last executing test programs:

16.826558655s ago: executing program 1 (id=690):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={0x0}}, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
ioctl$FS_IOC_SETVERSION(r0, 0x40087602, &(0x7f0000000240)=0x4)
setsockopt$inet_sctp6_SCTP_RTOINFO(0xffffffffffffffff, 0x84, 0x0, 0x0, 0x0)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000002180)='/sys/kernel/warn_count', 0xa82, 0x9)
write$binfmt_misc(r1, &(0x7f0000000880)=ANY=[@ANYRESOCT], 0x2000088e)
io_uring_setup(0x583e, &(0x7f0000000100)={0x0, 0x8008895, 0x40, 0xfffffffc})
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sysvipc/msg\x00', 0x0, 0x0)
unshare(0x8040480)
preadv2(r2, 0x0, 0x0, 0x0, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$SNDCTL_SEQ_RESET(0xffffffffffffffff, 0x5100)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'bridge_slave_1\x00'})
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYRESDEC=0x0], 0x44}}, 0x80)
r5 = socket(0x10, 0x3, 0x0)
sendmsg$nl_generic(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=ANY=[@ANYBLOB="200000001200010a000000000020000080"], 0x26}}, 0x0)

16.60421796s ago: executing program 1 (id=691):
r0 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000080), 0x129081, 0x0)
writev(r0, &(0x7f0000000b00)=[{&(0x7f0000000940)='\n', 0xfdef}], 0x1)
ioctl$TIOCSSOFTCAR(r0, 0x541a, &(0x7f0000000000)=0x5c00)

16.521556771s ago: executing program 0 (id=693):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000002c0)=0x100000001, 0x4)
setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0x101, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @broadcast}, 0x10)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000000)=[@mss, @sack_perm, @window, @mss={0x2, 0xfff}, @window, @window], 0x20000000000000e4)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0), 0xc7)
sendmmsg$inet(r0, &(0x7f0000002ec0)=[{{0x0, 0x3f, &(0x7f0000000780)=[{&(0x7f0000000480)="e4", 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000000140)=[{&(0x7f00000009c0)=';', 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000100)="54be00e20b410913658adbed", 0xc}, {&(0x7f0000001a00)="151dae9f5abc341457e3002da02378f972648e7feb7ea8b007ceb3241945409ce618a7da37edcda35185ea91870e5e03a5e689922dc351965a5b34bdd32abfa4be11c8adbd07de37efcfe06ba88af1e91faf45bfb5e925189f7727a08a1bb19ac1a312b00e4942c7bfd15de542dccd240780a000b63137ca20ec123369fb59f8083499bc69638e0842bc33b43ff362949b43fa1d0fa1d51faecba1475886302e727b6a8c90c7467de77ac4adae325cb2142e5bdc873aff5fcd22defcdc44daa0f7f216621d931d08ebf3c647bd2a6b69b8b212077fd39cc382a79bbef9fda4f7d39d32bb1d83d8c0844ebaf2d1ff134b72d6fadf9636c6b3fe26b180b8c436faee3bea72bc668f052014bda8057cbbd16d98f7a805578b2fcc98f50ed167065637ea169d5d8eecc3960b5b999abd10ecca2b102d585d63b329654cbec3b60d7f7992c031f2a546fb7311a5271676a50a4a4c4212f586b759f70c8ae7c9e69a9f7946bdc7f1989ba67e3f43e777f54f024a9ae2a2431d02f8acb2c7b532d387a92e412168962673b3d3d7c509b91fa82c4870ed1ff9cc4f460c34be46bed6f6b27a6273b973df8dcfc506d317c4440908074dd3219802e0ec812bf2421c318d8bc50ed540954d8f6d9d94ad1c20a0c265d4903cf1fb647a1f7605791beea5e74e95b940265aa2624f027723ec74fc5add6cd57793e2a2ba47319f4413b944ff4f94818c926fd403a3d1d448566271350b87877b45f4115ef161724684f5fe2c2e9bed8a9cb1469af577fc4855d97b187de28dcebad53b6e0e2b32ba3ba6cf9baf8bfe99e2ed09099c0fd0a73c4643c4623d7975cb72fbb8ab854efe9fea299aba27f8ec9dce2a9a0f3cf73a2a0a42df0d0308c5a8469a49a37532645c2db891361af1751a8f10c1547d96434ec391d62c8fb7d34e2be8bccd0f0895993379c3673e101dab27d7033e15eca066d0b0bf1562c02229a399f72d47eda65e3376decbab1afee26bdbca9fbede10341fe955940b660f8c72cc18af5ab0c817177a99ca996e4da554896dbddbaabab90f513a83918fd650c730c1111aa4be7c73a42bcd58d762075a2820a1c1f54cf24516f7147ef05e13cd6e34d1c5b0d1249b3c122cfe9dea98d8121a49e428ba03af6168e5e1aef509704d091d9c13ba41537e72eb1b1548ec3eaefbf25ce6258c3bb91a0e8585dd3018b3bc07c2c0515f007d3db29d27eb31320100d9c043f7041ca6fa08531fa1f2f45a5967a731060b91109817f719a62236325ee0aed0cbff1a3da45c622b1fce77f3c4eab9ca550605d11050bf50e8c5f472e32fdfb42fab0fd8840eb480221331df30fb4ba0d36a4c6b50395c1f8714c13e40766c8bd41e53827828668ebd42ff6dd3775185934307a79384d62dcfa6b2e680ec8620b98236c0a6e13b878e4672a3d079f19af0798f0504b5e505494a3055008717eebc83c17cad331a2cf8fb0a3b15a1cdb3386824d3a1bd235431f3615