003, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001000)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r1}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}, 0x1, 0xf000}, 0x0)

17:14:12 executing program 2:
unshare(0x40000400)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
unshare(0x0)
r0 = syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$IPVS_CMD_NEW_DAEMON(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000840)={0x3c, r0, 0x1, 0x0, 0x0, {}, [@IPVS_CMD_ATTR_DAEMON={0x28, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'sit0\x00'}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}]}]}, 0x3c}}, 0x0)

17:14:12 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

17:14:12 executing program 0:
socket(0x11, 0x800000003, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001000)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r1}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}, 0x1, 0xf000}, 0x0)

17:14:12 executing program 5:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
sendmsg$TIPC_NL_MON_SET(0xffffffffffffffff, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
ioctl$KVM_GET_NESTED_STATE(0xffffffffffffffff, 0xc080aebe, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

17:14:12 executing program 1:
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='smaps_rollup\x00')
read$FUSE(r0, &(0x7f0000000240)={0x2020}, 0x2020)

17:14:12 executing program 1:
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='net/unix\x00')
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))
preadv(r0, &(0x7f00000013c0)=[{&(0x7f0000001040)=""/52, 0x34}, {&(0x7f0000001080)=""/251, 0xfb}], 0x2, 0x0, 0x0)

17:14:12 executing program 0:
r0 = socket(0x11, 0x800000003, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0)
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001000)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}, 0x1, 0xf000}, 0x0)

17:14:12 executing program 1:
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='net/unix\x00')
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))
preadv(r0, &(0x7f00000013c0)=[{&(0x7f0000001040)=""/52, 0x34}, {&(0x7f0000001080)=""/251, 0xfb}], 0x2, 0x0, 0x0)

17:14:12 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

17:14:13 executing program 4:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

17:14:13 executing program 1:
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='net/unix\x00')
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))
preadv(r0, &(0x7f00000013c0)=[{&(0x7f0000001040)=""/52, 0x34}, {&(0x7f0000001080)=""/251, 0xfb}], 0x2, 0x0, 0x0)

17:14:13 executing program 0:
r0 = socket(0x11, 0x800000003, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0)
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001000)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}, 0x1, 0xf000}, 0x0)

17:14:14 executing program 2:
unshare(0x40000400)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
unshare(0x0)
r0 = syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$IPVS_CMD_NEW_DAEMON(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000840)={0x3c, r0, 0x1, 0x0, 0x0, {}, [@IPVS_CMD_ATTR_DAEMON={0x28, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'sit0\x00'}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}]}]}, 0x3c}}, 0x0)

17:14:14 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

17:14:14 executing program 1:
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='net/unix\x00')
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))
preadv(r0, &(0x7f00000013c0)=[{&(0x7f0000001040)=""/52, 0x34}, {&(0x7f0000001080)=""/251, 0xfb}], 0x2, 0x0, 0x0)

17:14:14 executing program 0:
r0 = socket(0x11, 0x800000003, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0)
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001000)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}, 0x1, 0xf000}, 0x0)

17:14:14 executing program 5:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
sendmsg$TIPC_NL_MON_SET(0xffffffffffffffff, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
ioctl$KVM_GET_NESTED_STATE(0xffffffffffffffff, 0xc080aebe, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

17:14:14 executing program 0:
r0 = socket(0x11, 0x800000003, 0x0)
socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r1=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001000)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r1}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}, 0x1, 0xf000}, 0x0)

17:14:14 executing program 1:
r0 = syz_open_procfs(0x0, &(0x7f0000000200)='map_files\x00')
getdents(r0, &(0x7f0000000780)=""/51, 0x33)
getdents(r0, 0x0, 0x0)

17:14:14 executing program 1:
syz_usb_connect(0x0, 0xfa, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x81, 0x7b, 0xe3, 0x8, 0x5050, 0x700, 0x396, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0xe8, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x62, 0x69, 0xb5, 0x0, [@uac_control={{}, [@extension_unit={0x9, 0x24, 0x8, 0x0, 0x0, 0x0, "036d"}, @selector_unit={0xa, 0x24, 0x5, 0x0, 0x0, "b6e0aa5e9a"}, @extension_unit={0xa, 0x24, 0x8, 0x0, 0x0, 0x0, "f5f588"}, @processing_unit={0xb, 0x24, 0x7, 0x0, 0x0, 0x0, "7799b2d5"}, @selector_unit={0x7, 0x24, 0x5, 0x0, 0x0, "b580"}, @input_terminal={0xc}]}, @cdc_ncm={{0x8, 0x24, 0x6, 0x0, 0x1, "9aafba"}, {0x5}, {0xd}, {0x6}, [@mdlm_detail={0x43, 0x24, 0x13, 0x0, "beb5ff671f22b2878d04ec9d2db718628565dacd872a93f59a47ca6c6234c99ef2261c5c3b27cfb2dfadddfec696314d7b583a2b29ee7243d7f6569af85701"}, @mbim={0xc}, @country_functional={0xe, 0x24, 0x7, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0]}, @network_terminal={0x7, 0x24, 0xa, 0x0, 0x0, 0x0, 0x3}, @call_mgmt={0x5}]}], [{}]}}]}}]}}, 0x0)

17:14:14 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[ 1472.544959][ T5150] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[ 1472.834596][ T5150] usb 2-1: Using ep0 maxpacket: 8
17:14:15 executing program 0:
r0 = socket(0x11, 0x800000003, 0x0)
socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r1=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001000)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r1}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}, 0x1, 0xf000}, 0x0)

17:14:15 executing program 4:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

17:14:15 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[ 1472.994884][ T5150] usb 2-1: config 0 has an invalid descriptor of length 1, skipping remainder of the config
[ 1473.037666][ T5150] usb 2-1: config 0 interface 0 altsetting 0 has an invalid endpoint descriptor of length 3, skipping
[ 1473.264810][ T5150] usb 2-1: New USB device found, idVendor=5050, idProduct=0700, bcdDevice= 3.96
[ 1473.273880][ T5150] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
17:14:16 executing program 2:
unshare(0x40000400)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
unshare(0x0)
r0 = syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$IPVS_CMD_NEW_DAEMON(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000840)={0x3c, r0, 0x1, 0x0, 0x0, {}, [@IPVS_CMD_ATTR_DAEMON={0x28, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'sit0\x00'}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}]}]}, 0x3c}}, 0x0)

17:14:16 executing program 0:
r0 = socket(0x11, 0x800000003, 0x0)
socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r1=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001000)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r1}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}, 0x1, 0xf000}, 0x0)

17:14:16 executing program 5:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r0, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r1 = getpid()
process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
ioctl$KVM_GET_NESTED_STATE(0xffffffffffffffff, 0xc080aebe, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

17:14:16 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[ 1473.328746][ T5150] usb 2-1: Product: syz
[ 1473.338731][ T5150] usb 2-1: Manufacturer: syz
[ 1473.357040][ T5150] usb 2-1: SerialNumber: syz
[ 1473.426094][ T5150] usb 2-1: config 0 descriptor??
17:14:16 executing program 0:
r0 = socket(0x11, 0x800000003, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00'})
sendmsg$nl_route(r1, 0x0, 0x0)

[ 1473.521980][ T5150] ftdi_sio 2-1:0.0: FTDI USB Serial Device converter detected
[ 1473.641346][ T5150] ftdi_sio ttyUSB0: unknown device type: 0x396
17:14:16 executing program 0:
r0 = socket(0x11, 0x800000003, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00'})
sendmsg$nl_route(r1, 0x0, 0x0)

[ 1473.752163][ T5148] usb 2-1: USB disconnect, device number 11
17:14:16 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[ 1473.802539][ T5148] ftdi_sio 2-1:0.0: device disconnected
17:14:17 executing program 1:
syz_usb_connect(0x0, 0xfa, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x81, 0x7b, 0xe3, 0x8, 0x5050, 0x700, 0x396, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0xe8, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x62, 0x69, 0xb5, 0x0, [@uac_control={{}, [@extension_unit={0x9, 0x24, 0x8, 0x0, 0x0, 0x0, "036d"}, @selector_unit={0xa, 0x24, 0x5, 0x0, 0x0, "b6e0aa5e9a"}, @extension_unit={0xa, 0x24, 0x8, 0x0, 0x0, 0x0, "f5f588"}, @processing_unit={0xb, 0x24, 0x7, 0x0, 0x0, 0x0, "7799b2d5"}, @selector_unit={0x7, 0x24, 0x5, 0x0, 0x0, "b580"}, @input_terminal={0xc}]}, @cdc_ncm={{0x8, 0x24, 0x6, 0x0, 0x1, "9aafba"}, {0x5}, {0xd}, {0x6}, [@mdlm_detail={0x43, 0x24, 0x13, 0x0, "beb5ff671f22b2878d04ec9d2db718628565dacd872a93f59a47ca6c6234c99ef2261c5c3b27cfb2dfadddfec696314d7b583a2b29ee7243d7f6569af85701"}, @mbim={0xc}, @country_functional={0xe, 0x24, 0x7, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0]}, @network_terminal={0x7, 0x24, 0xa, 0x0, 0x0, 0x0, 0x3}, @call_mgmt={0x5}]}], [{}]}}]}}]}}, 0x0)

17:14:17 executing program 0:
r0 = socket(0x11, 0x800000003, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00'})
sendmsg$nl_route(r1, 0x0, 0x0)

17:14:17 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

17:14:17 executing program 4:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

17:14:17 executing program 0:
r0 = socket(0x11, 0x800000003, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00'})
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0xf000}, 0x0)

[ 1474.795280][ T6331] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[ 1475.084762][ T6331] usb 2-1: Using ep0 maxpacket: 8
17:14:17 executing program 2:
unshare(0x40000400)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$IPVS_CMD_NEW_DAEMON(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000840)={0x3c, r1, 0x1, 0x0, 0x0, {}, [@IPVS_CMD_ATTR_DAEMON={0x28, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'sit0\x00'}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}]}]}, 0x3c}}, 0x0)

17:14:17 executing program 5:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r0, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r1 = getpid()
process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
ioctl$KVM_GET_NESTED_STATE(0xffffffffffffffff, 0xc080aebe, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

17:14:17 executing program 0:
r0 = socket(0x11, 0x800000003, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00'})
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0xf000}, 0x0)

17:14:17 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[ 1475.234859][ T6331] usb 2-1: config 0 has an invalid descriptor of length 1, skipping remainder of the config
[ 1475.279553][ T6331] usb 2-1: config 0 interface 0 altsetting 0 has an invalid endpoint descriptor of length 3, skipping
17:14:18 executing program 0:
r0 = socket(0x11, 0x800000003, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00'})
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0xf000}, 0x0)

[ 1475.535867][ T6331] usb 2-1: New USB device found, idVendor=5050, idProduct=0700, bcdDevice= 3.96
17:14:18 executing program 0:
r0 = socket(0x11, 0x800000003, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00'})
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={0x0}, 0x1, 0xf000}, 0x0)

[ 1475.588633][ T6331] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1475.598803][ T6331] usb 2-1: Product: syz
[ 1475.603241][ T6331] usb 2-1: Manufacturer: syz
[ 1475.613117][ T6331] usb 2-1: SerialNumber: syz
[ 1475.658104][ T6331] usb 2-1: config 0 descriptor??
[ 1475.842653][ T6331] ftdi_sio 2-1:0.0: FTDI USB Serial Device converter detected
17:14:18 executing program 0:
r0 = socket(0x11, 0x800000003, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00'})
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={0x0}, 0x1, 0xf000}, 0x0)

[ 1475.928415][ T6331] ftdi_sio ttyUSB0: unknown device type: 0x396
[ 1476.187424][T10973] usb 2-1: USB disconnect, device number 12
[ 1476.214220][T10973] ftdi_sio 2-1:0.0: device disconnected
17:14:19 executing program 1:
syz_usb_connect(0x0, 0xfa, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x81, 0x7b, 0xe3, 0x8, 0x5050, 0x700, 0x396, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0xe8, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x62, 0x69, 0xb5, 0x0, [@uac_control={{}, [@extension_unit={0x9, 0x24, 0x8, 0x0, 0x0, 0x0, "036d"}, @selector_unit={0xa, 0x24, 0x5, 0x0, 0x0, "b6e0aa5e9a"}, @extension_unit={0xa, 0x24, 0x8, 0x0, 0x0, 0x0, "f5f588"}, @processing_unit={0xb, 0x24, 0x7, 0x0, 0x0, 0x0, "7799b2d5"}, @selector_unit={0x7, 0x24, 0x5, 0x0, 0x0, "b580"}, @input_terminal={0xc}]}, @cdc_ncm={{0x8, 0x24, 0x6, 0x0, 0x1, "9aafba"}, {0x5}, {0xd}, {0x6}, [@mdlm_detail={0x43, 0x24, 0x13, 0x0, "beb5ff671f22b2878d04ec9d2db718628565dacd872a93f59a47ca6c6234c99ef2261c5c3b27cfb2dfadddfec696314d7b583a2b29ee7243d7f6569af85701"}, @mbim={0xc}, @country_functional={0xe, 0x24, 0x7, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0]}, @network_terminal={0x7, 0x24, 0xa, 0x0, 0x0, 0x0, 0x3}, @call_mgmt={0x5}]}], [{}]}}]}}]}}, 0x0)

17:14:19 executing program 4:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

17:14:19 executing program 0:
r0 = socket(0x11, 0x800000003, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00'})
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={0x0}, 0x1, 0xf000}, 0x0)

17:14:19 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, 0x0}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

17:14:19 executing program 5:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r0, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r1 = getpid()
process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
ioctl$KVM_GET_NESTED_STATE(0xffffffffffffffff, 0xc080aebe, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

17:14:19 executing program 2:
unshare(0x40000400)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$IPVS_CMD_NEW_DAEMON(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000840)={0x3c, r1, 0x1, 0x0, 0x0, {}, [@IPVS_CMD_ATTR_DAEMON={0x28, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'sit0\x00'}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}]}]}, 0x3c}}, 0x0)

17:14:19 executing program 0:
r0 = socket(0x11, 0x800000003, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001000)=@bridge_delneigh={0x28, 0x1c, 0x0, 0x0, 0x0, {0x7, 0x0, 0x0, r2}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}, 0x1, 0xf000}, 0x0)

17:14:20 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, 0x0}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[ 1477.324699][ T6331] usb 2-1: new high-speed USB device number 13 using dummy_hcd
17:14:20 executing program 0:
r0 = socket(0x11, 0x800000003, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001000)=@bridge_delneigh={0x28, 0x1c, 0x0, 0x0, 0x0, {0x7, 0x0, 0x0, r2}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}, 0x1, 0xf000}, 0x0)

[ 1477.615361][ T6331] usb 2-1: Using ep0 maxpacket: 8
17:14:20 executing program 0:
r0 = socket(0x11, 0x800000003, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001000)=@bridge_delneigh={0x28, 0x1c, 0x0, 0x0, 0x0, {0x7, 0x0, 0x0, r2}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}, 0x1, 0xf000}, 0x0)

[ 1477.812578][ T6331] usb 2-1: config 0 has an invalid descriptor of length 1, skipping remainder of the config
[ 1477.861380][ T6331] usb 2-1: config 0 interface 0 altsetting 0 has an invalid endpoint descriptor of length 3, skipping
17:14:20 executing program 0:
r0 = socket(0x11, 0x800000003, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001000)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}, 0x1, 0xf000}, 0x0)

[ 1478.086004][ T6331] usb 2-1: New USB device found, idVendor=5050, idProduct=0700, bcdDevice= 3.96
[ 1478.111336][ T6331] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1478.186646][ T6331] usb 2-1: Product: syz
[ 1478.205366][ T6331] usb 2-1: Manufacturer: syz
[ 1478.228670][ T6331] usb 2-1: SerialNumber: syz
[ 1478.267595][ T6331] usb 2-1: config 0 descriptor??
17:14:21 executing program 5:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
ioctl$KVM_GET_NESTED_STATE(0xffffffffffffffff, 0xc080aebe, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

[ 1478.316720][ T6331] ftdi_sio 2-1:0.0: FTDI USB Serial Device converter detected
[ 1478.366470][ T6331] ftdi_sio ttyUSB0: unknown device type: 0x396
[ 1478.667175][ T6331] usb 2-1: USB disconnect, device number 13
[ 1478.696808][ T6331] ftdi_sio 2-1:0.0: device disconnected
17:14:21 executing program 0:
r0 = socket(0x11, 0x800000003, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001000)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}, 0x1, 0xf000}, 0x0)