cdcd16573ccf1c55da2e7bc3a8ee5fd5332904f5e44a9a996affd9e22d44fabd39d0c94c0002f3ead5bdec192a82a8ff9f52c91a0fadfd03a09af9012184c051c578edb0b17b3d13589c43a196de04291f3624c06c7ec0349d595f5ddbb52398f50d164f087df86aa8e7ba4c6d47b5ea4408912680c72ceb5ed305bfc0d0cd8808fd3bb60069c4ac9344dca351c5ac0ac1d697ede541ad5aa93ac07a11df13dccef6cf385cadeac2c79534121c7cdae0be1b5a8d1e702d6e5b9931adba84c53c0c1510e95d457d4ded4223ba97cfb8e6fb390f41cb9edfcfa27e5f25832b51d76e2e6669101c1294f1b6676082eece428824774be4deffa9f48594e180e64d6d4dad380dee857527a68ad2332e0a4c0790b36822e8be46b5e283b5509e0e36f6a100e3b0a1754fae419418d75729c806de4b8b1523c73d36a7bb3b6239a0353af9ab722de933ff5c84e879fee25e5bb39ed1c3ead2fb3f0e361876225b145f35cdad78b060a764e6c2eb643ebe72ba043acece41f31db5df895aa90ecb3132959979d7037f4472be9c472b6382c26c0948752940cc00619887cd275b5674e5cc186deac75e370c0d0b2e7cba893114b9734979ef9905bef4543706de744fe000ceb8f8574d0023f7b421bbe39aa1f4017ab7b1b639cda29e52f9472246f706d729f934523c7c9c68009db65146c64954e712d863afb4e2d79887786fd1cf02b249eefd249dca07272c8aee70b5b0dd1a94b2c591322f0ffe5fe3edaf3d8928a416691563bb1c2a4124064c2e45053863fe401a82c83a759ff9aff46d7bfa3f180f5fca76dd6fdf0809e95dfaf1ea43e6951686b5a47b813968571dbd0e18641970b53900b9ef51192cb1ec2f00baf9925ed2a36d0afb40dfd6accd9183b92fe3d4f40ade44e7089b9d7563d3817420c1f86293d6a16c58135985485ce8531431723635dacc0923ca34db7ebe296aadf4f24d2e47462e6b99565a8c487fbcca19b68988726d916057ec0e8374163a2a34096fdf891e69eb72cab9d17cc45829fcfeb66dc2100e6a45d32f9c98f7f301c8bdb1d719a3d9d735a2c107c8306aa3184bb64b25018a87ba6cdca994dcbcbfb0cda47c0ba4bb3862b06e28a8f58aece93fa5ac22e6bf7cfd3083ae856ee66013ed15aae1029adbccbf733bdf59a6dc969254a93aaeeacf67566100875c3a3cb73c76abaf45cd09d38d9ecaeed13f579193cd14653b29a327c43a8a4bc74a1004cce8d821cef0a5339ce2128a2d37a1aa93429344e24aa98273ef7414bb4bb00e3f50092e95821db046c8d7ad73b6bf2a7d7a808d1aa0b8ed0bd3743aab4416a313462108d5fb0769e2bafdc9d288a07ba27b0d8efebb052e74ca993abb29b0f4d884db7b901370f9b2850d4ea558dfc3add0635edd912887c9f61d643f3051727227f729d281a6e202fa7af30dddcf2a3698892540bfe6d2541f7b910955141651b595e42ac08edbe173ab2dd4cccd8e79c60bb90bc8b2fc946c51b34af98c5790f16bd5e0894dcfe677b5e57c65cd8a0d1177e75d9ef2dc5a75d48295a2fbc3b96ab848ff91b267fecec0e2566efc86a629ab49794cf4365e7c1f709fbe49ec54596e56844b18030ba1e9c7c4efee267de25c933de941c949e910578f65ab9feabdc55b7f57ea9322685cf01efa63bf6df9c6e68e748a2799a4c3d997b7ad4430f42034f89bda2134299082431f6d97685c46daf82704241bceda0e74cc1b0f5e55e8088a3f8aebcb425c2ce3eb1d85f8d353206298af0e6f26589ec2c62ad82631b704bb35b4720d125305c75371c3a8b7f2c323064bdbbd81a8945dbbd2b16754efcf53bc494d3ce057eb4dc36edaafea2803859b286aea74e7c167fef0c6ee495f2a12f74b8db675d9261b64e67b0dfeb37be45acf10ef7310ade87e3e8b4be43b1bc134d4959d623e04ed38cb4779f48fb9d3774c2f34a853adaf062fba2b12355ff4b1bfa494871504fb8ca78991f08c550601384886ba3748ae3503db4c18c35f2e09a5f14c75b869fe6bfc3de483f874364ecf30f422ffb93a5ba1903609a90ca3984817c65493a508ef59311155696b5eabc39e6bce6557cc63243a70307e15db9d6aa1162e5907462666ae41e19aca4323b1fecb4f67177893f95ce601f1f8b27058f5d746d3dc5571e09842b6ced1a57412b045814d0e59de068509c9b0d8be3a603e86bb4b8b1d0e27753c74e3de8a58eace07d61b1314fec8376f8b65c826f684dafff7b38d2a47c2aea741983cbb3b7f0583c3ea18566ce768a30528860d8b3cd21b6a661e8ba7986523c5198bcba80728a518f34759f15f1cfd1fe8ba8a52533da2efd6386a6c84998026db3118a7ae4410f63a5ffe77d4387afdd66cde43c11ec04cafb3be7bcf10ecc40020fe20d6007710f84e1cfa3fa5a8acdce815f8b6ce0fb505461826d257c9d1431259a7cea683d5d5235352dbad9a8fabfda676aecf4045863a47ba99a22cdcc3bbff1d66a48a2685e86cf1b6516c173d1a123dc6e467284f7601dc536756bce8806d3ca7e29aab106b93f2c6219c62fbb77d8f9556e9e603901db7756ee150a4b8ffc26e8c0d60b9c047380d75db147d6e1e0534b61053f30f0e3284b10ac2bbc860c604f40158868653451ff8e06e5653626fad8c27d6d9a17bc830801095c85b8c4956fa53c40ec3ca5e690fba03946d3814e534190cf4310ac8dc0f0725236e55a2cd4da28aa14e376b2372e2ef40ee38643554b9fa1c55c4e4f2e2372e79bac7ad64b081d0fa8821ecf70af517dfc155c2b67362b515d586d831a9aa2856b06f5227eb766352a45c47e0fd69ff3147d4094c532d98eac0b00adc7d9e16d4b1feeecf3589778e346f4b85e5baf03bf1c5a51ea32a32808444692faae5549b6368d16ebb0756d179c1b37c8960ffc99c18b5546e472e40194aed23d776f5de5a53311e01154f3dd00341f1f5af5f6670566a7374ba5667ffe6bdd65f5765dec091c0040005777b6b93078f7ab30cbb6e48b9cbec4ad524