17:14:21 executing program 4:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r1 = getpid()
process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

17:14:21 executing program 1:
syz_usb_connect(0x0, 0xfa, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x81, 0x7b, 0xe3, 0x8, 0x5050, 0x700, 0x396, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0xe8, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x62, 0x69, 0xb5, 0x0, [@uac_control={{}, [@extension_unit={0x9, 0x24, 0x8, 0x0, 0x0, 0x0, "036d"}, @selector_unit={0xa, 0x24, 0x5, 0x0, 0x0, "b6e0aa5e9a"}, @extension_unit={0xa, 0x24, 0x8, 0x0, 0x0, 0x0, "f5f588"}, @processing_unit={0xb, 0x24, 0x7, 0x0, 0x0, 0x0, "7799b2d5"}, @selector_unit={0x7, 0x24, 0x5, 0x0, 0x0, "b580"}, @input_terminal={0xc}]}, @cdc_ncm={{0x8, 0x24, 0x6, 0x0, 0x1, "9aafba"}, {0x5}, {0xd}, {0x6}, [@mdlm_detail={0x43, 0x24, 0x13, 0x0, "beb5ff671f22b2878d04ec9d2db718628565dacd872a93f59a47ca6c6234c99ef2261c5c3b27cfb2dfadddfec696314d7b583a2b29ee7243d7f6569af85701"}, @mbim={0xc}, @country_functional={0xe, 0x24, 0x7, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0]}, @network_terminal={0x7, 0x24, 0xa, 0x0, 0x0, 0x0, 0x3}, @call_mgmt={0x5}]}], [{}]}}]}}]}}, 0x0)

17:14:21 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, 0x0}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

17:14:21 executing program 2:
unshare(0x40000400)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$IPVS_CMD_NEW_DAEMON(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000840)={0x3c, r1, 0x1, 0x0, 0x0, {}, [@IPVS_CMD_ATTR_DAEMON={0x28, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'sit0\x00'}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}]}]}, 0x3c}}, 0x0)

17:14:22 executing program 0:
r0 = socket(0x11, 0x800000003, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001000)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}, 0x1, 0xf000}, 0x0)

17:14:22 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[ 1479.666216][ T6331] usb 2-1: new high-speed USB device number 14 using dummy_hcd
17:14:22 executing program 0:
r0 = socket(0x11, 0x800000003, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00'})
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001000)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}, 0x1, 0xf000}, 0x0)

[ 1479.964851][ T6331] usb 2-1: Using ep0 maxpacket: 8
[ 1480.125978][ T6331] usb 2-1: config 0 has an invalid descriptor of length 1, skipping remainder of the config
[ 1480.158371][ T6331] usb 2-1: config 0 interface 0 altsetting 0 has an invalid endpoint descriptor of length 3, skipping
17:14:22 executing program 0:
r0 = socket(0x11, 0x800000003, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00'})
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001000)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}, 0x1, 0xf000}, 0x0)

[ 1480.414889][ T6331] usb 2-1: New USB device found, idVendor=5050, idProduct=0700, bcdDevice= 3.96
17:14:23 executing program 5:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
ioctl$KVM_GET_NESTED_STATE(0xffffffffffffffff, 0xc080aebe, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

[ 1480.469998][ T6331] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1480.491650][ T6331] usb 2-1: Product: syz
[ 1480.506109][ T6331] usb 2-1: Manufacturer: syz
17:14:23 executing program 4:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r1 = getpid()
process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[ 1480.530751][ T6331] usb 2-1: SerialNumber: syz
[ 1480.569694][ T6331] usb 2-1: config 0 descriptor??
17:14:23 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

17:14:23 executing program 0:
r0 = socket(0x11, 0x800000003, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00'})
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001000)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}, 0x1, 0xf000}, 0x0)

[ 1480.647424][ T6331] ftdi_sio 2-1:0.0: FTDI USB Serial Device converter detected
[ 1480.693632][ T6331] ftdi_sio ttyUSB0: unknown device type: 0x396
[ 1481.037717][T23775] usb 2-1: USB disconnect, device number 14
[ 1481.055612][T23775] ftdi_sio 2-1:0.0: device disconnected
17:14:23 executing program 0:
r0 = socket(0x11, 0x800000003, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001000)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r2}}, 0x1c}, 0x1, 0xf000}, 0x0)

17:14:24 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

17:14:24 executing program 0:
r0 = socket(0x11, 0x800000003, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001000)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r2}}, 0x1c}, 0x1, 0xf000}, 0x0)

17:14:25 executing program 0:
r0 = socket(0x11, 0x800000003, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001000)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r2}}, 0x1c}, 0x1, 0xf000}, 0x0)

17:14:25 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sysvipc/sem\x00', 0x0, 0x0)
lseek(r0, 0x55, 0x0)

17:14:25 executing program 4:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r1 = getpid()
process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

17:14:25 executing program 5:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
ioctl$KVM_GET_NESTED_STATE(0xffffffffffffffff, 0xc080aebe, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

17:14:25 executing program 2:
unshare(0x40000400)
unshare(0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$IPVS_CMD_NEW_DAEMON(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000840)={0x3c, r1, 0x1, 0x0, 0x0, {}, [@IPVS_CMD_ATTR_DAEMON={0x28, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'sit0\x00'}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}]}]}, 0x3c}}, 0x0)

17:14:25 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

17:14:25 executing program 0:
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000002a80)={&(0x7f0000002900)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x1c, 0x1c, 0x2, [@func_proto={0x0, 0x2, 0x0, 0xd, 0x0, [{}, {}]}]}}, 0x0, 0x36, 0x0, 0x1}, 0x20)

17:14:25 executing program 1:
bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={@map, 0x2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)

17:14:26 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[ 1483.337778][T16477] IPVS: sync thread started: state = MASTER, mcast_ifn = sit0, syncid = 0, id = 0
17:14:26 executing program 0:
bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0xe, 0x0, 0x0, 0x8, 0x0, 0x1}, 0x48)

17:14:26 executing program 1:
syz_clone(0x18009000, 0x0, 0x0, &(0x7f0000000340), 0x0, 0x0)

17:14:26 executing program 0:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff})
recvmsg(r0, &(0x7f0000001600)={0x0, 0x0, 0x0}, 0x40)

17:14:26 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

17:14:26 executing program 0:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
recvmsg(r0, &(0x7f0000002680)={0x0, 0x0, 0x0}, 0x0)

17:14:27 executing program 4:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

17:14:27 executing program 5:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
ioctl$KVM_GET_NESTED_STATE(0xffffffffffffffff, 0xc080aebe, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

[ 1484.815143][ T1223] ieee802154 phy0 wpan0: encryption failed: -22
[ 1484.821492][ T1223] ieee802154 phy1 wpan1: encryption failed: -22
17:14:29 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETIFINDEX(r0, 0x400454da, &(0x7f0000000080))

17:14:29 executing program 1:
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000002c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb010018"], 0x0, 0x3e}, 0x20)

17:14:29 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)

17:14:29 executing program 4:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

17:14:29 executing program 5:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
ioctl$KVM_GET_NESTED_STATE(0xffffffffffffffff, 0xc080aebe, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

17:14:29 executing program 2:
unshare(0x40000400)
unshare(0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$IPVS_CMD_NEW_DAEMON(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000840)={0x3c, r1, 0x1, 0x0, 0x0, {}, [@IPVS_CMD_ATTR_DAEMON={0x28, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'sit0\x00'}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}]}]}, 0x3c}}, 0x0)

17:14:29 executing program 0:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup.net/syz1\x00', 0x200002, 0x0)
close(r0)

17:14:29 executing program 1:
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x6, [@func={0x5}]}, {0x0, [0x0, 0x0, 0x0, 0x0]}}, 0x0, 0x2a}, 0x20)

17:14:29 executing program 0:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup/syz0\x00', 0x200002, 0x0)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000280)={@cgroup=r0, 0x0, 0x0, 0x0, &(0x7f0000000140)=[0x0], 0x1, 0x0, 0x0, 0x0, 0x0}, 0x40)

17:14:29 executing program 1:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
recvmsg(r1, &(0x7f00000024c0)={0x0, 0x0, 0x0}, 0x0)
sendmsg(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="0801000000000000110100000200000074eae41f95a517f42e7febbc18b9ae51a8d6e86922241a9a7291150f70cf853d52eb440de7e63161a70dafa24f8d80b080336cf876b998d96457a5740c3e8e8153eaa3685db058841cd365668770a2c854c9ca1d305c3921646f937618a80a1af015d4be607d901672cbe7d59dc7db88eadb2f3bbf5b59dbf625e10a2878a25c6c4a7eade75ce8b4ab81cf0c1eb56491dd494c6341daf0a6f4adc7ba682cdb0fe79b402bf01a1b8d12cd71c4f7fac52437f6b6b8519ec40208a91ecfa1b6a7ad390ca629355eeca965c39e7e5a8ece370db90aae9ab55fd9db8908c21cbf8795b25aadb8eb712c0ffe4d89816f6336e1afb2cdbd7f000000d8"], 0x1e0}, 0x0)

17:14:29 executing program 0:
bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x1, 0x1, &(0x7f0000000280)=@raw=[@jmp], 0x0}, 0x90)

17:14:29 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)

17:14:29 executing program 1:
bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0x10, 0x0, 0x0, 0x8, 0x0, 0x1}, 0x48)

17:14:29 executing program 0:
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000540)=ANY=[@ANYBLOB="9feb010018000000000000003601"], 0x0, 0x14e}, 0x20)

17:14:29 executing program 1:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup.net/syz1\x00', 0x200002, 0x0)
openat$cgroup_ro(r0, &(0x7f00000000c0)='blkio.bfq.io_service_time\x00', 0x0, 0x0)

17:14:30 executing program 4:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

17:14:30 executing program 0:
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000002cc0)={0x6, 0x39, &(0x7f0000002840)=@ringbuf={{}, {}, {}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, 0x1}}, @map_fd, @ringbuf_output, @ringbuf_query, @snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, 0x1}}, @ldst]}, &(0x7f0000002a40)='syzkaller\x00'}, 0x90)

17:14:30 executing program 2:
unshare(0x40000400)
unshare(0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$IPVS_CMD_NEW_DAEMON(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000840)={0x3c, r1, 0x1, 0x0, 0x0, {}, [@IPVS_CMD_ATTR_DAEMON={0x28, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'sit0\x00'}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}]}]}, 0x3c}}, 0x0)

17:14:30 executing program 1:
socketpair(0x1e, 0x0, 0x3, &(0x7f0000000180))

17:14:30 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)

17:14:30 executing program 5:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
ioctl$KVM_GET_NESTED_STATE(0xffffffffffffffff, 0xc080aebe, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

17:14:30 executing program 1:
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x1d, 0x11, &(0x7f0000000000)=@ringbuf={{}, {}, {}, [@func, @kfunc]}, &(0x7f0000000100)='syzkaller\x00', 0x8}, 0x90)

17:14:30 executing program 0:
openat$tun(0xffffffffffffff9c, &(0x7f0000000c00), 0x80040, 0x0)

17:14:30 executing program 1:
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000ec0)={&(0x7f0000000cc0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@ptr]}}, 0x0, 0x26}, 0x20)

17:14:30 executing program 3:
bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0x16, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x48)

17:14:31 executing program 0:
bpf$BPF_BTF_LOAD(0x1c, 0x0, 0x0)

17:14:31 executing program 1:
r0 = socket$kcm(0x29, 0x5, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x89e2, &(0x7f0000001e80))

17:14:32 executing program 4:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, 0x0)
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

17:14:32 executing program 1:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
readv(r0, &(0x7f0000000000)=[{&(0x7f0000000140)=""/74, 0x4a}], 0x1)
dup2(r1, r0)
sendmmsg(r1, &(0x7f0000000040), 0x10, 0x0)

17:14:32 executing program 3:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000))
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
sendmsg$unix(r0, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000980)=[@rights, @rights], 0x20}, 0x0)

17:14:32 executing program 2:
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
unshare(0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$IPVS_CMD_NEW_DAEMON(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000840)={0x3c, r1, 0x1, 0x0, 0x0, {}, [@IPVS_CMD_ATTR_DAEMON={0x28, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'sit0\x00'}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}]}]}, 0x3c}}, 0x0)

17:14:32 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
sendmsg$unix(r0, &(0x7f0000000cc0)={0x0, 0x0, 0x0}, 0x0)

17:14:32 executing program 5:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
ioctl$KVM_GET_NESTED_STATE(0xffffffffffffffff, 0xc080aebe, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

17:14:32 executing program 0:
pipe(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
close(r0)
read(r1, &(0x7f0000000040)=""/103, 0x67)

17:14:32 executing program 3:
r0 = socket$unix(0x1, 0x2, 0x0)
lseek(r0, 0x0, 0x0)

17:14:32 executing program 1:
bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0x9, 0x0, 0x0, 0x8, 0x0, 0x1}, 0x48)

17:14:32 executing program 3:
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040)={0x0, 0xb003}, 0x4)

17:14:32 executing program 0:
r0 = openat$mice(0xffffffffffffff9c, &(0x7f00000055c0), 0x0)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r0, 0x0, 0x0)

17:14:32 executing program 1:
r0 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000d00), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r1, &(0x7f0000001440)={&(0x7f0000001340), 0xc, &(0x7f0000001400)={&(0x7f0000001380)={0x24, r0, 0x1, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}]}, 0x24}}, 0x0)

17:14:33 executing program 4:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, 0x0)
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

17:14:33 executing program 1:
r0 = syz_open_dev$vcsu(&(0x7f0000000140), 0x3, 0xd42)
write$P9_RREAD(r0, &(0x7f0000000180)={0xb}, 0xb)

17:14:33 executing program 0:
mq_open(0x0, 0x0, 0x0, &(0x7f0000002340))

17:14:34 executing program 2:
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
unshare(0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$IPVS_CMD_NEW_DAEMON(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000840)={0x3c, r1, 0x1, 0x0, 0x0, {}, [@IPVS_CMD_ATTR_DAEMON={0x28, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'sit0\x00'}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}]}]}, 0x3c}}, 0x0)

17:14:34 executing program 3:
r0 = socket$inet6(0xa, 0x6, 0x0)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e20}, 0x1c)
listen(r0, 0x80080400)
r1 = socket$inet_dccp(0x2, 0x6, 0x0)
connect$inet(r1, &(0x7f0000e5c000)={0x2, 0x4e20, @loopback=0x7f000002}, 0x10)
sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0)

17:14:34 executing program 5:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
ioctl$KVM_GET_NESTED_STATE(0xffffffffffffffff, 0xc080aebe, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

17:14:34 executing program 0:
syz_usb_connect$uac1(0x0, 0x71, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x20, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5f, 0x3, 0x1, 0x0, 0x0, 0x0, {{}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x1, 0x9, 0x0, 0x0, 0x3f, 0x0, {0x7}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x82, 0x9, 0x0, 0x0, 0x0, 0x1, {0x7}}}}}}}]}}, 0x0)
syz_usb_connect$uac1(0x0, 0x78, &(0x7f0000000800)={{0x12, 0x1, 0x201, 0x0, 0x0, 0x0, 0x0, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x66, 0x3, 0x1, 0x0, 0x0, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, {{}, [@extension_unit={0x7}]}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x1, 0x9, 0x0, 0x0, 0x0, 0x0, {0x7, 0x25, 0x1, 0x80}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x82, 0x9, 0x0, 0x0, 0x0, 0x0, {0x7}}}}}}}]}}, 0x0)

17:14:34 executing program 1:
r0 = socket$rxrpc(0x21, 0x2, 0x2)
setsockopt$RXRPC_SECURITY_KEY(r0, 0x110, 0x1, &(0x7f0000000000)='\'--\xbd#+\x1c,}+}%{#7\xd8:^&*-.}^*-]\x00', 0x1c)

17:14:34 executing program 1:
r0 = socket$rxrpc(0x21, 0x2, 0x2)
setsockopt$RXRPC_SECURITY_KEY(r0, 0x110, 0x1, &(0x7f0000000000)='\'--\xbd#+\x1c,}+}%{#7\xd8:^&*-.}^*-]\x00', 0x1c)

[ 1491.684787][T10973] usb 1-1: new high-speed USB device number 51 using dummy_hcd
17:14:34 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$nvram(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
syz_kvm_setup_cpu$x86(r3, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)