dc0843dd52bfaf3ffbc7851ff30d64d5338f825d4a59d17e8695fc87eda5af4f2bc1f1d39574ade21ec622e2fd1a2420193fc2f03b9a6ced4a64ea8dbd356617cb85fa09dab48b1c0c19b779b928940272c2ac5d95f76fb47736048f701af7ff762fca421ad01e93ab796cfb6b8c55fc7fd6e5f53ec992e2e102c29fcadb4c9bcd10d0d16124353059ff725d6d4967f8e9488443476b6483a305bffd8f72292b3ca02e6c72a9cb112a129ba585b42280ad7e841ed847b23ca16c1faf7e701cacf990a40b366ab4121333d75bd8441c51a37c268abe5722e374c0f2006e469b89759a9ce41ec2731b659dbd1efd9b303ed4e1ad1f4266848ff0fe58a47b3844fd7d47e66ee6279b8d28aae09c56875b40b8dece6569b5ab56ad8b6cdc09d900f4f2eaf4f13eab0e9a7e58f478854e6f6f9653df67aeb9f20bf0240ae8f3410d233e4bc4840b0e56254e1069de8f15cbec6b1095e2ea391ade8e6bc743918002458e4af33c6e3bcfcb40c09cfee33429cbc9d488da0c2e747bdbc06ea104788096f738b2f4fc53ecf13883d00032558c8ad3283443c450752378be24d7075765bdcdce4b768a75e52f4b506a608f506ca15d29a739618a899c76fcd91f183ada081775b02db900ae62abf3840b15d1d2c0f93171a175359c0be62c803a79712edd01ae489428d53bd4e253903789d5c4dfe8c12082af0efe64d10aac5049302bc4833e1147f496f1f7e8d26d13bbd219becf30b47fdfe5e137a5ddff5ee374d7748ba5f2a5ec6f8405b9de996df14916e0f844ecea909e118ee0d8cc7932dbb65f56543a2ebf1488b2adc0380aee7acc78c635db3f3707c9b46e07dc5629643aa7f4aeede8a2896906a6138bca41065535c500984d964fba46514d488aa48283459dbba82e4eaa1093320ea35bbb389899d6ca38fe9f5941275623019d45a86d5800cd320f084f6c714d3037edffab69d8707a2be17dea3a5c654fefea8b875fe2d1277bc219702e3505e3e8349b7e2749eefd6aeef74be38f756e934ed6527dafd1da12e2c5ba75e5fb6889ed83e17a082595e1900f9d68eeda92511fa9a3010170172d932c7a2028877cb022146bc0c933074ce99fb6d393640871db93d87f035f633bfada83f8046b8d39d792ffd67ae0a230b10d1f5308d6bbdef7b49cc28c7b9528fbbd03b9771c9de7ca04631a8b40f3637c9543a489a10674a343336839b0bca4b166d294e26f5ea422dd74a4f376b31", 0xff3}], 0x2}}], 0x3, 0x0)

16.348590532s ago: executing program 0 (id=696):
syz_emit_ethernet(0x2a, &(0x7f0000000080)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @broadcast}, {0x0, 0x0, 0x8}}}}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x0, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007baaf8ff00000000b5080200000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb702000008000000182300", @ANYRES32, @ANYBLOB="1d00000000000000b7050000080000008500000005000000950000ffffff"], 0x0}, 0x90)
r0 = syz_open_dev$loop(&(0x7f0000000100), 0x0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.stat\x00', 0x275a, 0x0)
write$binfmt_aout(r1, &(0x7f00000010c0)=ANY=[], 0x1a3)
write$binfmt_misc(r1, &(0x7f0000000040)=ANY=[], 0xe09)
ioctl$LOOP_CONFIGURE(r0, 0x401c5820, &(0x7f00000002c0)={r1, 0x0, {0x2a00, 0x80010000, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x1c, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd64c6a4b4e00d9683dda1af1ea89de2b7fb0a0100000000000000000300", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "90be8b1c551265406c7f306003d8a0f4bd00"}})

16.195607218s ago: executing program 0 (id=699):
r0 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10)
connect$inet(r1, &(0x7f0000000480)={0x2, 0x4e24, @local}, 0x10)
r2 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r2, &(0x7f0000514ff4)={0x10, 0x0, 0x25dfdbfb, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f0000000200), 0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r6, &(0x7f0000000100), 0xfecc)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r6, 0x0)
syz_kvm_setup_cpu$x86(r5, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, 0x0, 0xffffffffffffff25}], 0x1, 0x0, 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r7, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r7, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, 0x0}], 0x1, 0x18, 0x0, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10)
r8 = accept4(r3, 0x0, 0x0, 0x0)
sendmsg$nl_route_sched_retired(r8, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000012100)=@newqdisc={0x24, 0x24, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0x0, 0x5}, {0xe}}}, 0x24}}, 0x0)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r2, 0x10e, 0x4, &(0x7f0000000180)=0x800, 0x4)
socket$nl_generic(0x10, 0x3, 0x10)
close(r1)

16.04742559s ago: executing program 4 (id=702):
r0 = socket$inet6(0xa, 0x6, 0x0)
bind$inet6(r0, &(0x7f0000000180)={0xa, 0x4e20}, 0x1c)
listen(r0, 0x80080400)
r1 = socket$inet_dccp(0x2, 0x6, 0x0)
connect$inet(r1, &(0x7f0000e5c000)={0x2, 0x4e20, @empty}, 0x10)
getsockopt$inet_int(r1, 0x10d, 0xc4, &(0x7f0000000000), &(0x7f0000000080)=0x4)

15.913862367s ago: executing program 4 (id=703):
r0 = socket$kcm(0xa, 0x0, 0x11)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
ioctl$FIGETBSZ(r0, 0x2, &(0x7f0000000080))
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0x18ff2}], 0x1, 0x10000000, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000009440)={0x0, 0x0, 0x0}, 0x10)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
socket$inet(0x2, 0x4000000805, 0x0)
ioctl$USBDEVFS_CLEAR_HALT(0xffffffffffffffff, 0x80045515, &(0x7f0000000000)={0x1, 0x1})
ioctl$VIDIOC_QUERYCTRL(0xffffffffffffffff, 0xc0445624, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = creat(&(0x7f0000000040)='./file0\x00', 0xde)
close(r2)
execve(&(0x7f0000000280)='./file0\x00', 0x0, &(0x7f0000000200)=[&(0x7f0000000780)='\\\\B\xc6+\xd5\xb9\x93L\\\x87\x84K\xb9!\x0eX =z\\\x14\xec*\xed\xa6u\xc4\x14=\xdb_\xe8\\\x96\n\xa6)\v\xf9 \xddb|\xe7\x14\x82\xc3\x90\xf9=?i\x86Lpw\xba\xe1\v\x1a9G\a\xf9\x18\xe4\xf6f\xd6\fpfP\xcf\xee<\\C\x1e\\\x1f&\xaf\xea?\x91\a\xea\x8d\x05\x83aJ\xf0v\xc0q\x84\x93il\v\x03\b\xadT\a\x14\xd7\xd5u\x84\x82\xb2\xd4(\x1dC\xba2\xa6u\x14\x0ee\xef\x04\xf2\v\xe9\x8a\xdfU\xd1\x1f\x9b\x1d2mRQ\xea\x90\xa0m#\xa4\x1dy\x9d\xe9\xfa\x06\xa27\x9d;\xe4\xb4\x86\xa7&\xa9c6\x1b\x8d\xae\xa0\"(\x9a\x82\xc0o/\x8c\x97\xb9BJh\x9f\xb2\"\x95h\xd7PN\xf1\xe7\xe2\xb7\xe8Ac*v\xf7\x16\x8fe\xef\x84\xf5k\xa9\xeb\xebt\xc3\xf1f\xca\x04*\xec\xfa\xe5bP%Z\xad\x83\xda\xbe2\xa9\xf2\xdaH\xf2{\xf6~\x0f\xb9\xdd.\x06W\xd7\x1dG<\x1e\f2c\xf4\xa0d\x01\x88\xee\xcc\x18(\rap\x98?\xb1$\xe9\xe9+\xa6\xfb\xb1\xc61\xf1\xe7m\xfd\x05\xee\xa0L\xe4C\"\xba\xd5\x91]]\xb26\xbfA\x86\f\xda\xa1w,\xc7\x15oA\xc5m\xbb\x15\xd1\x1e\fi\xc8\xefl&*\"_^5\xd1 H\x17\xf0\xcc\a\x10dxb\xc2\x13m[P\xac]\xc2\xc1\xa8\x1df_\xcax\xbd\xf4moccU\xb5\\\xf5\x05\xec\xa7\x98\f1\x89\x99\xf0P\x8e\x1b\xe3\x9e\xb9\x0f\xf9\xb0\xacd\x9d=d\xae\xbf\xd7K\x9do)p\x00!3\xd7\x05\xf0Xk\xb7vo?1H\x86\x19f\xd3\t\xf8\x96\'\x8c{\a\xfer\x14\x0e\xd9=\x9f\xa1\xda@\xc7-\x93\xbc4\xc0\xfe\xf6\xf6\xc4\xc3ZT>R\x11\xba\xf9\x17\r\x98\a\x06\xe8\x80\xf3\xdf\x87\x1f\xfd\xb8\x99\x9c\x19\xb4\xac\xca\xc2-\xfc\xe8\xc3qAt\b\x94\xee\x9e4\x85\xd0\xfe+\xc0\x17\xbfE\x15\xfdZ\xce\x954v\x8a\x05\xde\xaal\xf4\x82\xe2?\xabS\xe4\xe2\xe1\xd83\x17\xfe\xf8~\x04\xb6\x11\xc4K3\x82\x127\xf7\xc7\x06\x177\x8bWF\xb21\xce\xc7\x19|\x9f\xe87\x80\xbc\xac\xb6;\xcc\xafr\xbd\x90\xde9\x0e\xda\x05\x86\xf0i\xf4{\xbf\x82#\xfd9\xdc\xa7\x01\x00\x12\xea1K\xc9\xe1\xfdv#0U\xd2\t\x14\x10\xe6\xfc\xba\xa1\xac=\xfd\xd7\xa8\xc8\x18\x00\x00\x00\xc4w', &(0x7f00000020c0)='gcB\xc6+\xbf\xcc_\x81 \xd5\xb9\x93L9\x87\x84K9\"\xf1@\a\xea\xbb\xfe\x9cY\xfc\x80\x99\xb9!\x0eX czg\x14\xec*\xed\xa6u\xc4\x14*\xdb_\xe8\\\x96\n\xa6)\v\xf9 \xddb|\xe7\x14\x82\xc3\x90\xf9\r?i\x86Lpw\xba\xe1\v\x1a9G\x04\fpfP\xcf\xee<:C\x1e\\\x1f&\xaf\xea?\x91\a\xea\x8d\x05\x83aJ\xf0v\xc0q\x84\x93il\v\x03\b\xadT\a\x14\xd7\xd5u\xdfU\xd1\x1f\x9b\x1d2mRQ\xea\x90\xa0m#\xa4\x1dy\x9d\xe9\xfa\x06\xa27\x9d;\xe4\xb4\x86\xa7&\xa9c6\x1b\x8d\xa6$\x82\x1b\x9a\x82\xc0o/\x8c\x97\xb9BJh\x9f\xb2\"\x95j\xd7PN\x89\x7f\xc8AB\xc7}T\xbe\xf1\xe7\xe2\xad\xdd\xc2\xb7\xe8Ac*v\xf7\x16\x8fe\xef\x84\xf5k\xa9\xeb\xebt\xc3\xf1f\xca\x04*\xec\xfa\xe5b\xeb\xb4\x99\xefSv\x82\xe2\xe3\x02)sP%Z\xad\x83\xda\xbe2\xa9\xf2\x04\xda\nU\x84\xc2\xe3E\xc1\xd8L\xb1r\xb0\xdaH\xf2{\xf6~\x0f\xb9\xdd.\x06W\xd7\x1dG<\x1e\f2c\xf4\xa0d\x11\x88\xee\xcc\x18(\rap\x98?\xb1$\xe9\xe9+\xa6\xfb\xb1\xc61\xf1\xe7\xf7\xff]]\xb26\xbfA\x86\f\xda\fi\xc8\xefl&*\"_^5\xd1 H\x17\xf0\xa7\x83}\x92W\xeb\xe5\xa3\xcc\a\x10dxb\xc2\x13mNP\xac]\xc2\xc1\xa8\x1df_\xcax\xbd\xf4m\x1e\x18occU\xb6\\\xf5\xf3\xeb\xa3\x98\f1\x8b\x99\xf0P\x8e\x1b\xe3\x9e\xb9\x0f\xf9\xb0\xadd\x9d=d\x94\xec\xceQx\xdb\xf6zG!3\xd7\x05\xf0=k\xb7vo?1H\x86\x192\xb2&\xa5\x9d\xd7\xbc\x85\a\xfer\x14\x0e\xd9=\xa6\xa1\x03cz>R\x11\xba\xf9\x17\r\x98\ap\xda-\xb0R\t\x93.r/\xce\xa4\rK\xcb\x1aO\x03z$\xbeYvYn\xddI\xe7\x13\x8f\x15\xefL\xba`\x9d\xea\xed\xf0)s\x12r\x9b\xf2&\xf2-\xc6\xec\x96\x19\xc9\xd7\xda\x06\xba\x87\x18\xef+\xcdp\x95\xef\xd9\xb9s\x8b\xf3\x8b\x88<\xa0\xa3\xad\x8c\xaf&iMM\xc5>\xa7v\x17\xdf \xca\x86#\xa7*\xecl\xbfp\xc3x\xc3\xc1r\xbe7\xb5\xa3\xf11[`\xcb7z\xa0P\xd5p\xe9\xddC\xc0\x80=\xd9y\x01\x1c\xe7\x1cdN\xd5x\x89\xc9\xc0\xc4{\x01\xa6o\x9ceZ\xe1\xfa0?