[ 1491.944601][T10973] usb 1-1: Using ep0 maxpacket: 32
[ 1492.096204][T10973] usb 1-1: config 1 contains an unexpected descriptor of type 0x1, skipping
[ 1492.172995][T10973] usb 1-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
17:14:34 executing program 1:
r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
write$FUSE_ENTRY(r0, &(0x7f0000004240)={0x90, 0x0, 0x0, {0x0, 0x3}}, 0x90)

17:14:34 executing program 3:
syz_emit_ethernet(0x7a, &(0x7f0000000000)={@local, @multicast, @void, {@ipv6={0x86dd, @gre_packet={0x0, 0x6, "9302c4", 0x44, 0x2f, 0x0, @private2, @ipv4={'\x00', '\xff\xff', @local}}}}}, 0x0)

[ 1492.217166][T10973] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1492.415172][T10973] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1492.452673][T10973] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1492.490949][T10973] usb 1-1: Product: syz
[ 1492.509086][T10973] usb 1-1: Manufacturer: syz
[ 1492.523066][T10973] usb 1-1: SerialNumber: syz
[ 1492.822546][T16625] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
17:14:35 executing program 4:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, 0x0)
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

17:14:35 executing program 1:
syz_emit_ethernet(0x52, &(0x7f0000000180)={@local, @dev, @val={@void, {0x4305}}}, 0x0)

17:14:35 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f0000000040)=ANY=[@ANYBLOB="02000000000000000100000000000000000000000000fb"])

17:14:35 executing program 2:
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
unshare(0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$IPVS_CMD_NEW_DAEMON(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000840)={0x3c, r1, 0x1, 0x0, 0x0, {}, [@IPVS_CMD_ATTR_DAEMON={0x28, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'sit0\x00'}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}]}]}, 0x3c}}, 0x0)

[ 1492.903593][T16625] misc raw-gadget: fail, usb_gadget_register_driver returned -16
17:14:35 executing program 1:
syz_emit_ethernet(0x6a, &(0x7f00000001c0)={@local, @dev, @val={@void}, {@ipv4={0x800, @gre={{0x5, 0x4, 0x0, 0x0, 0x58, 0x0, 0x0, 0x0, 0x2f, 0x0, @private, @multicast1}}}}}, 0x0)

[ 1493.014816][T10973] usb 1-1: 0:2 : does not exist
17:14:35 executing program 5:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
ioctl$KVM_GET_NESTED_STATE(0xffffffffffffffff, 0xc080aebe, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

[ 1493.154580][T10973] usb 1-1: USB disconnect, device number 51
17:14:36 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r2, 0x4048aecb, &(0x7f0000000040))
syz_clone3(&(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, &(0x7f00000005c0)=[0x0], 0x1}, 0x58)

17:14:36 executing program 1:
syz_open_dev$vcsu(&(0x7f0000000800), 0x0, 0x30843)

17:14:36 executing program 3:
pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f0000000b80)={0x0, 0x3938700}, 0x0)

17:14:36 executing program 1:
syz_usb_connect$uac1(0x0, 0x7a, &(0x7f0000000040)={{0x12, 0x1, 0x110, 0x0, 0x0, 0x0, 0x20, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x68, 0x3, 0x1, 0x0, 0x0, 0x0, {{}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@format_type_i_continuous={0x9, 0x24, 0x2, 0x1, 0x0, 0x0, 0x0, 0x0, "c4"}]}, {{0x9, 0x5, 0x1, 0x9, 0x0, 0x0, 0x0, 0x0, {0x7}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x82, 0x9, 0x0, 0x3, 0x0, 0x0, {0x7, 0x25, 0x1, 0x0, 0x3}}}}}}}]}}, &(0x7f00000002c0)={0xa, &(0x7f0000000100)={0xa, 0x6, 0x201}, 0x0, 0x0, 0x1, [{0x0, 0x0}]})

17:14:36 executing program 3:
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x1a, 0x0, 0x0)

17:14:36 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r2, 0x4188aea7, &(0x7f0000000080)={0x2, 0x0, [{0xa, 0x0, 0x0, 0x0, 0xd0}, {}]})

[ 1494.075793][T23775] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[ 1494.394826][T23775] usb 2-1: Using ep0 maxpacket: 32
17:14:37 executing program 4:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
getpid()
process_vm_readv(0x0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

17:14:37 executing program 0:
r0 = syz_open_dev$vcsu(&(0x7f0000000800), 0x1f, 0x0)
write$P9_RGETATTR(r0, 0x0, 0x0)

17:14:37 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r2, 0x4188aea7, &(0x7f0000000080)={0x2, 0x0, [{0xa, 0x0, 0x0, 0x0, 0xd0}, {}]})

17:14:37 executing program 5:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
ioctl$KVM_GET_NESTED_STATE(0xffffffffffffffff, 0xc080aebe, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

17:14:37 executing program 2:
unshare(0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
unshare(0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$IPVS_CMD_NEW_DAEMON(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000840)={0x3c, r1, 0x1, 0x0, 0x0, {}, [@IPVS_CMD_ATTR_DAEMON={0x28, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'sit0\x00'}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}]}]}, 0x3c}}, 0x0)

[ 1494.575069][T23775] usb 2-1: config 1 contains an unexpected descriptor of type 0x1, skipping
[ 1494.583812][T23775] usb 2-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[ 1494.632876][T23775] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
17:14:37 executing program 0:
syz_emit_ethernet(0x16, &(0x7f0000000180)={@local, @dev, @val={@void}, {@generic={0x0, "725fd818"}}}, 0x0)

17:14:37 executing program 4:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
getpid()
process_vm_readv(0x0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[ 1494.946120][T23775] usb 2-1: string descriptor 0 read error: -22
[ 1494.970241][T23775] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
17:14:37 executing program 0:
syz_open_dev$vcsu(&(0x7f0000000140), 0x0, 0x0)
mlock2(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1)

[ 1494.993881][T23775] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
17:14:37 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r2, 0x4188aea7, &(0x7f0000000080)={0x2, 0x0, [{0xa, 0x0, 0x0, 0x0, 0xd0}, {}]})

[ 1495.139950][T23775] usb 2-1: 0:2 : does not exist
[ 1495.329170][T23775] usb 2-1: USB disconnect, device number 15
[ 1495.458745][T15500] udevd[15500]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
17:14:38 executing program 1:
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
recvmsg(r0, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00)
gettid()
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000))
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
sendmsg$tipc(r1, &(0x7f0000000240)={0x0, 0x810100, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1, 0x0, 0x0, 0x3}, 0x0)

17:14:38 executing program 0:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000100)={{0x1}})

17:14:38 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r2, 0x4188aea7, &(0x7f0000000080)={0x2, 0x0, [{0xa, 0x0, 0x0, 0x0, 0xd0}, {}]})

17:14:38 executing program 4:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
getpid()
process_vm_readv(0x0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

17:14:39 executing program 0:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000001180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
sendmsg(r0, &(0x7f0000002600)={0xfffffffffffffffc, 0x0, 0x0, 0x0, &(0x7f0000002200)=[{0x10}], 0x10}, 0x0)

17:14:39 executing program 4:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = getpid()
process_vm_readv(r2, 0x0, 0x0, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x5f}], 0x1, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

17:14:39 executing program 5:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
ioctl$KVM_GET_NESTED_STATE(0xffffffffffffffff, 0xc080aebe, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

17:14:39 executing program 2:
unshare(0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
unshare(0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$IPVS_CMD_NEW_DAEMON(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000840)={0x3c, r1, 0x1, 0x0, 0x0, {}, [@IPVS_CMD_ATTR_DAEMON={0x28, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'sit0\x00'}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}]}]}, 0x3c}}, 0x0)

17:14:39 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
sendmsg(r0, &(0x7f00000001c0)={&(0x7f0000000040)=@x25, 0x80, 0x0, 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="c0000000000000000a010000c50400004eb45d9a9c86670d49d36700099b7ca18d0a551838e077afdb7d082d2feff0c06decd8408ac19229230af5b90d9d916dc3435b7d071130a5c6e7e3f5686465dd7a92614c316ce7bc94b0ad0c29d12088af47be3587b22688bcaea3ce157df167b44fead41f0fde71ae01c5dca4d467d4f172281d7f27a05432edd690c34e2cf99fccc9354b5830feb156c57e4fb2af53cf16021064bb4194cb6e43ddacb7ff2fe22d23a01458d6efcded4e8257a072cf6800000000000000110000000600000036e0b0a281218070b03e9ef854d99624baffcdf89bd3123fd8cbfc75ff6c54390a999152d4a05981216cadf2fb91b31b9197b865ff236cb6ee31e4e6b4b642d294877c0408468926c80970feaacc61a67890000000000000400000000000000001"], 0x1388}, 0x0)

17:14:39 executing program 4:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = getpid()
process_vm_readv(r2, 0x0, 0x0, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x5f}], 0x1, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