\x94\x1f\x9aQ\xf0Lf\x1e\x17A@\x06\x89\xadg+$/V\r\xc9oQ=k\xa0\xa6\\\x00\x99\x94\x10dy\x7f\xd1\xd2\xd04\x96\b\x80/\x9a\xfc\a\'\x83\xb8\xcd\xb1\xf5#\tr\xb4\xc4\x929\x01\xee\xe6\n\x8ba\xde\xdbsAzG\xe86\xfe\x83\x1d\xb3K2\xf0\x8f\xde\x85\x00M&\x00\x00O\x86\xec2/\xea\xe6$(L\x85\xf8Y\xcf,\xa3\x87^\xe1\xd8F\xe4AJ\xaa\x1f\xe9\xff?\x9aF\x97M\x80\xe9LR\xdc\x9f~\xce\xb5\xef\x14M\f#>O\xb44LB\xc6a\x82\xc5\x107\xae\xdb\v\xf7\xc4k\xab\xf8:\x1fj\xa2vf)\xee\xab\xb3C\x92\x8e\x80\xb1\x01\x85\xb1v\xae*\xa7])n)+\xd9\xcf\xe9\x9ag\x8a*u\xe4e?\xf9\x93\x93u\xd2M\xfd\xa1\xc5\xff\xd9\x15-\xabH\x90\x04\xea\x88\"\xfe\v\x1d\xa5}H\xee\xc7\x94\xdb\x02\xf7\t5\x1e\xd6~R\x9e\xb5NV)\xa6\x1ff\xde\xbf\x97V\x87\v\x94\xb4\xb0\x7f3\xa3\x85c=\xb0\x8ab\x06\xfa\xe9\xb3\x1d\x0e0\xfe\xc7\xf9\xde\xd6\xe6\x14O\xc8\xff7\xd8\xed\xc6\xdf\x01\xb3\n8\xbf\xbe\x1e\v\x18\xd9\xb3+X4\xb5S\xe7\xf6oO;\xc5\xc8-\x9e\xb5\xbe\x97\xb4k\xd2n\xfa\xd1\x82\x16\xea\x93\xc7\xb3?\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb7\xf2K\xe9\xcf\xc6y\xb00\xe0\xa0\f\xef\x02\xd5 (S\xffhY\"\x83\x05M\x0f\v\xec0B\x1f\xd7\x80\xdaL\xa2Q\x8c\xde\x17* \xf5)tk\xb6\xb9\x86?\x1a\xff\xdc\xecP\xd1w1\xf4a\x00r\x06,\x86S\x11)\xf4\x16W\xd6\x86\x10\x02\x15mod\x854\xd4\'^\xb6\xe9f\xd6:\xfc5%\x16\xc5\xa5\xf1\x11k\xdd{\xaai\x8a\xde\xa6\x18,H\xd8\xe5\xf5g\xe7U\\(\x01\xc5\xde\x1d\x8acHf\x86`9qV|=\xbb\xd1\x95\x0f\x86\xffa\xb1\xdb\x82l\xc3\xcf\x88\xeeJ\xda\x8b0f\xac\xc2n\xd1\')\xf2\xaf\xc0\x06\x01\xb4b\xef\xa8!\xf9\n\xf7{C\xdc`h\b6>\x171\x16\x89\xa8\xe9OC\x7f\xb1\x1c\xd4\xd5\xa7\x7f\xfd\xa8Y\xf0s_\xfb\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00.\xeb\x1a\x18\xf1h\x04\xa8\xe8\x92\xe6\xbc\xe1O\xcf', &(0x7f0000001c40)='gcB\xc6+[;\x88\xfe\x97B*[\a\x03\x96l\x1e\b\xd9\xbf\xcc_\x81 \xd5\xb9\x93L9\x87\x84K\xb9!\x0eX c\x03\x00\x00\x00\x00\x00\x00\x00\t\x00\x00\x00\x00\x00\x00\x00\n\xa6)\xd9\x10#\xf5b|i\x86Lpw\xba\xe1\v\x1a9G\x04\fpfP\xcf\xee<:C\x1e\\\x1f&\xaf\xea?\x91\a\xea\x8d\x05\x83aJ\xf0v\xc0q\x84\x93il\v\x03\b\xadT\a\x14\xd7\xd5u\x84\x82\xb2\xd4(\x1d\x04\xf2\v\xe9\x8a\xdfE\xd1\x1f\x9b\x1d2mRQ\xea\x90\xa0m#\xa4\x1dy\x9d\xe9\xfa\x06\xa27\x9d;\xe4\xb4\x86\xa7&\xa9c6\x1b\x8d\xa6$\x82\x1b\x9a\x82\xc0o/\x8c\x97\x00\x00Jh\x9f\xb2\"\x95j\xd7PN\x89\x7f\xc8AB\xc7\x8d\xf1\xe7\xe2\xad\xdd\xc2\xb7\xe8Ac*v\xf7\x16\x8f_\xda8l\xc8\xa2\xb0\xd1\fg\x00\x00\x00\x00\x00\x00\xfa\xe5b\xeb\xb4\x99\xefSv\x82\xe2\xe3\x02)sP%Z\xad\x83\xda\xbe2\xa9\xf2\xdaH\xf2{/~\x0f\xb9\xdd.\x06W\xd7\x1dG<\x1e\f2c1\xf1\xe7m\xfd\x00\x00\x00\x00\xe4C\"\xba\xd5\x91]]\xb26\xbfA\x86\f\xda\fi\xc8\xefl&\x9c\xbd\xbb\x90\x17$\x9e\\\xee\xc6\x88?)\r@e*\"_^xb\xc2\x13m[P\xac]\xc2\xc1\xa8\x1df_\xcax\xbd\xf4m\x1e\x18occU\xb5\\\xf5\x05\xec\xa3\x98\f1\x89\x99\xf0P\x8e\x1b\xe3\x9e\xb9\x0f\xf9\xb0\xadd\x9d=d\x94\xec\xceQx\xdb\xf6zG!3\xd7\x05\xf0Xk\xb7vo?1H\x86\x192\xb2&\xa5\x9d\xd7\xbc\x85\a\xfer\x14\x0e\xd9=\x9f\xa1\xda@\xc7-\x93\xbc4\xc0\xfe\xf6\xf6\xc4\xc3ZT>R\x11\xba\xf9\x17\xfd\x98\x06\x06\xe8\x80\xef\xdf\x87\x1f\xfd\xb8\x99\x9c\x19\xb4\xac\xb0\x11i\xcc\xb9BG\x1ac\xbc\xd9&\xb6\xd9\x04\x03\xc6\xebf\x84\xe5\xfe[\xe7\xe6\xb3\xe9\xca\xe7\xc1\xa7\x9aO\xc1\t\x1c\xeb\xfbl\xa4\x80KQG\x80\xcd\xdd\t\x91\xdb}\xb1\xde\xf9\xbe=\x8b\xde\xf2G\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xf7\xa9\x99t\x87 \x9f\x03}\x8d\x1b\x14\x1eU.r\xe1\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000d00)='gcB\xc6+\xbf\xcc_\x81 \xd5\xb9\x93L9\x87\x84K\xb9!3\xf2\x84\xa9H\x92\x1e4\"u\xc4\x14*\xdb_\xe8\\\x96\n\xa6)\v\xf9 \xddb|\xe7\x14\x82\xc3\x90\xf9\r?i\x86Lpw\xba\xe1\v\x1a9G\x04\fpfP\xcf\xee<:C\x1e\\\x1f&\xaf\xea?\x91\a\xea\x8d\x05\x83aJ\xf0v\xc0q\x84\x93il\v\x03\b\xadT\a\x14\xd7\xd5u\x84\x82\xb2\xd4(\x1d\x04\xf2\v\xe9\x8a\xdfU\xd1\x1f\x9b\x1d2mRQ\xea\x90\xa0m#\xa4\x1dy\x9d\xe9\xfa\x06\xa27\x9d;\xe4\xb4\x86\xa7&\xa9c6\x1b\x8d\xa6 \x82\x1b\x9a\x82\xc0o/\x8c\x97\xb9BJ9\x13V\x1e\b\x16\xf6/\xc3{h\x9f\xb2\"\x95j\xd7PN\x89\x7f\xc8AB\xc7}T\xbe\x8aO\x9d\x94\x8d\xf1\xe7\xe2\xad\xdd\xc2\xb7\xe8Ac*v\xf7\x16\x8fe\xef\x84\xf5k\xa9\xeb\xebt\xc3\xf1f\xca\x04*\xec\xfa\xe5b\xeb\xb4\x99\xefSv\x82\xe2\x1f\x02)sP%Z\xad\x83\xda\xbe2r\xb0\xdaH\xf2{\xf6~\x0f\xb9\xdd.\x06W\xd7\x1dG<\x1e\f2c\xf4\xafd\x01\x88\xee\xcc\x18(\rap\x98?\xb1$\xe9\xe9+\xa6\xfb\xb1\xc61\xf1\xe7m\xfd\x05\xee\xa0L\xe4C\"\xba\xd5\x91_]\xb26\xbf\x9cA\x86\f\xda\fi\xc8\xefl&*\"_^5\xd1 H\x17\xf0\xcc\a\x10`xb\xc2\x13m[P\xac]\xc2\xc1\xa8\x1df_\xcax\xbd\xf4m\x1e\x18occU\xb5\\\xf5\x05\xec\xa3\x98\f1\x8b\x99\xf0P\x8e\x1b\xe3\x9e\xb9\x0f\xf9\xb0\xadd\x9d=d\x94\xec\xceQx\xdb\xf6zG!3\xd7\x05\xf0\xd8k\xb7vo?1H\x86\x032\xb2&\xa5\x9d\xd7\xbc\x85\a\xfer\x14\x0e\xd9=\x9f\xa1\xda@\xc7-\x93\xbc4\xc0\xfe\xf6\xf6\xc4\xc3ZT>R\x11\xba\xf9\x17\xf2\a\x00\x00\x00\x00\x00\x00\x00\x00\x13\x9eX$\xe1\x00\x00\x00\x00\x00\x00\x003\xe0\xe3\x0e\xaa\x8e\x9a\x1f\x12\fRw\x11B\x17xO<x6tw\x18\xc4\xf1%\xd8S\xdd\"6\xa3s\x99O\xb0\xf2/0\x1d\x04\xcc\xadVr\x9bP\xd0Z3\xa7\xdd@\xf9a\xe6\xa1\x9c#\xb9\xb8\xb0\xc6r\"\xdd\xc4\xe5\xf8\xb5\xacF\x9aP\xbd\xf0\x94\x99;\x18\xd4\x9d\xf2f\x93\v\xe0\x8c\x91\x87\xd3\xc57\xe2\x11r\xea(\xb7\xd1\xba\x00C\x00(?\xeb34\xea\x865lD\xd4\xc7\x91*\x8e\x0f\xf6Zl^\xe1\x9b\xab}\xe7;\xd3h\xda4\xb5r\xe9l\xd1F\xdepA\x02\x90X\xed\x10\x98\xa2\xfb=\xdb\xba7\xf0Y\xafUt\x12\xe7\x87wbd\x86R\x02\xa7\xa3F\a\x83\x19;\xeb\xba\bm\x84\xba\x90\xd8\x9f\xc2\xb3V\xd0\xd8M\x1eM\x8d\x1a.\xea\xea:A$:/\x96\xf1\xb8\xdd\xa3\b?\x8b%\xce\x8a]\xb4!n \xcd\xdc\xc0\xca$\x8dA\xce\xd4\xab\x1at\x1b\x87\xc1W\xff\x91%6]1\xfb \xc9\xa7\xff\x92I\x91\xed\xed-\x89J7\\\x82\xbe\x8e~$\xafbl/\xf4\xad\xc6\x04\x0fZH\x97C^Y\x12\xcd\xab\x9eS\xdb\xfe\x83\xc3\xbb5,hS\x82\xefR.]\xa9\b\xd4o\x92\xf7\x99\xd2\x0e\xef \x83\xb4\xe7\xb6j\xa4\xe3m\xa4\xd7\xaa\x97\xe3\xc9\xcfP\x9e\xb0vU{\x8b3R\x1a\x06\xc3\ts\x8e\x1f\x8b\xc7\xe3\xbe\xc3j\xb6\x83\x0e\xe9*\xc2r7\x92\x8b\xf2\x02\xf0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x05\xa2\xf7\xafPK8\x0e1\xcez\x00\x00', &(0x7f00000018c0)='gcB\xc6\xcd\xd6\x18H+\xbf\xcc_\x81 \xd5\xb9\x93L9\x87\x84K\xb9!\x0eX czg\x14\xe4*\xed\xa6u\xc4\x14*\xdb_\xe8\\\x96\n\xa6)\v\xf9 \xebb|\xe7\x14\x82\xc3\x90\xf9\r?i\x86Lpw\xba\xe1\v\x1a9G\x04\fpfP\xdf\xee<\x9b\xf8-d\xe2\x13\x8a\x19\xbf;\xe2\x14\x80u\xc9\\:C\x1e\\\x1f&\xaf\xea?\x91\a\xea\x8d\x05\x83aJ\xf0v\xc0q\x84\x93il\v\x03\b\xadT\a\x14\xd7\xd5u\x84\x82\xb2\xd4(\x1d\x04\xf2\v\xe9\x8a\xdfU\xd1\x1f\x9b\x1d2mRQ\xea\x90\xa0m#\xa4\x1dy\x9d\xe9\xfa\x06\xa27\x9d;\xe4\xb4\x86\xa7&\xa9c6\x1b\x8d\xa6$\x82\x1b\x9a\x82\xc0o/\x8c\x97\xb9BJh\x9f\xb2\"\x95j\xd7PN\x89\x7f\xc8AB\xc7}T\xbe\x8aO\x9d\x94\x8d\xf1\xe7\xe2\xad\xdd\xc2\xb7\xe8Ac*t\xf7\x16\x8fe\xef\x84\xf5k\xa9\xeb\xebt\xc3\xf1f\xca\x04*\xec\xfa\xe5b\xeb\xb4\x99\xefSv\x82\xe2\xe3\x02)sP%Z\xad\x83\xda\xbe2\xa9\xf2\xdaH\xf2{\xf6~\x0f\xb9\xdd.\x06W\xd7\x1dG<\x1e\f2c\xf4\xa0d\x01\x88\xee\xcc\x10(\rap\x98?\xb1$\xe9\xe9+\xa6\xfb\xb1\xc61\xba\xd5\x91]]\xb26\xbfA\x86\f\xda\fi\xc8\xef\"_^5\xd1 H\x17[xS\rO\x880\xf1P\xac]\xc2\xc1\xa8\x1df\xf2$\xa4m\xbd_\xcax\xbd\xf4m\x1e\x18ocmU\xb5\\\xf5\x05\xec\xa3\x98\f1\x89\x99\xf0P\x8e\x1b\xe3\x9e\xb9\x0f\xf9\xb0\xadd\x9d=d\x94\xec\xceQx\xdb\xf6zG\x053\xb9\x05\xf0\xae\xfc\x88\f\x96+\xd3\xac\xf3\xef\xa7\xb7\xd1Xk\xb7vo?1H\x86\x192\xb2&\xa5\x9d\xd7\xbc\x85\a\xfer\x14\x0e\xd9=\x9f\xa1\xda@\xc7-\x93\xbc4\xc0\xfe\xf6\xf6\xc4\xc3ZT>R\x11\xba\xf9\x17\r\x98\a\x06\xe8\x80\xef\xdf\x87\x1f\xfd\xb8\x99\x9c\b\xb4\xac%~\x12\x7ft\xa9\v\x99\x7f\xce)dC\xef\xca\xc1\x92\xa7C\xae\x9c\xf3\xb0\xb9\t\x8d\xb9p\xcb\xe3csR\xe2\xfbL\x9f\xb3\xa4^\xc1\xf7m0\xa8\xfd\xcf\xfdY\\d\x03(\x89\xe7\xe1\xcf\xa4m3SQc\xbaG\xcd\xce\xf5o@\xfdi\xd1w~\xc8\xb9\x04\b\b\x00\x00\x00\x00\x00\xd4\xe8\xcaP\x89\x9b\x12\xa7\xdb\x95c=\x16\xd5\x06\xf9O\x87\x02\xcd\xa4\xc0\xa17\x92]_\xa2>\xbb\xc8?\x98\xa6+\xcf^\xa0\xe8\x9a\x9e>O\xbf\xd3Fd\xfe\x9c|0\xdd\x7f\x85^\xdf\xe0\x84\x17\xe5\xc05\x8av\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xcd\xd3o26\x9b\xc9\x90\x1a\x87\x9a\xea0\xc5\x9b\xa8\x8a\xc5\x13\x86\xbd\x86\xbc\x12\xf5\xa2![\x84i\xe1\xb2\xa2\xa1F\xd9{\x95\xdc\xbbc\x8a\xa1B\x10W\x00\x00\x00\x00\x00\x00\x00\x05\xe5.\r\x1dd\xfc\x97\x9dn\xef\xc0\xa6\x9a\xe0\xd5\x98o\x18\xaf\xba\x88\xa4\xbd`Qa\xdc\xcb\xce\xcc\\e\x00\x9f\xd4\xac\xea\xe4\xa3\xfa\x14\x06\xa9\xc0\xbb\x12$\xcf+z\xb0\xc8\x95\xed\xa0&\xafg\xdf\x94\xaaK)\x86~\\\xfd\xb6,\xe1\xe6\xab\x9estQ\x8b\xa0\x8e\x00i\xc3\xb4b)e\x13\xbf\xc1O\x00\xc0\xab\x95\xfa\x12e,\x19 _\xca[\xd1\x9e\xc3N\\1;\xe3t\xaa\xa1\x83\xd1\n\x17\xd2\xd8\x02+\xf1aY\xfb\x00^\x95\xab\x97\x8f#\xeax\r\t\xcb\xb7\xc8\xc7', &(0x7f0000000a00)='gcB\xc6+\xbf\xcc_\x81 \xd5\xb9\x93L9\x87\x84K\xb9!\x0eX cz\xb8\x14\xec*\xed\xa6u\xc4\x14*\x82\xc3\x90\xf9\r?i\x86Lpw\xba\xe1\v\x1a9G\x04\fpfP\xcf\xee<:C\x1e\\\x1f&\xaf\xea?