17:14:39 executing program 3:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000dc0), 0x0, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8924, &(0x7f0000000e00)={'team0\x00', @dev})
r1 = openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup.cpu/syz0\x00', 0x200002, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000dc0), 0x0, 0x0)
ioctl$SIOCSIFHWADDR(r3, 0x8924, &(0x7f0000000e00)={'team0\x00', @dev})
r4 = openat$cgroup_type(0xffffffffffffffff, &(0x7f00000002c0), 0x2, 0x0)
openat$cgroup_int(r1, &(0x7f0000001600)='hugetlb.2MB.rsvd.limit_in_bytes\x00', 0x2, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8924, &(0x7f0000000e00)={'team0\x00', @dev})
r5 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000300), 0x98002, 0x0)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000dc0), 0x0, 0x0)
ioctl$SIOCSIFHWADDR(r6, 0x8924, 0x0)
ioctl$TUNSETDEBUG(0xffffffffffffffff, 0x400454c9, &(0x7f0000001700))
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000003c0)={{0xffffffffffffffff, <r7=>0xffffffffffffffff}, &(0x7f0000000340), &(0x7f0000000380)='%pB    \x00'}, 0x20)
r8 = syz_clone(0x100, &(0x7f0000000400), 0x0, &(0x7f0000000440), 0x0, &(0x7f00000004c0)="ba40b9bf87a61c5e4c61518084bd08c259ca232d589f023c3313e07ab968f74ffd31a18e0de4d47336c0b7de8a52b775d1b47e5bd5eb5350454b54058b86f4f9d2d3e28afd8be70ad9f39fefc3edfcf35b111dc383c959ba9d16ea0cc4867ee5a9ee7aa4b87c2a2473157a067ebde432f1c94cedf8d07d0908ee9720d75c11b5237976ffe398b3debaf8930eb9f576b366ecdb370b199519b46afa2b9795d8f0d16921d8f595509440c3bef87c036efc4bc0eb")
openat$cgroup(0xffffffffffffffff, 0x0, 0x200002, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8924, &(0x7f0000000e00)={'team0\x00', @dev})
sendmsg$unix(0xffffffffffffffff, &(0x7f0000001780)={&(0x7f0000000000)=@abs={0x1, 0x0, 0x4e24}, 0x6e, &(0x7f0000000200)=[{&(0x7f0000000080)="42364684eb5b8f35c3960947558be250282bc8ec87b7af30c9d9f754098eb8b700e2c3cb97a626c2a68968d37e9212a90c0ecc2ade4b7faffd00f165b0536a0cef01c418297d697aa14990ef3bf77e6ab1358e67e7f03111a5fec9958bd7ae75c527ce0524dc7a7b16514cd5e87dea71f4f184bee53211220c4a49dd4994c6c3fe65a604f7ce17bb1e64c53585218e64778e753001bff7c0065afff26f47cf0d0274b7b5d9459e6ef4dc7328f50d4a8f0eaa2c1c2f53f9e6e313b86c53c07252017d100e38a9910d9458c4d63f098057de28601dcfa9288f69e009211e62846b30e0bdc24bb9a8a26420372a", 0xec}, {&(0x7f0000000600)="6f2b7c01cce574ab82a6a89e675185e6397244a131986c5ae580531f1a6033502930814fec54b1c7e88b620c1c1032590c56a2e7378de46788ccbc379269bbfbe39da5e801875a90d8642a64f747cf75e5519ad9dcbaf8bec9970a503a5c131dff8108785723eeb16430197878e9d9e32d9d9018362cc2f16eee5e4a405f7e2c435811fc9cdaae603929ef0acbdbbf5b7e0c9399b8b622000b5273a889dae3e0a86e4248291d2779ce55d852552aeb27684fef168dacf817345d2df9325b10b91d0d85d4c63671f59b0b9676cfe7d48429ce0c6cc990839f0b5ee89473b1b8bb8c5ff1c41cae251cf6a19f96d4dcedd0c6bd09e7ed6c4641f907b09f12930a4e90183309cbf994f16e35e6eb444b17620f30f12400590375066ad89aa77a6f6ee067cedfe9753fdd3b89f110bdb19813bbd1a136d0905a90a14f3973c42b6a9d68256a7e0fd8e80b3aa2f31d3245a73451b4574178449c2366fab45449f348bf30908096ce5b44d5a05d8a3b734f4a005f35c78c63b3b22374fa3a61ce04cb290b59667d9feedcf2ba48e5b253cf18352d261bdc9443007007c291c3885eed69678cd8be770435d2fd0b44d959dc44efcfa9335b72a687a11b18e6c88d4da955d99ede57fd7dde0abc3227c2850a09857f45dc8af8a3b1ed0cec576b5e4dd145791b52ca52fba2a6ab56a8c5de08787bbaf206f6bceac6e03a5b67d51bf56a514755323ae9ad6307475406a20f5962175104d0e9e3119702e54ba80fe05296a770ba5c0d545353e9581a2245ee68ecc26f5d78dc1793074c72934ec84fc631f0f2e431be0579b9e9f982595a9127afd5ce48e22dc9c8808b6f5bd91eb4ccde1760cdb52427ecef1eca0f981ca5ced981317531b12f3ab62a56f37ca59ba69f7430e184b4e1157a9bafd7075671005dd87fae419d0b835565bf7780781b0ecafcd2d30f1c64efd4d9d53126890b57d3d3ba0165b57970c2ff69085c7e366dfa4370d8228a7e6058ebd134915fb16730d6f26ab61483c06f4df91b7c672203374cdd91417865a603ea16fcf723471ea850520db40b8174fcadf81fff319fc1e821eafd3a2f14e364943613adbcff071dd3a1366bc0e6e2c49865754e39fd1f138025d6d9971f5407330d7cc178f7b4d7c0757d26269ed7f35f4840af96f7a62379226122958b3daffeed112922a43d96f8adfccc1f2a4cbbb2f1a9216cee9b7540ee0252ae275eb9efc055461e69cb2fed4851f2b67e2a62f688a2aa4096143db9e8ff551b276e18f1b44804395634ba5b46d21755443ca51cebe84acc82db9ec5fdea2d5075f48e8f07b294b2bec3431cb02a14876100123bd38a856f7c531604633b983310be46625cf443d0ce816d59793864863e3184cde60b965f637d903c3058e756025fb22a95deced0373a396473f96ed6bc65170baca8c07f82348710dc2bcb2c0fb746f9b93cf8580ee4b0b7ca1d58acd59b8580ad1cdb3b0aa95df7727f8d693ec5ec81cb8c38d34307a593c50261d13bd041132065e820c5c8fa50dbc8477821417d9fb5f0068d9e6f21de6b2858de80511dea5955e645180f8fdd4de037b5cd8e530207f74c31c551b3c745bfeb36bfbf609f3a69652671ff729fa8a55f460ad114ba11abe798a882d7ad1761dc6dae2fba8a84021054ff8824ad4078911dcefe269e9e4543dcf331b16c0edf18f619f67ffeebe1d0487e9cdba3ea664e3b74511edc4a6ba62b3e56d4487a95edc76ec6e89c55d899de776ef59e3afeed469bb8cd34a4ed62075fc15510eb71f6f2da57c471a11557eade02370c378215d2c5903eed3cd331cbd75507421242e0459cd1b6af0216bb2ec508282090eda8d70d2e8757b53e7c8da23a804f6128941129ad12e59c47f45ad77a548224077ac6783ebb581017892f3e6e184c5e8fd3c9ed1eef76beb422a64e87900cdba5576cc2e4e654fd0612e64c35e33014b9a01e989227b97855314a50d8d1d99d1e570b8ac6f26e1cfce15cdb49c0e81dcecbfd1dfd305cfbc041df3fccfcf90e39f668aa5e2da89cae25b5919681d1aa0c97bb698ab11748c0b132786972a06e618d3f55d3e5405431ff3a14ad8a24f5dc1ccc66d648a77ff4ac3c407c10bd47cfb1153587b89de55a12f01332c93b705253318341d5b81defbae4e3fd8753fa18c16ce668e7cb2435c815ad211fe7364c0977d3d8cb1277c243ae1eee5a6b7daa75f103e23412a445e689af3362a259f573e60891fb6d634b9de00a3377b0a8487f9771dbd7a8c46b172c9510dfc77b93dd372c904a6700d0970b64c57ff57829bbe3803417a8b3b60d318aff3f5b2933522d0847659370d8421c8fa92c55b0a223dee38513f245b0287451f56b97dbfef092dcccda13d4041ca625d6999bb06447ed3e9b9ce64d024ee04e61aa6721671776b9c74886fd83f33dc42074cfb2e1c2654abd8db80f95f176832c30b76059974dfeb57220a9b958713a874d32c95422269e7a915952678d55bf1729271f243c5f44ef113d9ff5ae117837df0ab301702230a9e074fe60cbad16956a9532120fda626667d2adf47e46b189c5094d84887dc8f1b4157e1ded8204f336d5016a72e4b8ec7f8aeb3d235ef8a5d19da0463b0f9fd6c69f5bc553fda15f4363219e3b59ef354d78bd1b55f62ecc1d174a9165a3c76b7d863b319c6e606c079137586e58b536e41abe6ee4d23ab320cf48d10a5f5b8f9e1ad1ed65e5570ff98d7e45b34d8bf56ab03a3a0a00efa6788f9e56c469d19724eb2b5d335a153e23f82a842d350b2d125a9b70a89d67df6d860d78d4d95b9f1b458d0f694073a751888952ff5af77176050d40df424f5505ced6b7652213f0248f1c8a1634bafa6f6a0195514023cfd78c1a9446cc21bb103761158ce6bd7198adebc4aa3fa8fa0989164bbdd9ace1c12934af9344178836d8f6c05164ad48a6bb04ad2f92f43badbae66951ee541199340a2a5a2efe15b07da4b27fa76b708964e4fd2d3790c1e041f0f478be51748ee38e15aa37fa29b33d7be30b22c2d60171ad863003184eb353635309397b927df4487edfbb5cbbd7853cad49723be949885fa5f893059d5579c4bcb713f156fc02666ecd7018cec0a2d6fddc2429639d2f1b5266a011ce6df4227c8df1f91bff24bbc268972094339b21e668ae6923d6c511a8a2339ca63a96b95fa6dc21c1338c1ed02cf9e99ffd012aac31e3df0b64bcb536b53138baece1ccc64941efee04f89339313c0a549520cf498390dcc0b5258e6974942ecc22329f788c45ae06f89630df026f5f1cc9bb6ad8b108973a99d0be26261770473f96328e0e501a206950755c1e6a19426d770e098fef69e56aec9b987f1946273dcfa2e112c4977dad285a920fa66e6fcc94436017a86831e88c445ac2c0cc64bee5508abd6d8829a9ae662ccde28cde5801d8ecd1d12a30a8fb123600e4ae9290d9f0ae91015eba7435c58303f038d73af6c0ffcc56e9b7f657c7b96b6ed05b32e1411157cb5a76db5b4b7148956c2ee6b786881f545c76a13a565830c90428266bf4903e1de54d3d9534f57bdce6bc768367c4be026cc0db047984b58309e32d7b46def9bdd84abc9ef6c036a4d7b04a8b37912f1ad813d92f55c793477a2e4cc0a5fd7e8ebdee1a51953706dc749b5230aa7352e8e5ca4b85a69a1f7517b1a4520e6a32a87a0d3fa6109d69756c7615164d97b022403eaf85db8b90d86489ad6f0c6049b3be40728580e165a1d5575f9ee52ec8d035302b99ed04d1b7a078f9e2e00039c489295a1d3cd79ed948023db5a6a2ef6bb62fe4ad5b96bec11d3a983e6b29da25e3c464b3256c65fefa5f10358c7056fd72e71f5832f3ba93b219192aeb38be1dcb779b856c72f066978399adc44c3419a25ce889e17c7461e320824a0b8fc19be7d96beab835138c84dcae62183d0279072ed59d3a2c8981793b363a401fd7af5868c2417346f4cd52c9850479230322217679d8f05c60477344a56d07c5822835d73895f1be5fb4dcaeca6ea70dabe7b293b42cfa386aa382af310c8f514f74a919576955d294091414b3cfff404d11b4decaf5ddc5cea12f5957e2dc96d89f10453743be0dc79b2dfaa97cb88ff02674746601eef576936ef889fe17727477d62ec65c78ef7431d46a3464ba9109d0fe23f9184462ee0f2188986f44b5f2098c1f80590a7a00d8048bb1a747fb18440a4db0ff4ba586ab26372eb2179e34ee7a1f1079ea429929037eae5c8b02e1264eb304dfdf2f32bdcb5669e93882b9bc424b0a4eb5ae5e003f3b215a36dc61eccb90d47d21b91ac11f15b59e11aa3f61347b649b203e1dc258b431f73a0c75c0674fc08afbdfb5c42884abc616d0ee5d99fcd2c44939f1cc7659fc2bf62619de9fd7118fed218763dd021abefee52b9135f029e82175145060f83399d04d53bc34851dd1ed0b559eec4290faaef9fe265c707cc0b5136aa6517ae48f740cb1b1b3ea748d0a525442c979ba4e7a361eae158fc5fc38f5d1ea2ec1283472695a5a4222b46cf698648be279bd42ceed3a83de3ec90ab6add75b86379ee606f4d733483ca55be59a526461b1fbbd0891aed7857dd330e0b1465c0385d514e1e06f6a1ea5b9fe7dbcfa39a1fc618f5dc4c76b50a9d141b67e097abf080c108b27ee70ec27f966e474707c3ad8798c83110244b03043faea86b81420304b410e68a7b14953d4968edad2d0dc71df1d30f92a413802d42dfceb454d47c13270124aea90b98185b441bd9ad4edf8a308bab8c101b80bc1cac501ae0c3f8b6532fc015f33c00a8d6315abf78e8c973373b8a7fdac25f6c79118e1d8a8687246091db11c1f9dd5486c1d165bdeebf6e7eb54f635e689ec7f654b690731f193e7615c251ed142c9bbbf34a298549960cdb785c1de0473998b0a3e8ba179a09648bc831cffef61a833a6d0854e07b4de197b7cdf94e7787f7f6469ac357f5f0a2db34df9b7224beb7ec2255644b4558c84ed8655574598e40132eef2eecea3d5601c216695c68e49c215a3a58e2b03587851c57e307a8f6c8103e0e54c7408ec80c1879c550d9260308f9f7132de4c4fe362e0425622d159ccbed92704d54f8bce6a1f111f78f53de1b45d2ea811a4b1ab6af3cc072ddcc4d03b639fbed9100e52dae41ba48d928c88e283dfc2ce22f52977dd3b6394ae24a5aea2336d5043bd8e6d802e6865fbe581c270cea6002d13395dda0b0eb51b709a91a50ee3d238e722de126ed5d5bd9b7b6d87d2cce4330b51e64787b753c16bb2dc3549f3f94dccfa9d05d97e128a916a791594298ebc3090f7b581435b60de68e8ba3b2ba082996d8d882d9047d2ec0d89b6beeffff91a59a8ea6ba8cdb111e7b6b7f74173767dc1f656e1af99674c50f8ca527dd14760182f095cea7404575478c27b001462a23e7e459cb179b634c8669d3349ae2603a988533674da8a65911140e6cd35642164c4434fad74c78b584a7bd361a5d2b01a2b2fe77c7022c67e983267a96819b1c13791e23cf454d52bb5afd31bf9b28a9bd6ebe75f55bed68673683cf4e3fe6d3738df84edace783bb348874034ac122dabe66aa6fa168cf137daeb61beec25f844ba7c49cc837a124db4f40e3d0cadcefdc96d4708de07e65406e35df0c6f993e4de8a7ba775e4fcfc7882cd87f908040b3450385a3095122825bed3c9100033aada8d2a1e131a84a86ff161916976985c184bd141934515258f3beefe092e07cb5ce083cea966dd01c59504bdad4433546b835e62233f3578f836bcc1d67901d9c", 0x1000}, {&(0x7f0000000180)="4b1c37fe25fd1083b5f27c1dbb5dda842af836983113d3b3a9b954b6f7810b59c0c60827b768859b22c2e90feb199a954559c9bd463c69a2047b33cc3b92c5ad0abae4dc223dc092acc192", 0x4b}], 0x3, &(0x7f0000001840)=ANY=[@ANYBLOB="1c00ff0e00f40000010000000100000070aa736184a69310291bf3e3553d5213d2be3cf3e0af538e14bc89a8eaf5c997d6be00f512aaf7dfb9208c75107c48c82828604900b3e4d6ec85fe0f115e11f49a2331d907835183fde9091e02520d5a6714d61e0bb3155f2d4587db52fd748915b4aa2c68302eeffcb86b7ae26b78bbfab956cbe32b67efa07ad88ce3ac5b1ebd623284389f6b51944b0e98b2c40b4a1726b157ac428273b317352eb0e086463adeee24aea692d345d3dc05f563a00e6f8b3d38fe145c", @ANYRES32=r0, @ANYRES32, @ANYRES32, @ANYRES32=0x0, @ANYRES64, @ANYRES32, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0xee01, @ANYRES32, @ANYBLOB="0000000024000000000000000100000001000000", @ANYRES32, @ANYRES32=r1, @ANYRES32, @ANYRES32, @ANYRES32=r2, @ANYRES16=r3, @ANYRES32, @ANYRES16=r6, @ANYRES32, @ANYRES32=r4, @ANYRES32, @ANYRES32, @ANYRESOCT, @ANYRES32, @ANYRES32, @ANYRES64=r5, @ANYRES32, @ANYRES32=r5, @ANYRES32, @ANYRES32, @ANYRES32=r6, @ANYRES32=r7, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRESOCT, @ANYRES32=0xee01, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32, @ANYRES32, @ANYRES32=0xee00, @ANYBLOB="000018000800226bf0dea9d07806a6dd65795f582600000000e3ffffffffffffff00008ee84ef67153ff656d0957940f77", @ANYRES32=r8, @ANYRES32=0xee01, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00'], 0x158, 0x8014}, 0x4040080)

17:14:40 executing program 0:
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000005c0)={<r0=>0xffffffffffffffff})
sendmsg(r0, &(0x7f0000002780)={0x0, 0x0, 0x0, 0x0, &(0x7f00000027c0)=ANY=[@ANYBLOB="1010"], 0x1010}, 0x0)

17:14:40 executing program 1:
openat$zero(0xffffffffffffff9c, &(0x7f0000000540), 0x101001, 0x0)

17:14:40 executing program 3:
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000))
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000001400))

17:14:40 executing program 0:
openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000540), 0x200000, 0x0)

17:14:40 executing program 1:
sendmsg$TIPC_CMD_SET_NODE_ADDR(0xffffffffffffffff, 0x0, 0x0)

17:14:40 executing program 3:
r0 = syz_usb_connect$printer(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="1201000000000020f003176c400000000001090224f80000000000090400000207010300090501020000000000090582020002"], 0x0)
syz_usb_disconnect(r0)
r1 = syz_usb_connect(0x0, 0x4a, &(0x7f0000000000)=ANY=[], 0x0)
syz_usb_control_io(r1, 0x0, 0x0)
syz_usb_ep_write$ath9k_ep1(r1, 0x82, 0x88, &(0x7f00000001c0)=ANY=[])
r2 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
read$char_usb(r2, 0x0, 0x0)

17:14:40 executing program 1:
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0x8000000)
syz_io_uring_setup(0x4777, &(0x7f0000000000), &(0x7f0000000080)=<r0=>0x0, &(0x7f00000000c0)=<r1=>0x0)
recvmsg$can_bcm(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000100)=@tipc, 0x80, 0x0, 0x0, &(0x7f00000002c0)=""/186, 0xba}, 0x0)
mmap$snddsp(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000440)=[@text64={0x40, 0x0}], 0x1, 0x25, &(0x7f0000000480), 0x0)
accept4$bt_l2cap(0xffffffffffffffff, &(0x7f00000004c0), 0x0, 0x800)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
socketpair(0x15, 0x0, 0x0, &(0x7f0000000740))
r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000800)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
ioctl$DRM_IOCTL_MODE_GET_LEASE(0xffffffffffffffff, 0xc01064c8, 0x0)
ioctl$DRM_IOCTL_MODE_GETPLANE(r2, 0xc02064b6, &(0x7f00000009c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_io_uring_setup(0x26d1, &(0x7f0000000a00)={0x0, 0x99fa, 0x0, 0x0, 0xf7}, &(0x7f0000000a80), &(0x7f0000000ac0)=<r3=>0x0)
syz_io_uring_submit(r0, r3, &(0x7f0000000b40)=@IORING_OP_OPENAT={0x12, 0x58, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f0000000b00)='./file0\x00', 0x84, 0x0, 0x23456})
openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000b80), 0x841, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
syz_io_uring_submit(r0, r1, &(0x7f0000000d40)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x0, 0x1})
syz_genetlink_get_family_id$nl80211(&(0x7f0000000d80), 0xffffffffffffffff)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000dc0), 0xffffffffffffffff)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)

17:14:40 executing program 5:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
ioctl$KVM_GET_NESTED_STATE(0xffffffffffffffff, 0xc080aebe, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

[ 1498.244957][ T5147] usb 4-1: new high-speed USB device number 72 using dummy_hcd
[ 1498.496354][ T5147] usb 4-1: Using ep0 maxpacket: 32
17:14:41 executing program 4:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = getpid()
process_vm_readv(r2, 0x0, 0x0, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x5f}], 0x1, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

17:14:41 executing program 0:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000980)={0x1, &(0x7f0000000940)=[{}]})

17:14:41 executing program 1:
sendmsg$TIPC_CMD_SHOW_PORTS(0xffffffffffffffff, 0x0, 0x4000001)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000800)={'wlan1\x00'})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000980)={0x1, &(0x7f0000000940)=[{0x9}]})
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)

17:14:41 executing program 2:
unshare(0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
unshare(0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$IPVS_CMD_NEW_DAEMON(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000840)={0x3c, r1, 0x1, 0x0, 0x0, {}, [@IPVS_CMD_ATTR_DAEMON={0x28, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'sit0\x00'}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}]}]}, 0x3c}}, 0x0)

17:14:41 executing program 1:
syz_io_uring_submit(0x0, 0x0, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000d80), 0xffffffffffffffff)

[ 1498.634660][ T5147] usb 4-1: config index 0 descriptor too short (expected 63524, got 36)
[ 1498.661940][ T5147] usb 4-1: config 0 has an invalid interface number: 0 but max is -1
17:14:41 executing program 0:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000980)={0x1, &(0x7f0000000940)=[{0x9}]})

[ 1498.708241][ T5147] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 0
[ 1498.778793][ T5147] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[ 1498.833967][ T5147] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
17:14:41 executing program 1:
r0 = openat$vimc2(0xffffffffffffff9c, &(0x7f0000000280), 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000000)={0x0, 0x1000, 0x0, {0xa, @raw_data="eea1cb0dbea63b66127fcc86f0ad411a4df045033161e79537a42195319185343d1750dd44f3d91546735d231f48ca51a9cd7b16447428a7c704bc7dcfb0776bba249e86ae43a33fae12911a3e938d0fcdd53e119f039707e099553e16de4fc35c5939baedae754aa6ad287638b500312c54dfa543b997404371f2e16d3861c643dc8066f36e3e109799889a6839fb6469c251b165b33a982aed2be57216877e01f28dfb256d43b7d9c52529f217f4474f0b75d5e29e722684416055736bac64e1e8c48a864b4fda"}})

[ 1498.896942][ T5147] usb 4-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
17:14:41 executing program 4:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x36}], 0x1, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x5f}], 0x1, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

[ 1498.978826][ T5147] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
17:14:41 executing program 0:
openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000b80), 0x0, 0x0)