\x91\a\xea\x8d\x05\x83aJ\xf0v\xc0q\x84\x93il\v\x03\b\xadT\a\x14\xd7\xd5u\x84\x82\xb2\xd4(\x1d\x04\xf2\v\xe9\x8a\xdfU\xd1\x1f\x9b\x1d2mRQ\xea\x90\xe6\\h\\\x1dy\x9d\xe9\xfa\x06\xa27\x9d;\xe4\xb4\x86\xa7&\xa9c6\x1b\x8d\xa6$\x82\x1b\x9a\x82\xc0o/\x8c\x97\xb9BJh\x9f\xb2\"\x95j\xd7PN\x89\x7f\xc8AB\xc7}T\xbe\x8aO\x9d\x94\x8d\xf1\xe7\xc1\xad\xdd\xc2\xb7\xe8Ac*v\xf7\x16\x8fe\xef\x84\xf5k\xa9\xeb\xebt\xc3\xf1f\xca\x04*\xec\xfa\xe5b\xeb\xb4\x99\xefSv\x82\xe2\xe3\x02)sP%Z\xad\x83\xda\xbe2\xa9\xf2\x04\xda\nU\x84\x82\xe3E\xc1\xd8L\xb1r\xb0\xdaH\xf2{\xf6~\x0f\xb9\xdd.\x06W\xd7\x1dG<\x1e\f2c\xf4\xa0d\x11\x88\xee\xcc\x18(\rap\x98?\xb1$\xe9\xe9+\xa6\xfb\xb1\xc61\xf1\xe7m\x91]]\xb26\xbfA\x86\f\xda\fi\xc8\xefl&*\"_^5\xd1 H\x17\xf0\xa7\x83}\x92W\xeb\xe5\xa3\xcc\a\x10dxb\xc2\x13m[P\xac]\xc2\xc1\xa8\x1df_\xcax\xbd\xf4m\x1e\x18occQ\xb6\\\xf5\xf3\xeb\xa3\x98\f1\x8b\x99\xf0P\x8e\x1b\xe3\x9e\xb9\x0f\xf9\xb0\xadd\x9d=d\x94\xec\xceQx\xdb\xf6z?1H\x86\x192\xb2&\xa5\x9d\xd7\xbc\x85\a\xfer\x14\x0e\xd9=\xa6\xa1\xda@\xc7-\x93\xbc4.C\f\x193\x03cz>R\x11\xba\xf9\x17\r\x98\ap\xda-\xb0R\t\x93.r/\xce\xa4\rK\xcb\x1aO\x03z$\xbeYvYn\xddI\xe7\x13\x8f\x15\xefL\xba`\x9d\xea\xed\xf0)s\x12r\x9b\xf2&\xf2-\xc6\xec\x96\x19\xc9\xd7\xda\x06\xad#\x18\xef+\xcdp\x95\xef\xd9\xb9s\x8b\xf3\x8b\x88<\xa0\xa3\xad\x8c\xaf&iMM\xc5>\xa7v\x17\xdf \xca\x86#\xa7[`\xcb7z\xa0P\xd5p\xe9\xddC\xc0\x80M\xd9y\x01\x1c\xe7\x1cdN\xd5x\x89\xc9\xc0\xc4{\x01\xa6o\x9ceZ\xe1\xfa0?\x94\x1f\x9aQ\xb2\xea\br\xfb\xdc\'\xb8\xdbh\x02|\xacW\xd5\xf0Lf\x1e\x17A@\x06\x89\xadg+$/V\r\xc9o\xda3C\xa0\x06\xd4^\x8bQ=k\xa0\xa6\\\x00\x99\x94\x10dy\x7f\xd1\xd2\xe36\xa1\xd3\xb1o\x7f0:}\xad\xd04\x96\b\x80/\x9a\xfc\a\'\x83\xb8\xcd\xb1\xf5#\tzG\xe86\xfe\x83\x1d\xb3K2\xf0\x8f\xde\x85\x00M&\x00\x00O\x86\xec2/\xea\xe6$(L\x85\xf8Y\xcf,\xa3\x87^\xe1\xd8F\xe4AJ\xaa\x1f\xe9\xff?\x9aF\x97M\x80\xe9LR\xdc\x9f~\xce\xb5\xef\x14M\f#>O\xb44L`\xc6a\x82\xc5\x107\xae\xdb\v\xf7\xc4k\xab\xf8:\x1fj\xa2vf\xab', &(0x7f00000012c0)='gcB\xc6+\xbf\x0eX czg\x14\xec*\xed\xa6u\xc4\x14*\xdb_\xe8\\\x96\n\xa6)\v\xf9 \xddb|\xe7\x14\x82\xc3\x90\xf9\r?i\x86Lpw\xba\xe1\v\x1a9G\x04\fpfP\xdf\xee<:C\x1e\\\x1f&\xaf\xea?\x91\a\xea\x8d\x05\x83aJ\xf0vl\v\x03\b\xadT\a\x14\xd7\xd7\xb5\x84\x82\xb2\xd4(\x1d\x04\xf2\v\xe9\x8a\xdfU\xd1\x1f\x9b\x1d2mRQ\xea\x90\xa0m\xb3\fv\xc5\x9d\xe9\xfa\x06\xa27\x9d;\xe4\xb4\x86\xa7&\xa9c6\x1b\x8d\xa6$\x82\x1b\x9a\x82\xc0o/\x8c\x97\xb9BJh\x9f\xb2\"\x95j\xd7PN\x89\x7f\xc8AB\xc7}T\xbe\x8aO\x9d\x94\x16\xf0\xf9s\x9af$\xb3x\x8d\xf1\xe7\xe2\xad\xdd\xdf\xb7\xe8Ac*t\xf7\x16\x8fe\xef\x84\xf5k\xa9\xeb\xebt\xc3\xf1f\xca\x04*\xec\xfa\xe5b\xeb\xb4\x99\xefSv\x82\xe2\xe3\x02)sP%Z\xad\x83\xda\xbe2\xa9\xf2\xdaH\xf2{\xf6~\x0f\xb9\xdd.\x06W\xd7\x1dG<\x1e\f2c\xf4\xa0d\x01\x88\xee\xcc\x10(\rap\x98?\xb1$\xe9\xe9+\xa6\xfb\xb1\xc61\xba\xd1\x91]]\xb26\xbfA\x96\f\xda\fi\xc8\xefl&*\"_^5\xd1 H\x16\xf0\xcc\a\x10dxb\xc2\x13m[xS\rO\x880\xf1P\xac]\xc2\xc1\xa8\x1df_\xcax\xbd\xf4m\x1e\x18occU\xb5^\xf5\x05\xec\xa3\x98\f1\t\x99\xf0P\x8e\x1b\xe3\x9e\xb9\x0f\xf9\xb0\xadd\x9d=d\x94\xec\xcex\xdb\xf6zG!3\xb9\x05\xf0Xk\xb7vo?1H\x86\x192\xb2&\xa5\x9d\xd7\xbc\x85\a\xfer\x14\x0e\xd9=\x9f\xa1\xda@\xc7-\x93\xbc4\xc0\xfe\xf6\xf6\xc4\xc3ZT>R\x11\xba\xf9\x17\r\x98\a\x06\xe8\x80\xef\xdf\x87\x01\xfd\xb8\x99\x9c\x19\xb4\xac%~\x12\x7ft\xa9A\x1brx\x87\xa16\x93\xd5fap\x83k\xf6O\v\xae\x9c\xf3\xb0\xb9\t\x8d\xb9p\xcb\xe3csR\xe2\xfbL\x9f\xb3\xa4^\xc1\xf7m0\xa8\x1b\xd0\xfdY\\d\x03(\x89\xe7\xe1G\xcd\xce\xf5o@\xfdi\xd1w~\xc8\x95\x94\xea\xd4\xe8\xcaP\x89\x9b\x12\xa7\xdb\x95c=\x16\xd5\x06\xf9O\xa6+\xcf\n\xd5\xad\x15^\xa0\xe8\x9a\x9e>O\xbf\xd3Fd\xfe\xe7\xc7X\xeaf\x9cn0\xdd\x7f\x85^\xdf\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00`DK\x17\xe9s2\xe0\xe2[IZS5\xa9\x00\x00\x00\x00\x00\xd5\x84\xc4\x91d\\L\xa0|o\xa9\"f\x9ah\xbda~H\xdf\xaf\xa1c\x83+\x00\xb5t\xc28\xb9\x15\xb1\r[g\xab\x1f\xe74N\xa1\xbe\'x\xf7\xfe\xd3=\xfa\nP\xf8\x89M\xd2\xefk.\xaa.\xc3\xddmr\xa3f\t\xfcC\xd7\xc8\xde\xbb\xa6\xf0\x06\xca\xbb\xf4\x0f\xfd\xc1\xca\xd9\x1d\xf0\x12\x94\x02\xdc\xe5`\xfc\x92_\xfe\x82\xcf\xc4\xa1\x8f\x95\xf9e\xbd$\x93V\xf0\xd6\xd9iu\x1d\x00\x00\x00\x00\xed\x9f\n\'\x00\x00\x00\x00\x00\x00\x00\x00x(\xbd\xfd.\xb1I<\xc31H\xe37\xecM:\xc0N\xdd\x81\xb0g\xf7<j\xea\xc9\x1cQ\x9e\xb4\xd7\xa9=c\xbec\xf8z\xdfV\xb3fE1\x8e\xb3\x9b_\xda\xb3M:\xe6wr\xd4P\xb9QU\xddV4#6JE\x06\xeccV\xce@3\xec\xb6\x16\xe3\x88\x10\xb4\x10$\xc6EH\x9e\xe1\xf6\r\x11h\x1a\xdcs1\x90\x89<E@\xc0#\x82\xbba\a\xe0\xe1O\x84\xb8\x87\xb8V\x7f\xc9mX\x8ct\x92\xe6\xb7\x02Y(\xca\x8b22\\7\x84h\x15\xad\xdc\x93,\xc3\xf8\xcc\x82 ?