[ 1499.046155][ T5147] usb 4-1: config 0 descriptor??
[ 1499.402545][ T5147] usblp 4-1:0.0: usblp0: USB Bidirectional printer dev 72 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[ 1499.465262][ T5147] usb 4-1: USB disconnect, device number 72
[ 1499.506274][ T5147] usblp0: removed
[ 1499.994732][ T5147] usb 4-1: new high-speed USB device number 73 using dummy_hcd
[ 1500.244770][ T5147] usb 4-1: Using ep0 maxpacket: 32
[ 1500.364827][ T5147] usb 4-1: config index 0 descriptor too short (expected 63524, got 36)
[ 1500.373237][ T5147] usb 4-1: config 0 has an invalid interface number: 0 but max is -1
[ 1500.382820][ T5147] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 0
[ 1500.392709][ T5147] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[ 1500.402591][ T5147] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[ 1500.412582][ T5147] usb 4-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[ 1500.421925][ T5147] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1500.432965][ T5147] usb 4-1: config 0 descriptor??
[ 1500.695993][ T5147] usblp 4-1:0.0: usblp0: USB Bidirectional printer dev 73 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[ 1501.264161][ T6331] usb 4-1: USB disconnect, device number 73
[ 1501.276501][ T6331] usblp0: removed
17:14:44 executing program 1:
r0 = openat$vimc2(0xffffffffffffff9c, &(0x7f0000000280), 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000000)={0x0, 0x1000, 0x0, {0xa, @raw_data="eea1cb0dbea63b66127fcc86f0ad411a4df045033161e79537a42195319185343d1750dd44f3d91546735d231f48ca51a9cd7b16447428a7c704bc7dcfb0776bba249e86ae43a33fae12911a3e938d0fcdd53e119f039707e099553e16de4fc35c5939baedae754aa6ad287638b500312c54dfa543b997404371f2e16d3861c643dc8066f36e3e109799889a6839fb6469c251b165b33a982aed2be57216877e01f28dfb256d43b7d9c52529f217f4474f0b75d5e29e722684416055736bac64e1e8c48a864b4fda"}})

17:14:44 executing program 3:
r0 = syz_usb_connect$printer(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="1201000000000020f003176c400000000001090224f80000000000090400000207010300090501020000000000090582020002"], 0x0)
syz_usb_disconnect(r0)
r1 = syz_usb_connect(0x0, 0x4a, &(0x7f0000000000)=ANY=[], 0x0)
syz_usb_control_io(r1, 0x0, 0x0)
syz_usb_ep_write$ath9k_ep1(r1, 0x82, 0x88, &(0x7f00000001c0)=ANY=[])
r2 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
read$char_usb(r2, 0x0, 0x0)

17:14:44 executing program 0:
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOW_IOVAS(r0, 0x3b82, &(0x7f0000000080)={0x18, 0x0, 0x0, 0x0, 0x0})

17:14:44 executing program 4:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x36}], 0x1, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x5f}], 0x1, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

17:14:44 executing program 5:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r1, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
ioctl$KVM_GET_NESTED_STATE(0xffffffffffffffff, 0xc080aebe, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

17:14:44 executing program 2:
unshare(0x40000400)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0)
unshare(0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$IPVS_CMD_NEW_DAEMON(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000840)={0x3c, r1, 0x1, 0x0, 0x0, {}, [@IPVS_CMD_ATTR_DAEMON={0x28, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'sit0\x00'}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}]}]}, 0x3c}}, 0x0)

17:14:44 executing program 1:
r0 = openat$vimc2(0xffffffffffffff9c, &(0x7f0000000280), 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000000)={0x0, 0x1000, 0x0, {0xa, @raw_data="eea1cb0dbea63b66127fcc86f0ad411a4df045033161e79537a42195319185343d1750dd44f3d91546735d231f48ca51a9cd7b16447428a7c704bc7dcfb0776bba249e86ae43a33fae12911a3e938d0fcdd53e119f039707e099553e16de4fc35c5939baedae754aa6ad287638b500312c54dfa543b997404371f2e16d3861c643dc8066f36e3e109799889a6839fb6469c251b165b33a982aed2be57216877e01f28dfb256d43b7d9c52529f217f4474f0b75d5e29e722684416055736bac64e1e8c48a864b4fda"}})

17:14:44 executing program 0:
r0 = syz_usb_connect$printer(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="1201000000000020f003176c400000000001090224f80000000000090400000207010300090501020000000000090582020002"], 0x0)
syz_usb_disconnect(r0)
r1 = syz_usb_connect(0x0, 0x4a, &(0x7f0000000000)=ANY=[], 0x0)
syz_usb_control_io(r1, 0x0, 0x0)
syz_usb_ep_write$ath9k_ep1(r1, 0x82, 0x88, &(0x7f00000001c0)=ANY=[])
r2 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
read$char_usb(r2, 0x0, 0x0)

17:14:44 executing program 1:
r0 = socket$inet(0x2, 0x0, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f00000000c0), 0x4)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x0, @local}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
mount(0x0, 0x0, &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000280), 0xc, 0x0, 0x1, 0x0, 0x0, 0x8800}, 0x1)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
pipe2(&(0x7f0000000c00), 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r5 = dup(r4)
write$6lowpan_enable(r5, &(0x7f0000000000)='0', 0xfffffd2c)
r6 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000200)="c4c2499ca100000000660f38814f5766b840000f00d8c4e1b0145d09c4e17a70d700640f01c9b805000000b9100000000f01d966ba410066ed360f01cbb9470800000f32", 0x44}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
connect$inet(r1, &(0x7f0000000040)={0x2, 0x0, @local}, 0x10)

[ 1502.146766][ T5147] usb 4-1: new high-speed USB device number 74 using dummy_hcd
17:14:45 executing program 4:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x36}], 0x1, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x5f}], 0x1, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

17:14:45 executing program 2:
unshare(0x40000400)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0)
unshare(0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$IPVS_CMD_NEW_DAEMON(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000840)={0x3c, r1, 0x1, 0x0, 0x0, {}, [@IPVS_CMD_ATTR_DAEMON={0x28, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'sit0\x00'}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}]}]}, 0x3c}}, 0x0)

[ 1502.345511][ T6331] usb 1-1: new high-speed USB device number 52 using dummy_hcd
[ 1502.496600][ T5147] usb 4-1: Using ep0 maxpacket: 32
[ 1502.694871][ T6331] usb 1-1: Using ep0 maxpacket: 32
[ 1502.694949][ T5147] usb 4-1: config index 0 descriptor too short (expected 63524, got 36)
[ 1502.711093][ T5147] usb 4-1: config 0 has an invalid interface number: 0 but max is -1
[ 1502.722243][ T5147] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 0
[ 1502.731628][ T5147] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
17:14:45 executing program 4:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x36}, {0x0}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x5f}], 0x1, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

[ 1502.741590][ T5147] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[ 1502.755490][ T5147] usb 4-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[ 1502.776582][ T5147] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1502.811874][ T5147] usb 4-1: config 0 descriptor??
[ 1502.855152][ T6331] usb 1-1: config index 0 descriptor too short (expected 63524, got 36)
[ 1502.870488][ T6331] usb 1-1: config 0 has an invalid interface number: 0 but max is -1
[ 1502.885881][ T6331] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 0
[ 1502.895555][ T6331] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[ 1502.905526][ T6331] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[ 1502.915570][ T6331] usb 1-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[ 1502.925505][ T6331] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1502.937127][ T6331] usb 1-1: config 0 descriptor??
17:14:45 executing program 2:
unshare(0x40000400)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0)
unshare(0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$IPVS_CMD_NEW_DAEMON(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000840)={0x3c, r1, 0x1, 0x0, 0x0, {}, [@IPVS_CMD_ATTR_DAEMON={0x28, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'sit0\x00'}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}]}]}, 0x3c}}, 0x0)

[ 1503.157914][ T5147] usblp 4-1:0.0: usblp0: USB Bidirectional printer dev 74 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[ 1503.251308][ T6331] usblp 1-1:0.0: usblp1: USB Bidirectional printer dev 52 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[ 1503.302535][ T5147] usb 4-1: USB disconnect, device number 74
[ 1503.311755][ T6331] usb 1-1: USB disconnect, device number 52
[ 1503.331796][ T5147] usblp0: removed
[ 1503.381827][ T6331] usblp1: removed
[ 1503.754772][ T5147] usb 4-1: new high-speed USB device number 75 using dummy_hcd
[ 1503.904756][ T6331] usb 1-1: new high-speed USB device number 53 using dummy_hcd
[ 1504.009541][ T5147] usb 4-1: Using ep0 maxpacket: 32
[ 1504.144624][ T5147] usb 4-1: config index 0 descriptor too short (expected 63524, got 36)
[ 1504.154950][ T5147] usb 4-1: config 0 has an invalid interface number: 0 but max is -1
[ 1504.163061][ T5147] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 0
[ 1504.172147][ T5147] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[ 1504.174892][ T6331] usb 1-1: Using ep0 maxpacket: 32
[ 1504.181954][ T5147] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[ 1504.196779][ T5147] usb 4-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[ 1504.205926][ T5147] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1504.217266][ T5147] usb 4-1: config 0 descriptor??
[ 1504.335487][ T6331] usb 1-1: config index 0 descriptor too short (expected 63524, got 36)
[ 1504.347035][ T6331] usb 1-1: config 0 has an invalid interface number: 0 but max is -1
[ 1504.358273][ T6331] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 0
[ 1504.367501][ T6331] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[ 1504.377459][ T6331] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[ 1504.387325][ T6331] usb 1-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[ 1504.396528][ T6331] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1504.416454][ T6331] usb 1-1: config 0 descriptor??
[ 1504.487782][ T5147] usblp 4-1:0.0: usblp0: USB Bidirectional printer dev 75 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[ 1504.739075][ T6331] usblp 1-1:0.0: usblp1: USB Bidirectional printer dev 53 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[ 1505.045415][ T6331] usb 4-1: USB disconnect, device number 75
[ 1505.073277][ T6331] usblp0: removed
17:14:48 executing program 3:
r0 = syz_usb_connect$printer(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="1201000000000020f003176c400000000001090224f80000000000090400000207010300090501020000000000090582020002"], 0x0)
syz_usb_disconnect(r0)
r1 = syz_usb_connect(0x0, 0x4a, &(0x7f0000000000)=ANY=[], 0x0)
syz_usb_control_io(r1, 0x0, 0x0)
syz_usb_ep_write$ath9k_ep1(r1, 0x82, 0x88, &(0x7f00000001c0)=ANY=[])
r2 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
read$char_usb(r2, 0x0, 0x0)

17:14:48 executing program 5:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r1, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
ioctl$KVM_GET_NESTED_STATE(0xffffffffffffffff, 0xc080aebe, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

17:14:48 executing program 1:
r0 = socket$inet(0x2, 0x0, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f00000000c0), 0x4)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x0, @local}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
mount(0x0, 0x0, &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000280), 0xc, 0x0, 0x1, 0x0, 0x0, 0x8800}, 0x1)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
pipe2(&(0x7f0000000c00), 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r5 = dup(r4)
write$6lowpan_enable(r5, &(0x7f0000000000)='0', 0xfffffd2c)
r6 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000200)="c4c2499ca100000000660f38814f5766b840000f00d8c4e1b0145d09c4e17a70d700640f01c9b805000000b9100000000f01d966ba410066ed360f01cbb9470800000f32", 0x44}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
connect$inet(r1, &(0x7f0000000040)={0x2, 0x0, @local}, 0x10)

17:14:48 executing program 4:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x36}, {0x0}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x5f}], 0x1, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

17:14:48 executing program 2:
unshare(0x40000400)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x10, 0xffffffffffffffff, 0x0)
unshare(0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$IPVS_CMD_NEW_DAEMON(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000840)={0x3c, r1, 0x1, 0x0, 0x0, {}, [@IPVS_CMD_ATTR_DAEMON={0x28, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'sit0\x00'}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}]}]}, 0x3c}}, 0x0)

17:14:48 executing program 0:
r0 = syz_usb_connect$printer(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="1201000000000020f003176c400000000001090224f80000000000090400000207010300090501020000000000090582020002"], 0x0)
syz_usb_disconnect(r0)
r1 = syz_usb_connect(0x0, 0x4a, &(0x7f0000000000)=ANY=[], 0x0)
syz_usb_control_io(r1, 0x0, 0x0)
syz_usb_ep_write$ath9k_ep1(r1, 0x82, 0x88, &(0x7f00000001c0)=ANY=[])
r2 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
read$char_usb(r2, 0x0, 0x0)

[ 1506.126507][ T5107] usb 1-1: USB disconnect, device number 53
[ 1506.143589][ T5107] usblp1: removed
17:14:48 executing program 4:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x36}, {0x0}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x5f}], 0x1, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

[ 1506.264635][ T6331] usb 4-1: new high-speed USB device number 76 using dummy_hcd
17:14:49 executing program 2:
unshare(0x40000400)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x10, 0xffffffffffffffff, 0x0)
unshare(0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$IPVS_CMD_NEW_DAEMON(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000840)={0x3c, r1, 0x1, 0x0, 0x0, {}, [@IPVS_CMD_ATTR_DAEMON={0x28, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'sit0\x00'}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}]}]}, 0x3c}}, 0x0)

[ 1506.544651][ T6331] usb 4-1: Using ep0 maxpacket: 32
[ 1506.695194][ T6331] usb 4-1: config index 0 descriptor too short (expected 63524, got 36)
[ 1506.704644][ T5107] usb 1-1: new high-speed USB device number 54 using dummy_hcd
17:14:49 executing program 1:
r0 = socket$inet(0x2, 0x0, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f00000000c0), 0x4)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x0, @local}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
mount(0x0, 0x0, &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000280), 0xc, 0x0, 0x1, 0x0, 0x0, 0x8800}, 0x1)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
pipe2(&(0x7f0000000c00), 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r5 = dup(r4)
write$6lowpan_enable(r5, &(0x7f0000000000)='0', 0xfffffd2c)
r6 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000200)="c4c2499ca100000000660f38814f5766b840000f00d8c4e1b0145d09c4e17a70d700640f01c9b805000000b9100000000f01d966ba410066ed360f01cbb9470800000f32", 0x44}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
connect$inet(r1, &(0x7f0000000040)={0x2, 0x0, @local}, 0x10)

[ 1506.777788][ T6331] usb 4-1: config 0 has an invalid interface number: 0 but max is -1
[ 1506.891253][ T6331] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 0
[ 1506.928148][ T6331] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
17:14:49 executing program 5:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r1, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
ioctl$KVM_GET_NESTED_STATE(0xffffffffffffffff, 0xc080aebe, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

[ 1506.954249][ T6331] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[ 1506.975774][ T5107] usb 1-1: Using ep0 maxpacket: 32
[ 1506.998171][ T6331] usb 4-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[ 1507.023577][ T6331] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1507.063664][ T6331] usb 4-1: config 0 descriptor??
17:14:49 executing program 4:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000006180)=""/152, 0x98}], 0x1, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x5f}], 0x1, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

[ 1507.123181][ T5107] usb 1-1: config index 0 descriptor too short (expected 63524, got 36)
[ 1507.163050][ T5107] usb 1-1: config 0 has an invalid interface number: 0 but max is -1
[ 1507.191032][ T5107] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 0
[ 1507.218120][ T5107] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[ 1507.268204][ T5107] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[ 1507.300115][ T5107] usb 1-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[ 1507.333712][ T5107] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1507.436510][ T5107] usb 1-1: config 0 descriptor??
[ 1507.466373][ T6331] usblp 4-1:0.0: usblp0: USB Bidirectional printer dev 76 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
17:14:50 executing program 2:
unshare(0x40000400)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x10, 0xffffffffffffffff, 0x0)
unshare(0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$IPVS_CMD_NEW_DAEMON(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000840)={0x3c, r1, 0x1, 0x0, 0x0, {}, [@IPVS_CMD_ATTR_DAEMON={0x28, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'sit0\x00'}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}]}]}, 0x3c}}, 0x0)

[ 1507.645389][ T6331] usb 4-1: USB disconnect, device number 76
[ 1507.684382][ T6331] usblp0: removed
[ 1507.832882][ T5107] usblp 1-1:0.0: usblp0: USB Bidirectional printer dev 54 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[ 1508.270198][ T5107] usb 1-1: USB disconnect, device number 54
[ 1508.276304][T10973] usb 4-1: new high-speed USB device number 77 using dummy_hcd
[ 1508.377403][ T5107] usblp0: removed
[ 1508.605439][T10973] usb 4-1: Using ep0 maxpacket: 32
[ 1508.724781][T10973] usb 4-1: config index 0 descriptor too short (expected 63524, got 36)
[ 1508.733166][T10973] usb 4-1: config 0 has an invalid interface number: 0 but max is -1
[ 1508.743583][T10973] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 0
[ 1508.754910][ T5107] usb 1-1: new high-speed USB device number 55 using dummy_hcd
[ 1508.772612][T10973] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[ 1508.782791][T10973] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[ 1508.800685][T10973] usb 4-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[ 1508.814408][T10973] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1508.835419][T10973] usb 4-1: config 0 descriptor??
17:14:51 executing program 1:
r0 = socket$inet(0x2, 0x0, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f00000000c0), 0x4)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x0, @local}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
mount(0x0, 0x0, &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000280), 0xc, 0x0, 0x1, 0x0, 0x0, 0x8800}, 0x1)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
pipe2(&(0x7f0000000c00), 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r5 = dup(r4)
write$6lowpan_enable(r5, &(0x7f0000000000)='0', 0xfffffd2c)
r6 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000200)="c4c2499ca100000000660f38814f5766b840000f00d8c4e1b0145d09c4e17a70d700640f01c9b805000000b9100000000f01d966ba410066ed360f01cbb9470800000f32", 0x44}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
connect$inet(r1, &(0x7f0000000040)={0x2, 0x0, @local}, 0x10)

17:14:51 executing program 4:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000006180)=""/152, 0x98}], 0x1, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x5f}], 0x1, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

17:14:51 executing program 3:
r0 = socket$inet(0x2, 0x0, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f00000000c0), 0x4)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x0, @local}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
mount(0x0, 0x0, &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000280), 0xc, 0x0, 0x1, 0x0, 0x0, 0x8800}, 0x1)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
pipe2(&(0x7f0000000c00), 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r5 = dup(r4)
write$6lowpan_enable(r5, &(0x7f0000000000)='0', 0xfffffd2c)
r6 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000200)="c4c2499ca100000000660f38814f5766b840000f00d8c4e1b0145d09c4e17a70d700640f01c9b805000000b9100000000f01d966ba410066ed360f01cbb9470800000f32", 0x44}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
connect$inet(r1, &(0x7f0000000040)={0x2, 0x0, @local}, 0x10)

[ 1508.995772][ T5107] usb 1-1: Using ep0 maxpacket: 32
17:14:51 executing program 2:
unshare(0x40000400)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
unshare(0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ipvs(0x0, 0xffffffffffffffff)
sendmsg$IPVS_CMD_NEW_DAEMON(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000840)={0x3c, r1, 0x1, 0x0, 0x0, {}, [@IPVS_CMD_ATTR_DAEMON={0x28, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'sit0\x00'}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}]}]}, 0x3c}}, 0x0)

17:14:51 executing program 5:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
ioctl$KVM_GET_NESTED_STATE(0xffffffffffffffff, 0xc080aebe, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

[ 1509.055640][T10973] usblp 4-1:0.0: usblp0: USB Bidirectional printer dev 77 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[ 1509.144233][T10973] usb 4-1: USB disconnect, device number 77
[ 1509.164779][ T5107] usb 1-1: config index 0 descriptor too short (expected 63524, got 36)
[ 1509.186368][ T5107] usb 1-1: config 0 has an invalid interface number: 0 but max is -1
[ 1509.202454][T10973] usblp0: removed
[ 1509.249250][ T5107] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 0
[ 1509.358588][ T5107] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[ 1509.387686][ T5107] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[ 1509.397765][ T5107] usb 1-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[ 1509.409965][ T5107] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1509.427061][ T5107] usb 1-1: config 0 descriptor??
[ 1509.464485][    C0] raw-gadget.1 gadget.0: ignoring, device is not running
[ 1509.489776][ T5107] usb 1-1: can't set config #0, error -32
17:14:52 executing program 0:
r0 = syz_usb_connect$printer(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="1201000000000020f003176c400000000001090224f80000000000090400000207010300090501020000000000090582020002"], 0x0)
syz_usb_disconnect(r0)
r1 = syz_usb_connect(0x0, 0x4a, &(0x7f0000000000)=ANY=[], 0x0)
syz_usb_control_io(r1, 0x0, 0x0)
syz_usb_ep_write$ath9k_ep1(r1, 0x82, 0x88, &(0x7f00000001c0)=ANY=[])
r2 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
read$char_usb(r2, 0x0, 0x0)

[ 1509.617771][ T5107] usb 1-1: USB disconnect, device number 55
17:14:52 executing program 4:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000006180)=""/152, 0x98}], 0x1, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x5f}], 0x1, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

17:14:52 executing program 4:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{0x0}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x5f}], 0x1, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

[ 1510.274879][ T5107] usb 1-1: new high-speed USB device number 56 using dummy_hcd
[ 1510.514615][ T5107] usb 1-1: Using ep0 maxpacket: 32
17:14:53 executing program 1:
r0 = socket$inet(0x2, 0x0, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f00000000c0), 0x4)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x0, @local}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
mount(0x0, 0x0, &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000280), 0xc, 0x0, 0x1, 0x0, 0x0, 0x8800}, 0x1)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
pipe2(&(0x7f0000000c00), 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r5 = dup(r4)
write$6lowpan_enable(r5, &(0x7f0000000000)='0', 0xfffffd2c)
r6 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000200)="c4c2499ca100000000660f38814f5766b840000f00d8c4e1b0145d09c4e17a70d700640f01c9b805000000b9100000000f01d966ba410066ed360f01cbb9470800000f32", 0x44}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
connect$inet(r1, &(0x7f0000000040)={0x2, 0x0, @local}, 0x10)

[ 1510.684795][ T5107] usb 1-1: config index 0 descriptor too short (expected 63524, got 36)
[ 1510.693196][ T5107] usb 1-1: config 0 has an invalid interface number: 0 but max is -1
17:14:53 executing program 3:
r0 = socket$inet(0x2, 0x0, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f00000000c0), 0x4)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x0, @local}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
mount(0x0, 0x0, &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000280), 0xc, 0x0, 0x1, 0x0, 0x0, 0x8800}, 0x1)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
pipe2(&(0x7f0000000c00), 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r5 = dup(r4)
write$6lowpan_enable(r5, &(0x7f0000000000)='0', 0xfffffd2c)
r6 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000200)="c4c2499ca100000000660f38814f5766b840000f00d8c4e1b0145d09c4e17a70d700640f01c9b805000000b9100000000f01d966ba410066ed360f01cbb9470800000f32", 0x44}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
connect$inet(r1, &(0x7f0000000040)={0x2, 0x0, @local}, 0x10)

[ 1510.823868][ T5107] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 0
[ 1510.924265][ T5107] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[ 1510.987124][ T5107] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
17:14:53 executing program 5:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
ioctl$KVM_GET_NESTED_STATE(0xffffffffffffffff, 0xc080aebe, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

[ 1511.072135][ T5107] usb 1-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[ 1511.131761][ T5107] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1511.251110][ T5107] usb 1-1: config 0 descriptor??
17:14:54 executing program 4:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{0x0}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x5f}], 0x1, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

[ 1511.836905][ T5107] usblp 1-1:0.0: usblp0: USB Bidirectional printer dev 56 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[ 1511.867193][ T5107] usb 1-1: USB disconnect, device number 56
[ 1511.886435][ T5107] usblp0: removed
17:14:54 executing program 2:
unshare(0x40000400)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
unshare(0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ipvs(0x0, 0xffffffffffffffff)
sendmsg$IPVS_CMD_NEW_DAEMON(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000840)={0x3c, r1, 0x1, 0x0, 0x0, {}, [@IPVS_CMD_ATTR_DAEMON={0x28, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'sit0\x00'}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}]}]}, 0x3c}}, 0x0)

17:14:55 executing program 1:
syz_open_dev$vbi(&(0x7f0000000640), 0x1, 0x2)

[ 1512.495139][ T6331] usb 1-1: new high-speed USB device number 57 using dummy_hcd
17:14:55 executing program 3:
r0 = socket$inet(0x2, 0x0, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f00000000c0), 0x4)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x0, @local}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
mount(0x0, 0x0, &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000280), 0xc, 0x0, 0x1, 0x0, 0x0, 0x8800}, 0x1)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
pipe2(&(0x7f0000000c00), 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r5 = dup(r4)
write$6lowpan_enable(r5, &(0x7f0000000000)='0', 0xfffffd2c)
r6 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000200)="c4c2499ca100000000660f38814f5766b840000f00d8c4e1b0145d09c4e17a70d700640f01c9b805000000b9100000000f01d966ba410066ed360f01cbb9470800000f32", 0x44}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
connect$inet(r1, &(0x7f0000000040)={0x2, 0x0, @local}, 0x10)

17:14:55 executing program 4:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{0x0}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x5f}], 0x1, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

17:14:55 executing program 1:
syz_open_dev$audion(&(0x7f0000000bc0), 0x0, 0x0)

[ 1512.764643][ T6331] usb 1-1: Using ep0 maxpacket: 32
[ 1512.924998][ T6331] usb 1-1: config index 0 descriptor too short (expected 63524, got 36)
[ 1512.979927][ T6331] usb 1-1: config 0 has an invalid interface number: 0 but max is -1
[ 1513.049199][ T6331] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 0
[ 1513.101883][ T6331] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[ 1513.163887][ T6331] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[ 1513.224969][ T6331] usb 1-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[ 1513.304694][ T6331] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
17:14:56 executing program 0:
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000800)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)

17:14:56 executing program 1:
syz_io_uring_setup(0x5ac, &(0x7f0000000240)={0x0, 0x0, 0x400}, &(0x7f00000002c0), &(0x7f0000000300))

17:14:56 executing program 4:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x36}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, 0x0, 0x0, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

17:14:56 executing program 5:
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="040f04000043203661cd4669e5ada1f1171722bed7c1798f24501b15bce14518d5e881dcb7cb972917f7c28948d8521cc3fbff94239049e6aa8d11d6bf4ddc0e22932ce18e"], 0x7)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
ioctl$KVM_GET_NESTED_STATE(0xffffffffffffffff, 0xc080aebe, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

[ 1513.393867][ T6331] usb 1-1: config 0 descriptor??
17:14:56 executing program 1:
r0 = syz_open_dev$sg(&(0x7f0000002a00), 0x0, 0x0)
ioctl$BLKTRACESTART(r0, 0x2288, 0x0)

[ 1513.485038][ T6331] usb 1-1: can't set config #0, error -71
[ 1513.492946][ T6331] usb 1-1: USB disconnect, device number 57
17:14:56 executing program 1:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001d40)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
recvmsg$unix(r0, &(0x7f0000004b40)={0x0, 0x0, 0x0}, 0x0)
syz_open_procfs$namespace(0x0, &(0x7f00000007c0)='ns/mnt\x00')

17:14:56 executing program 0:
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000001ec0)={0x0, 0x0, 0x0, 0x0}, 0x38)

17:14:57 executing program 2:
unshare(0x40000400)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
unshare(0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ipvs(0x0, 0xffffffffffffffff)
sendmsg$IPVS_CMD_NEW_DAEMON(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000840)={0x3c, r1, 0x1, 0x0, 0x0, {}, [@IPVS_CMD_ATTR_DAEMON={0x28, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'sit0\x00'}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}]}]}, 0x3c}}, 0x0)

17:14:57 executing program 4:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x36}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, 0x0, 0x0, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

17:14:57 executing program 3:
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000040)={&(0x7f0000000500)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x14, 0x14, 0x2, [@enum={0x0, 0x1, 0x0, 0x6, 0x4, [{}]}]}}, &(0x7f0000000580)=""/220, 0x2e, 0xdc, 0x1}, 0x20)

17:14:57 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0xf, &(0x7f0000000080)=@ringbuf, &(0x7f00000001c0)='GPL\x00', 0x9, 0xab, &(0x7f0000000200)=""/171}, 0x90)

17:14:57 executing program 1:
bpf$MAP_CREATE(0x0, &(0x7f0000000340)=@base={0x0, 0x0, 0x0, 0x0, 0x18, 0x1}, 0x48)

17:14:57 executing program 3:
openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x44000, 0x0)

17:14:57 executing program 0:
r0 = syz_open_dev$sg(&(0x7f0000002a00), 0x0, 0x0)
ioctl$BLKTRACESTART(r0, 0x2203, 0x0)

17:14:57 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
getsockopt$sock_int(r0, 0x1, 0x2c, 0x0, &(0x7f0000000040))

17:14:57 executing program 1:
openat$tun(0xffffffffffffff9c, &(0x7f0000000840), 0x280, 0x0)

17:14:57 executing program 4:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x36}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, 0x0, 0x0, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

17:14:57 executing program 0:
mkdir(&(0x7f0000000000)='./file0\x00', 0x182)
bpf$BPF_RAW_TRACEPOINT_OPEN_UNNAMED(0x11, &(0x7f00000000c0), 0x10)
recvmsg(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0}, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)

17:14:57 executing program 3:
bpf$MAP_CREATE(0x0, &(0x7f0000000800)=@base={0x7, 0x0, 0x0, 0x0, 0xa00, 0x1}, 0x48)

17:14:58 executing program 2:
unshare(0x40000400)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
unshare(0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$IPVS_CMD_NEW_DAEMON(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000840)={0x3c, r0, 0x1, 0x0, 0x0, {}, [@IPVS_CMD_ATTR_DAEMON={0x28, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'sit0\x00'}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}]}]}, 0x3c}}, 0x0)

17:14:58 executing program 3:
bpf$MAP_CREATE(0x0, &(0x7f0000000340)=@base={0xd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x48)

17:14:58 executing program 5:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
ioctl$KVM_GET_NESTED_STATE(0xffffffffffffffff, 0xc080aebe, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

17:14:58 executing program 0:
r0 = syz_open_dev$sg(&(0x7f0000002a00), 0x0, 0x0)
ioctl$BLKTRACESTART(r0, 0x2202, 0x0)

17:14:58 executing program 1:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000000)=ANY=[], 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x600000b, 0x12, r0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000140)={0x26, 'skcipher\x00', 0x0, 0x0, 'ctr(des3_ede)\x00'}, 0x53)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000001280)="b7f2288d3aaea2bc0000def1260a00"/24, 0x18)
r3 = accept$alg(r2, 0x0, 0x0)
recvmmsg(r3, &(0x7f0000000400)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000500)=""/84, 0x34000}], 0x1, 0x0, 0x0, 0x7000000}}], 0x1, 0x0, 0x0)
sendmmsg$inet(r3, &(0x7f00000059c0)=[{{0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000300)='C', 0x1}], 0x1}}], 0x1, 0x0)
sendfile(r3, r1, 0x0, 0x2000010000a007)

17:14:58 executing program 4:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x36}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640), 0x0, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

17:14:58 executing program 3:
syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000a80)={{0x12, 0x1, 0x0, 0x2, 0x0, 0x0, 0x20, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5c, 0x2, 0x1, 0x0, 0x0, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x5}, {0x5}, {0xd}, {0x6}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x0, 0x0, 0xff}}, {{0x9, 0x5, 0x3, 0x2, 0x0, 0x10, 0x2, 0x1f}}}}}}}]}}, &(0x7f0000000540)={0xa, &(0x7f0000000000)={0xa, 0x6, 0x200, 0x8, 0x40, 0x8a, 0x0, 0x3}, 0x15, &(0x7f0000000040)={0x5, 0xf, 0x15, 0x1, [@ssp_cap={0x10, 0x10, 0xa, 0x7, 0x1, 0x7, 0xf, 0x1, [0xff000f]}]}, 0x5, [{0x4, &(0x7f0000000180)=@lang_id={0x4, 0x3, 0x443}}, {0x2, &(0x7f0000000440)=@string={0x2}}, {0x9, &(0x7f00000001c0)=@string={0x9, 0x3, "836a7ccd9b86e1"}}, {0x4, &(0x7f00000004c0)=@lang_id={0x4, 0x3, 0x402}}, {0x84, &(0x7f00000000c0)=@string={0x84, 0x3, "5108b15f7b0fd37cdc16668ef3cdafa2ba001b3c31dd7790a9cfb4b9676fb970b2e1c50100561e8b533f6f9e329fe4874b2ec541b8fc959902bd907ea69058bad423bd8939e1f25817d276203e4827a2bafb67d6ffcc67a350b5edd6ca79533fb1504253bcf3e4289b29b81485088e8db297bf5d939c14b9559594b46e0bf0041093"}}]})

[ 1515.825941][   T28] audit: type=1804 audit(1701278098.537:102): pid=17024 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir2828426038/syzkaller.xAtjBK/2774/cgroup.controllers" dev="sda1" ino=1960 res=1 errno=0
17:14:58 executing program 0:
r0 = syz_open_dev$sg(&(0x7f0000002a00), 0x0, 0x0)
ioctl$BLKTRACESTART(r0, 0x2202, 0x0)

17:14:58 executing program 0:
r0 = syz_open_dev$sg(&(0x7f0000002a00), 0x0, 0x0)
ioctl$BLKTRACESTART(r0, 0x2202, 0x0)

[ 1516.125116][ T5107] usb 4-1: new high-speed USB device number 78 using dummy_hcd
17:14:58 executing program 4:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x36}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640), 0x0, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

17:14:58 executing program 1:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x2000000000000074, 0x25d)
bind$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='yeah\x00', 0x5)
sendmmsg$inet(r0, &(0x7f0000007780)=[{{0x0, 0x0, &(0x7f0000000480)=[{&(0x7f00000003c0)="ee", 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000004d00)=[{&(0x7f00000039c0)="4d7899c42238", 0x6}, {&(0x7f0000003a00)="ab1ec73d9fbbcf6c6c0c6fe2f71652119c59e3b3d25b271da0f315d6303ba6de83dbff20d31a0e980e162fef4bdeb373a8b237c0207eab1f51e51404fcce156365e4148a40e2440afd935adf8742788ea38d6d59f62bab1027e0b59ef4", 0x5d}], 0x2}}, {{0x0, 0x0, &(0x7f0000006480)=[{&(0x7f0000004e40)="37b68c761106a4e8436c1dfd958e60bab31c941b8b62dc8cc61f3d6849a1", 0x1e}, {&(0x7f0000004e80)="67858af70dd6b3397c4c45911c3117daa699d0f7a2c776d2eba4c726a67d57d841d82a621b8ad41620f810a74cbdf52b5e072f32d408125fa95a81667360234302279a40bcc58b572aa344412684ea7e3b1a106ac4c4ee336038aa98a2cedbe3e8a17d77c029ec0668a9f3b81ac382e672963ae158027e36de793fbe22b682a5f1ed3f750cdc21be8ccdf6b684b8", 0x8e}, {&(0x7f0000004f40)="e2bbeabfcd8fa6569700960be9d5d2ffe93e5a9440ce0788bba399aea36d10acf993c26b47d794e4d2630ad28299b4020bd2520d488410cce2c99052115bfa967d0a913fa2a00f79aa070bd4cc3e2d546e49df75b99b05c2ecdc54001da7fade534dfb76dbd7ae6fcf358660ebc6e03b663a3ad6d4f6b9d67e27b02886a85a6ed915483e0fae1630fe47fe911d82924b58f54b17699e74a3e1336b210e5bc3e5dc04c4b5df4011c9192bc2e0bb9ac9ab7889d20898640d27f92486d378497870746b578d4dc1564939d948d2ed3acda8835fe343805610e35930a2942195c7f44e3d7b1e696c3986067cf97d5dc68582bad4062fe1138c53109f158e0e", 0xfd}, {&(0x7f0000005040)="e4d3e20bbb9255e6b37d6cd5500db01c6d37a70603904a84962e7c54df73bf32c911e3eee8f96f4e546c30877e3ae0de2a59cd3d365bf9ee0b0348ca2e8134c41012128395db6b3af100ee0a51ecb9bcc49cfa91e088cabc3f6b15a39c0e0c0c477429453570a057cf69017f56faf08cbad5445915d4950b363edfb08d4a26ff9866ee", 0x83}, {&(0x7f0000005100)="2394cb3bb984f3f177015f96a9610aa9fbc865335105b7411df5cf421ff987620d8d1f9c4045114f5ced0a689e23ac2ec7afb9", 0x33}, {&(0x7f0000005140)="5ec704ecae945e844b8f42c6df4c06b0fdfb6b782e41873da38fcbf67ae9c7e167787b01aaba5341b4ab7fd720ebfad69f1fb15905f27f8d3196aec9b67389248cb1eca90e4240bde7d4761376b25227ff202590a79713bcf92bf5a4f1c0cf48ca2cd7fc6bf437f0822f2ed04b30c35c60af41d20cdaef6218420c87f309", 0x7e}], 0x6}}], 0x3, 0x0)

17:14:59 executing program 0:
r0 = syz_open_dev$sg(&(0x7f0000002a00), 0x0, 0x0)
ioctl$BLKTRACESTART(r0, 0x2202, 0x0)

[ 1516.414777][ T5107] usb 4-1: Using ep0 maxpacket: 32
[ 1516.565468][ T5107] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1516.603131][ T5107] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1516.664147][ T5107] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[ 1516.708517][ T5107] usb 4-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0
[ 1516.737428][ T5107] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[ 1516.753001][ T5107] usb 4-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0
[ 1516.925124][ T5107] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1516.934219][ T5107] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1516.989512][ T5107] usb 4-1: Product: 檃쵼蚛
[ 1516.994256][ T5107] usb 4-1: SerialNumber: Ђ
17:15:00 executing program 2:
unshare(0x40000400)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
unshare(0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$IPVS_CMD_NEW_DAEMON(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000840)={0x3c, r0, 0x1, 0x0, 0x0, {}, [@IPVS_CMD_ATTR_DAEMON={0x28, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'sit0\x00'}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}]}]}, 0x3c}}, 0x0)

17:15:00 executing program 0:
ioctl$BLKTRACESTART(0xffffffffffffffff, 0x2202, 0x0)

17:15:00 executing program 1:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x2000000000000074, 0x25d)
bind$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='yeah\x00', 0x5)
sendmmsg$inet(r0, &(0x7f0000007780)=[{{0x0, 0x0, &(0x7f0000000480)=[{&(0x7f00000003c0)="ee", 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000004d00)=[{&(0x7f00000039c0)="4d7899c42238", 0x6}, {&(0x7f0000003a00)="ab1ec73d9fbbcf6c6c0c6fe2f71652119c59e3b3d25b271da0f315d6303ba6de83dbff20d31a0e980e162fef4bdeb373a8b237c0207eab1f51e51404fcce156365e4148a40e2440afd935adf8742788ea38d6d59f62bab1027e0b59ef4", 0x5d}], 0x2}}, {{0x0, 0x0, &(0x7f0000006480)=[{&(0x7f0000004e40)="37b68c761106a4e8436c1dfd958e60bab31c941b8b62dc8cc61f3d6849a1", 0x1e}, {&(0x7f0000004e80)="67858af70dd6b3397c4c45911c3117daa699d0f7a2c776d2eba4c726a67d57d841d82a621b8ad41620f810a74cbdf52b5e072f32d408125fa95a81667360234302279a40bcc58b572aa344412684ea7e3b1a106ac4c4ee336038aa98a2cedbe3e8a17d77c029ec0668a9f3b81ac382e672963ae158027e36de793fbe22b682a5f1ed3f750cdc21be8ccdf6b684b8", 0x8e}, {&(0x7f0000004f40)="e2bbeabfcd8fa6569700960be9d5d2ffe93e5a9440ce0788bba399aea36d10acf993c26b47d794e4d2630ad28299b4020bd2520d488410cce2c99052115bfa967d0a913fa2a00f79aa070bd4cc3e2d546e49df75b99b05c2ecdc54001da7fade534dfb76dbd7ae6fcf358660ebc6e03b663a3ad6d4f6b9d67e27b02886a85a6ed915483e0fae1630fe47fe911d82924b58f54b17699e74a3e1336b210e5bc3e5dc04c4b5df4011c9192bc2e0bb9ac9ab7889d20898640d27f92486d378497870746b578d4dc1564939d948d2ed3acda8835fe343805610e35930a2942195c7f44e3d7b1e696c3986067cf97d5dc68582bad4062fe1138c53109f158e0e", 0xfd}, {&(0x7f0000005040)="e4d3e20bbb9255e6b37d6cd5500db01c6d37a70603904a84962e7c54df73bf32c911e3eee8f96f4e546c30877e3ae0de2a59cd3d365bf9ee0b0348ca2e8134c41012128395db6b3af100ee0a51ecb9bcc49cfa91e088cabc3f6b15a39c0e0c0c477429453570a057cf69017f56faf08cbad5445915d4950b363edfb08d4a26ff9866ee", 0x83}, {&(0x7f0000005100)="2394cb3bb984f3f177015f96a9610aa9fbc865335105b7411df5cf421ff987620d8d1f9c4045114f5ced0a689e23ac2ec7afb923", 0x34}, {&(0x7f0000005140)="5ec704ecae945e844b8f42c6df4c06b0fdfb6b782e41873da38fcbf67ae9c7e167787b01aaba5341b4ab7fd720ebfad69f1fb15905f27f8d3196aec9b67389248cb1eca90e4240bde7d4761376b25227ff202590a79713bcf92bf5a4f1c0cf48ca2cd7fc6bf437f0822f2ed04b30c35c60af41d20cdaef6218420c87f309", 0x7e}], 0x6}}], 0x3, 0x0)

17:15:00 executing program 4:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x36}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640), 0x0, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

17:15:00 executing program 5:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000b80))
sendmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x200048c6)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
ioctl$KVM_GET_NESTED_STATE(0xffffffffffffffff, 0xc080aebe, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

[ 1517.315717][ T5107] cdc_ncm 4-1:1.0: bind() failure
[ 1517.353177][ T5107] cdc_ncm 4-1:1.1: CDC Union missing and no IAD found
17:15:00 executing program 0:
ioctl$BLKTRACESTART(0xffffffffffffffff, 0x2202, 0x0)

[ 1517.410958][ T5107] cdc_ncm 4-1:1.1: bind() failure
[ 1517.469986][ T5107] usb 4-1: USB disconnect, device number 78
17:15:00 executing program 1:
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f00000002c0)='GPL\x00'}, 0x80)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0x1, 0x0, &(0x7f0000000000)="ff", 0x0, 0x0, 0x500, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

17:15:00 executing program 3:
syz_mount_image$btrfs(&(0x7f0000005100), &(0x7f0000000000)='./bus\x00', 0x8480, &(0x7f0000000100)={[{@nodiscard}, {@nossd}, {@ssd}, {@ssd_spread}, {@space_cache_v2}, {}, {@noacl}]}, 0x5, 0x50ef, &(0x7f0000005140)="$eJzs3U+IVWUfB/Dnzjg6KDjXnbp48QW3wiQKRURDaFaYc82CosVMLYIQYVAwFy3EgpIWDgha4cJgWmR/nFVFC3GVBEEQBcEgzEKQdkIxGC6Ke8957pz7HO+5dyZ1TD+fmDnnOb/zPOeZy1nc783n3AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAhhJNz585V1bdemTm7Y2DP1Us3T+w8NTE6H0KtdbyW1yeeeuaFNw5MPD8cO0zuz7b1erchs67zWWN1x8Fmv86f10IIQ8kAg/l292Bp1OLu4fKAlfZfXNh25NbeXTPHxg9dOLp5qvyn0zS80hNYKfl9dW3xXhpr/R5Izmi3C7dereMWzfqnN9w9+SMAgCUZbbQ27bej+Vvcdvt4Wk/aY0l7OmnHdwjTxcZyZOOu7jbPLWl9heY5lkWFNd3mWU/q+evfbjeSekjbnVFjCfPsPDWPNMPd5jmV1FdqngAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD3k6c/+eJ6VX3rlZmzOwb2XL1088TOUxOj8yHUW8drWbn2xMLcwqa3dj/63e4vP/6zPn5yMO8Xt6sKJ4ff4s5jIyG8Xqhci8P+vj6ERmeh1QwflQtvtnaejQUAAAAeJJtavwfa7SwODnW0a600WWv9F2Vhcf/FhW1Hbu3dNXNs/NCFo5unlj9eo8t4Y7cdr92uL/7UCsE4xt90vMV6PPVwaZxq6Yhpnn959MPtVf1L+b9enf/jKyf/AwAA8G/I/+k41Xrl//nPX91X1b+U/7d0XLKU/+OMY/4fCMvL/wAAAHA/u9v5f6w0TrVe+f/r9/edrupfyv+j/eX/VcVpx4M/xgkfHAlhtNfUAQAAgC7i/3df/Ggh5vXsk4M0r7+49fpQ1Xil/D/WX/6vHBQAAAC4p34488jfVfVS/m/0l//X3NVZAwAAAEvxv/cmD1TVS/l/sr/8vzbf5isfsk7fx3+FcHokhOHmzlRWuBKmn2wXAAAAgDsk5vSXvt18tOq8Uv6fqn7+f3zSQVz/3/H8v9L6/0Ihe+rf4x4MAAAAwMOovJ4/Ph4/++aCbt+/3+/6/09//nVD1fVL+f94f/l/sLi9k9//BwAAAMvwX/v+v1dK41Tr9fz/t9/dsLT8P91f/o/bdcU/73J8fd4ZCWFjcyd/muBn8XIHk8LsUKHQ0kh6HIg98sLsmkKhZSrpsX0khP83d44nhQ2xMJ0UbqzPC+eTwk+xkN8P7cJXSeFyvNPOrM+nmxa+iYV8gcVsXEGxrr0kIunxR7cezcJte8y1Lw4AAPBQieE5z7JDnc2QRtnZWq8T1vY6YaDXCYO9TliVnJCe2O14mOwsxON//TL+XKhQyv/n+8v/8aVYnW26rf8Pcf1//r2G7fX/k7FQTwqzsdBInxjQiNfIwu4H8Rr1Rt7jxsZ2AQAAAB5o8XOBwRWeBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPAPe/ceY8dVHw787PPurte7G4KUhyJiXob8JK/XdhysX0A4qSIQSMlaRP0HhayxN6njDTZ+FBxZqmNQUYoQLrgiCn3YElGdSiCrtOURSiyqBKFaNII2fxji0gJClaAoxXWJgurq3pkzO/fM3ocfa3vD5yN577n3e86ZOefeO54zM/cMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD8drj2azd/pl38Td/+wudu7X3Xi9/89cH1n75/6kchTDde78nCPe84+4OzN3zkrg1fv+uLT5yZuOexwbxcHg/L6n968ycfj7X+ZHkIX+kJoT8NrBrNAgP589FY302jIVwT5gNFidmRrES64PDscAhHwnygqOprwyGMlgL3fu9bz3yqnjg8HMKbQwi1dBkv1rJlDKeBlYNZYCQN7OjPAv9zLlMEvtqbBeCixS9D8aE/Pt2cYWLhci0+fwOXbMWurLR5fTEx0TrfL+5Y5JUqGUxfmL6ot61SHYui8vU44du2BL5tlX4+5G0r70jleyjn5kO10Lt19oHNe+f2xFd6w+RkX6uaFul9PvXS/i3nk14yn8O4AhOX5HP40OHbXhj8wN2nn/jN0/vP1D5/08WuZqvuXWy1kH/mlsz7GG20PVkCX7/KXtIKO10hhDMnTu5vF6+M/yfaj//jxzk+9jbljrW+MpaNzeMrozHxy7FsbA4AAABLxlI4ajq44l9+3K6+yvh/RXfn/+Mp/3wwn7X2RAgbG4mPjYdwfeP1LPBUXNwHx0N4fSM13Ry4IwmcCOGGRuKWoqqkxFAssSIJ/GwsD2xMAs/FwHQSeDIGDiWBj8fA8SSwJQZOJIE7YyBsa27H/xvL29F1YDgGZrJOPB6vQvjVWFxa0lc/KKoCAAC4RPLR4UDz09K1DhebIQ4vjw93yhCvwG6ZoZbUkI5gi2FVyxr6O9XQ26mGot0H2je/UnNPp5orl2H0NGf471PX7QhtVMb/U+3H/7UFVqSncv4/TG1qPMTcvXlkrsgwM92UAQAAALgIv/famc3t4pXx/8burv+Px0T6SpnDyXgYYvt4CFPNgaza26uB7Kz3sjwAAAAAS0FxPr44F74tf8wu0U7H09X80+eZP57437hg/h3f/een261vZfw/3d31/yPNj9lKPBfX4rPjIQyVAt+Oa1kPNKyIgR+9szmQt/+52AGfjFXlFyYUVX0ylpiJgakkcKRVieeLEtc3B/I3q1j4x4p2bMtLlAIAAABw2cXDAfG8fLz+f83f/uGz7cpVxv8z53f9f2McXLm8f25ZCKv7Q+hLfxhwciSbGDAGRnvyxN+PZHX1pVUdHAnh9nrD0qr+PZ//vz+dY/D7w1lVMXD9G469tLKe+MJwCKvLgRfef3R9PbE3CRQL/93hEG6utzZd+N8NZQsfSBf++FAIrysFiqq2DIVQX9hgWtU/1PL7GKRVHa+FcG0pUFT1tloI+wIAS1X8v3Rr+cXd+x7ZvnlubnbXIibiQfzh8MC2udnJLTvmttZarNPWZJ2b5jF6tNqmbm9988M4R9F9x8a7SRc/FJwqLys/kF+5cjB/HneGBhrtXDvQ9HRd2uS3vrG6iFDalWrV5N5FbvJIuZL5N7FSf8w/GJaFob27Z3dNfnTznj271mR/u82+NvsbzzNlfbUm7auRhdati49Hy+myEhfaVyvLlaze8/DO1bv3PbJq28ObH5x9cPZDG6bWrd1w29T6t62uN2oq+9uhpSsXqjlp6bmjXTbrErb0xv5SJZdjoyEhIbHUEoMD95xqt/mpjP93th//x61O3PDn8zO0Ov8/EU/zZ6/Pn+afiYEj3Z7/n2h1Nr+4MGBFEjgQAwec5gcAAODVIR6OjEcz40HpA2958R3tylXG/we6+/3/JZr/v5i6/j2tpvm/JZaYajX/fzrNfzH//4FW8/+n0/wX8/8fuQLz/+8tAkmX/Mr8/wAAwKvB5Zv/v+P0/ukNAioZOk7vn94goJKh4zT+3d4g4Lzn//+bn69ZH9qojP8PdTf+N3E/AAAAXD2uu/Pm77aLV8b/R7ob/1/++f9Cq+v/V7QKTLeaGND8fwAAACxRreb/+977dr6zXbnK+P94d+P/eNlFb1PuWOsrY9mcdiGd0+6XY8VPBgAAAGBp6A2TkwNd5m2aGPWOC1/mqTgVaJt02aFPHDu/3/+f6G783/S7jIcO3/bC4AfuPv3KE795ev+Z2udvmj//DwAAACyebo9LAAAAAAAAAAAAAAAAV96T1355wXkBosrv/8Omxuutfv8f7/vXdNPEs/lkgAfizPqfHjfNHwAAACyux+54+fH478HP/NF/tstbGf9PdDf+j/cXyO+Dl91670S8/9/HxkNo3FpvIgs8FRf3wfEQXt9ITccS2Q313hNLTGWBp+KEibfEEjPTzVUNxcDxJPCzsTxwIgk8FwP5UYpj8caAfzwWwvpGalNziZ2xxEQSuCcGViSByRiYSgLLY2BjEvj58jwwnQT+MQbymw8WffXl5XlfAQAAnI98nDXQ/DSk47zj/Z0y9HTK0HERI50y9HbKUGuRIT7/67gOA+X5+PMM8aWBtNbhpJZKhngzvAtvejFd3/PNOdOClUX3xYITzTljhp3/dOtnQxuV8f+K7sb/F3j//0dPf+d/G4mLuP9/ejf/jTGwIgnsjIGNSWBmUx44cl1zwP3/AQAAuLq1uv//2Ov+6lC7cpXx/1R34/94IOK1TbljrZ3v/58/v/e9X9rXWOWTYyG8sRzYfnD7NfXEk2MhvKUceOa+Wxqj9oNpiW+cvvOn9cT9aeDdq15ztp54exKYiZ10QxqIR1XOLk8CsXu/nwZifxxPA4N54LHlWTt60r76j9Gsr3rSvjo1ml1e0ZP21VdGs2X0pA08nASKBn44DcQG3p0HetO1+tKybK1iYDQW/YtlxUUfAABcneJe4EB4YNvc7FT6E94b+5sfo6Zblj9arbany8X/MN6a/L5j492k+9J90VpR1UCo1ZuwprK7Ws7S02jlpamlQ9e9tkWTO93tvbdFudT5dt1g6xYNZy2a3LJjbutAx4av65xlbX/HLGsqg51ylt5Gl3ZRSxfr0kWLuuybLlY5Pu8Nk5N9Sa7/H4MToUmnT0S39+sr3+e/1aegnOfoJ/7t5Xb1Vcb/G7sb/8f2LAulj/PHY60/WR7CV3rmj0YUgVWjWSA2dzQOj28aDeGaUj8UJWZHshKDyYLDs8PZCHUwreprw9kxhvj83u9965lP1ROHh0N4c+m9KpbxYi1bxnAaWDmYBUbSwI7+LBCv/CgCX+3NAnDRio1C/EDlP3UpTCxcrsXn79VyT9C0eZVroBbIt9A2d7HU0hfya6oK5/e2VapjUVS+Hid825bity34tpV3pPI9lHPzoVro3Tr7wOa9c3viK+U92YpFep/Le6ndpC/B5/DAha9tZ7V0BaaSzcfUwuUW/hz2xOoeOnzbC4MfuPv0E795ev+Z2udv6no1WogDhWf/6zXXlLt3sdVC/plbctuT6YvZngy9WrYnS+5tm/DfQAjh0J8Pf7hdvDL+n+5u/N+fPDa8HDtz93gIby117snY/b8znm0HS4FsK3ltNZBdcv/jsZZbTgAAALjUisMdxfGCbflj9oPwdJxczT99nvnj8YqNC+bvdr33P/v7T7WLV8b/M+3H/0PJajr/7/w/i8T5/wVd7Yeih9IXDlzUoehKdSwK5/8XdLV/25z/X5Dz/87/L8T5/w4u7fn/V8325Gp/2yp7STvtdIUQzt048Hi7eGX8v7O78f9v2fz/6Wz+xfz/6aT9xfz/M63m/9/Zav7/A+b/BwAAFlWLiebTcV5lcv5KhnRy/kqGniTD+d9ioOM0+ub/T+f/P/hnt+8JbVTG/we6G//Hj8Noeemd5/8vpvm/ovP/T2xqUWLjpubVLQKHYmCnOwYAAABwBcUDBPGi925nmAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGBx3f3y2c3t4m/69hc+d2vvu1785q8Prv/0/VM/CmFb4/WeLNzzjrM/OHvDR+7a8PW7vvjEmYl7Hqvl5Qbyx5uacsdaXxkL4UjpldGY+OVY/cl84N73fmlffz1xciyEN5YD2w9uv6aeeHIshLeUA8/cd8t19cTBtMQ3Tt/503ri/jTw7lWvOVtPvD0P9KSr+6fLs9XtSVf3U8tDGC8FitV9aHlzVcUy3pUHetNl/OVotowYGI1FHx/NlhEDc7HEtqEQVveH0JdW9Z1aVlVfWtXXa1lVfWlVf1AL4fYQQn9a1b8OZlX1py1/fjCrKgauf8Oxl1bWE0cHQ1hdDrzw/qPr64ldSaBY+PsGQ7i5/pFJF/7lgWzhA+nC/2QghNeVAkVVMwMh1Bc2mFZ1oj+rajCt6ov9IVxbChRV3dofwr7AlRI3JFvLL+7e98j2zXNzs7sWMTGYL2s4PLBtbnZyy465rbVknVrpKaXPPXrhbf/hS/u3NBL3HRvvJl2s11R5XZ6frrxYft6fPx1otHPtQNPTdUulySPlSubfxEr9Mf9gWBaG9u6e3TX50c179uxak/3tNvva7G9fHs36as1S6auV5UpW73l45+rd+x5Zte3hzQ/OPjj7oQ1T69ZuuG1q/dtW1xs1lf29FC09evlbemN/qZLLsdGQkJBYaonepq3b1NW+Ha/s6M+v6ECoNTbQlWFFOUtPo5WXotF3XEBrc+fb6MqQpNKiNZWBQyXL2s5Z1lXGDPNZhrMsjX3ByuCwXFNvo0vj894wOdnXqh8mmp+Wu/cXF9G9p2LXdZkGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/o8dOBAAAAAAAPJ/bYSqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoq7MCBAAAAAACQ/2sjVFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWEHjgUAAAAAhPlbh9GzAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcCkAAP//AtvxeQ==")
creat(&(0x7f0000000000)='./bus\x00', 0x0)
unlink(&(0x7f00000000c0)='./bus\x00')
r0 = creat(&(0x7f0000000000)='./file2\x00', 0x0)
ioctl$BTRFS_IOC_BALANCE_CTL(r0, 0x9408, 0x0)

17:15:00 executing program 4:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x36}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{0x0}], 0x1, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

17:15:00 executing program 0:
ioctl$BLKTRACESTART(0xffffffffffffffff, 0x2202, 0x0)

17:15:00 executing program 0:
r0 = syz_open_dev$sg(0x0, 0x0, 0x0)
ioctl$BLKTRACESTART(r0, 0x2202, 0x0)

[ 1518.027761][T17083] general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN
[ 1518.039532][T17083] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]
[ 1518.047952][T17083] CPU: 0 PID: 17083 Comm: syz-executor.1 Not tainted 6.7.0-rc3-next-20231129-syzkaller #0
[ 1518.057852][T17083] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023
[ 1518.067915][T17083] RIP: 0010:page_pool_unlist+0xd1/0x170
[ 1518.073556][T17083] Code: df 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 90 00 00 00 4c 8b a3 f0 06 00 00 48 b8 00 00 00 00 00 fc ff df 4c 89 e2 48 c1 ea 03 <80> 3c 02 00 75 68 48 85 ed 49 89 2c 24 74 24 e8 8b 36 02 f9 48 8d
[ 1518.093180][T17083] RSP: 0018:ffffc9000a697768 EFLAGS: 00010246
[ 1518.099259][T17083] RAX: dffffc0000000000 RBX: ffff8880416f0000 RCX: 0000000000000000
[ 1518.107237][T17083] RDX: 0000000000000000 RSI: 0000000000000004 RDI: ffff8880416f06f0
[ 1518.115212][T17083] RBP: 0000000000000000 R08: 0000000000000000 R09: fffffbfff1d98ddc
[ 1518.123187][T17083] R10: ffffffff8ecc6ee3 R11: ffffffff8aa00087 R12: 0000000000000000
[ 1518.131169][T17083] R13: ffff8880416f0000 R14: dffffc0000000000 R15: 0000000000000001
[ 1518.139154][T17083] FS:  00007f13fb3d36c0(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000
[ 1518.148092][T17083] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1518.154690][T17083] CR2: 00007f7216875000 CR3: 000000005ba03000 CR4: 00000000003526f0
[ 1518.162670][T17083] Call Trace:
[ 1518.165952][T17083]  <TASK>
[ 1518.168888][T17083]  ? show_regs+0x8e/0xa0
[ 1518.173174][T17083]  ? die_addr+0x4f/0xd0
[ 1518.177343][T17083]  ? exc_general_protection+0x155/0x230
[ 1518.182912][T17083]  ? asm_exc_general_protection+0x26/0x30
[ 1518.188656][T17083]  ? entry_SYSCALL_64_after_hwframe+0x62/0x6a
[ 1518.194747][T17083]  ? page_pool_unlist+0xd1/0x170
[ 1518.199700][T17083]  ? page_pool_unlist+0x6e/0x170
[ 1518.204628][T17083]  ? xdp_features_set_redirect_target+0x110/0x110
[ 1518.211093][T17083]  page_pool_release+0x507/0x6b0
[ 1518.216043][T17083]  page_pool_destroy+0x1ac/0x4c0
[ 1518.220971][T17083]  bpf_test_run_xdp_live+0x1578/0x1af0
[ 1518.226483][T17083]  ? bpf_test_finish.isra.0+0x6b0/0x6b0
[ 1518.232023][T17083]  ? bpf_test_run_xdp_live+0x1af0/0x1af0
[ 1518.237672][T17083]  ? _copy_from_user+0x5d/0xf0
[ 1518.242424][T17083]  ? bpf_test_init.isra.0+0x111/0x150
[ 1518.247786][T17083]  bpf_prog_test_run_xdp+0x826/0x1530
[ 1518.253150][T17083]  ? __might_fault+0x13b/0x190
[ 1518.257906][T17083]  ? bpf_prog_test_run_skb+0x1dd0/0x1dd0
[ 1518.263527][T17083]  ? __fget_files+0x256/0x400
[ 1518.268194][T17083]  ? fput+0x32/0x3d0
[ 1518.272081][T17083]  ? __bpf_prog_get+0xa0/0x2f0
[ 1518.276829][T17083]  ? bpf_prog_test_run_skb+0x1dd0/0x1dd0
[ 1518.282454][T17083]  __sys_bpf+0x11bf/0x4920
[ 1518.286860][T17083]  ? bpf_perf_link_attach+0x540/0x540
[ 1518.292216][T17083]  ? reacquire_held_locks+0x4c0/0x4c0
[ 1518.297572][T17083]  ? preempt_count_sub+0x160/0x160
[ 1518.302669][T17083]  ? __might_fault+0xe3/0x190
[ 1518.307341][T17083]  ? rcu_is_watching+0x12/0xb0
[ 1518.312097][T17083]  ? folio_memcg_unlock+0x240/0x240
[ 1518.317310][T17083]  __x64_sys_bpf+0x78/0xc0
[ 1518.321710][T17083]  ? syscall_enter_from_user_mode+0x7d/0x110
[ 1518.327678][T17083]  do_syscall_64+0x40/0x110
[ 1518.332165][T17083]  entry_SYSCALL_64_after_hwframe+0x62/0x6a
[ 1518.338047][T17083] RIP: 0033:0x7f13fa67cae9
[ 1518.342444][T17083] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 1518.362034][T17083] RSP: 002b:00007f13fb3d30c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1518.370429][T17083] RAX: ffffffffffffffda RBX: 00007f13fa79bf80 RCX: 00007f13fa67cae9
[ 1518.378383][T17083] RDX: 0000000000000050 RSI: 0000000020000600 RDI: 000000000000000a
[ 1518.386338][T17083] RBP: 00007f13fa6c847a R08: 0000000000000000 R09: 0000000000000000
[ 1518.394294][T17083] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1518.402246][T17083] R13: 000000000000000b R14: 00007f13fa79bf80 R15: 00007fff00b26dc8
[ 1518.410207][T17083]  </TASK>
[ 1518.413209][T17083] Modules linked in:
[ 1518.446634][T17083] ---[ end trace 0000000000000000 ]---
[ 1518.459405][T17083] RIP: 0010:page_pool_unlist+0xd1/0x170
[ 1518.487199][T17083] Code: df 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 90 00 00 00 4c 8b a3 f0 06 00 00 48 b8 00 00 00 00 00 fc ff df 4c 89 e2 48 c1 ea 03 <80> 3c 02 00 75 68 48 85 ed 49 89 2c 24 74 24 e8 8b 36 02 f9 48 8d
[ 1518.564543][T17083] RSP: 0018:ffffc9000a697768 EFLAGS: 00010246
[ 1518.577299][T17083] RAX: dffffc0000000000 RBX: ffff8880416f0000 RCX: 0000000000000000
[ 1518.594537][T17083] RDX: 0000000000000000 RSI: 0000000000000004 RDI: ffff8880416f06f0
[ 1518.648463][T17083] RBP: 0000000000000000 R08: 0000000000000000 R09: fffffbfff1d98ddc
17:15:01 executing program 4:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x36}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{0x0}], 0x1, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x313202, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000180)="66b821010f00d0660f38825f07c200000f01d466c1200066edb8ed0000000f23d80f21f835c00000e00f23f866b8f1000f00d8b9800000c00f3235001000008fca781007f1fac93f", 0x48}], 0x1, 0x61, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, 0x0, 0xe)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

[ 1518.708223][T17083] R10: ffffffff8ecc6ee3 R11: ffffffff8aa00087 R12: 0000000000000000
[ 1518.758105][T17083] R13: ffff8880416f0000 R14: dffffc0000000000 R15: 0000000000000001
[ 1518.914950][T17083] FS:  00007f13fb3d36c0(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000
[ 1518.954205][T17083] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1518.974224][T17083] CR2: 0000000000000000 CR3: 000000005ba03000 CR4: 00000000003526f0
[ 1519.012967][T17083] Kernel panic - not syncing: Fatal exception
[ 1519.019232][T17083] Kernel Offset: disabled
[ 1519.023543][T17083] Rebooting in 86400 seconds..