~\x7f\x82\x91+\xcd\x15\x1d\xe0;\xbd\xdc\xf8 \xb2\xe1O1\xf2\xe4\xbaN\xff\xcf\xdbI\x1f\xb2\x01T6\xba\x9f\xb3\xfd(\x1c\xdd\xef5\x84\x01\xa8v9\x9a\xee\x85\xbe0\x95p5\x1a\xc8\xc7\xb2\x85\x96\xd0`5_\xfe_&|\xc6\xff\x1a\xe3c\xe2\x03\x9b\xdav\x1c\xf7!\x1d.[Jh\xea\x05\xac\xd5\x95Q\x13&\xcb\n\x13\xbb\x1b\xfe\xc8\xbd\xdePF\xd0Se\xa1V\x1d\xc2\xe2\x9c\xf7y\xb2<\x81\x9b\xf9\x86\x00\xd3\xe0\x7f\x1aX\xba\xa9\x1b\f\xa1z]H\xea1\xf2\xcf\x1e\x88\xa2\x9e|\x14q\xcb\x10\x7f\xf7Wx\r|\xc2$\x00m!\xb2<\xb3^\xca\x17<\xa29l\xc4\tuk\x15{Xd\x95\xfa\xc5\xb4l\x88\x05\xb7\x84?.\x0f\x80\xaf\x83>;I)\xff\xc0\x8d|\x14D\xb2L2\xa4\xacBg=\xb8\xe9\xd0zh\x1d\x1d\xa0\xc8\xacJ\xf2\xe8W\xd9\xa9+6V!\x94\xbd\xec\xac\xad\x8cY\x05\xc4e\xdfc\x9a\xa4u\xad\x01\xf8:\xc0\xea\xae\xd4\xf66A\xf9\x15\xb5]\xf9\x18)v%?g6j\xdd\xd4\xe8\x98\xa3\xbaoi\x802\xd1\xfaZ\xf3!\x983\xb1\xfbH\x9a\x94\xf0\xf0l\xdd[\x99\x9f\x8ftPO`z\x94\xdd\x04_-u\x1aP>W3\xbc\xc9\x9fw<\x97C\xa8\x90\xf0\xe7\xfeUN\xeb\xf7\xf06\xc2\xd8l\x14\xd9>\xa27[R\x02K\x82\x01\x10\x16\x93\'\xafL\x81\x8c\xef\"\x1a\xa8\x15*u\xbb\xbc7u}\x877\xa5s[\x13\xa6\x99Iv~\xf4`+\xdf\xe2\xd1\xfe\x03\b\xcf\x81\xd6\xc5\xcb\xb6\x7f\x8a\xbf#\xc4\xdbq\xd0J\x862iG\xfc\x7fIl\xb9!\x0e\x14\xdcLor\xeb\x16D\x83\xf2f\xfb\at\xd8F\x12\xbe-\n\x04k\x01k\xd7?\x03~h\x9a\b\xae\x1b\xd1\xb2\xbd\xe8\x1c\x8d\xcd\xcbUh\xf6\xfd\xd3\x9c\x06\xd7\x99\t\x0e\xdc\x11\x15\r\x8a\x86X\xdfq\xb2\xc2\x12(\xab\xd2\xca\xd0\x05\xe3u\xfbM\xe0\xf9\xd8\x98\x8b91\x9cJH\xd3\x9c\xd2\xa9\x80M\x96\"\x01\b\xfc\x9a\n\v\x19}?\f\xb6\xd4w\x12r\xba\x90!\xd40\xdaA\x82b\x92\x9f_\xe9\xf5\xba\xf3k\xe4\x9f\xa4\xfd\x15\xa5::\x86\xa7>\xabU\xa5\xe9{Yh\xec\xe9\x14\x12\x19\xb0\x93s\xb6\xe3\x15\xdd\xd4\xf9~$)\xf5\x95\xabU\xec\xc3\xa0!Ac\xe8<u\xda\xe8', &(0x7f0000002840)='gcB\xc6+\xbf\xcc_\x81 \xd5\xb9\x93L9\x87\x84K\xb9!\x0eX czg\x14\xec*\xed\xa6u\xc4\x14*\xdb_\xe8\\\x96\n\xa6)\v\xf9 \xebb|\xe7\x14\x82\xc3\x90\xf9\r?i\x86Lpw\xba\xe1\v\x1a9G\x04\fpfP\xdf\xee<:C\x1e\\\x1f&\xaf\xea?\x91\a\xea\x8d\x05\x83aJ\xf0v\xc0q\x84\x93il\v\x03\b\xadT\aO\x8d\xd5u\x84\x82\xb2\xd4(\x1d\x04\xf2\v\xe9\x8a\xdfU\xd1\x1f\x9b\x1d2mRQ\xea\x90\xa0\xa27\x9d;\xe4\xb4\x86\xa7&\xa9c6\x1b\x8d\xa6$\x82\x1b\x9a\x82\xc0o/\x8c\x97\xb9:Jh\x9f\xb2\"\x95j\xd7PN\x89\x7f\xc8AB\xc7}T\xbe\x8aO\x9d\x94\x8d\xf1\xe7\xe2\xad\xdd\xc2\xb7\xe8Ac*t\xf7\x16\x8fe\xef\x84\xf5k\xa9\xeb\xebt\xc3\xf1f\xca\x04*\xec\xfa\xe5b\xeb\xb4\x99\xefSv\x82\xe2\xe3\x02)sP%Z\xad\x83\xda\xbe2\xa9\xf2\xdaH\xf2{\xf6~\x0f\xb9\xdd.\x06W\xd7\x1dG<\x1e\f2c\xf4\xa0d\x01\x88\xee\xcc\x10(\rap\x98?\xb1$\xe9\xe9+\xa6\xfb\xb1\xc61\xba\xd5\x91]]\xb26\xbfA\x86\f\xda\fi\xc8\xef\"_^5\xd1~)\x7f\x0eK\xea\x83\xe7%d\xc5 H\x17\xf0\xcc\a\x10dxb\xc2\x13m[xS\rO\x880\xf1P\xac]\xc2He\xa9\xff\xc1\xa8\x1df_\xcax\xbd\xf4m\x1e\x18ocmU5\\\xf5\x05\xec\xa3\x98\f1\x89\x99\xf0P\x8e\x1b\xe3\x9e\xb9\x0f\xf9\xb0\xadd\x9d=d\x94\xec\xceQx\xdb\xf6zG!3\xb9\x05\xf0\xae\xfc\x88\f\x96+\xd3\xac\xf3\xef\xa7\xb7\xd1Xk\xb7vo?1H\x86\x192\xb2&\xa5\x9d\xd7\xbc\xa5\a\xfer\x14\x0e\xd9=\x9f\xa1\xda@\xc7-\x93\xbc4\xc0\xfe\xf6\xf6\xc4\xc3ZT>R\x11\xba\xf9\x17\r\x98\a\x06\xe8\x80\xef\xdf\x87\x1f\xfd\xb8\x19\x9c\x19\xb4\xac%~\x12\x7ft\xa9\v\xae\x9c\xf3\xb0\xb9\t\x8d\xb9\x14\xcb\xe3csR\xe2\xfbL\x9f\xb3\xa4^\xc1\xf7m0N\xf7\xcf\xfdY\\d\x03(\x89\xe7\xe1\xcf\xa4\x953SQc\xbaG\xcd\xce\xf5o@\xfdi\xd1w~\xc8\xb9\\\a\xeba\x18\x95\x94\xea\xd4\xe8\xcaP\x89\x9b\x12\xa7\xdb\x95c=\x16\xd5\x06\xf9O\x87\x02\xcd\xa4\xc0\xa17\x92]_\xa2>\xbb\xc8?\x98\xa6+\xcf\xf5\xa0\xe8\x9a\x9e>O\xbf\xd3Fd\xfe\x9c|0\xdd\x7f\x85^\xdf\xe0\x84\x17\xe5\xc05\x8av\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xcd\xd3o26\x8a\xc5\x13\x86\xbd\x86\xbc\x12\xf5\xa2![\x84i\xe1\xb2\xa2\xa1F\xd9{\x95\xdc\xbbc\x8a\xa1B\x10W\xbe\xc2\xa2\t\xd4\xfdp\x06\xe5.\r\x1dd\xfc\x97\x9dn\xef\xc0\xa6\x9a\xe0\xd5\x98o\x18\xaf\xba\x03\x00\xbd`Qa\xdc\xcb\xce\x91\xcd\x00\x80\x00\x00\x00\x00\x00\x00\xc3\x01\x004.\x8d\xf7F\xb0\xc4_g\x82\x96M`l\x84\xd9\xab\xd6\xacYBG\xfb\x821e\xb4\xe6@\xe3\x82\xc6\x85\x96FQn\x0e\xa9\xc6\x9e\xc4\xdbA\xafSt\x9d\x15\xd0\xbd\xd8k\xd3G\x80\x1dE\x168+\v\xfb_\xc3\xd3\xc9\x87\f8\x03\x8c\xed_\xeb\x9c\xbd]=Blu\x04-g)\x01\x9a\xde\xf1\xdf\xe3\xd7)\b\xee@,\xcc#\xc2\xf4p\x1a\xa9\xe9 :J.\xdf\xdb>y\x95+,m\xc7\xad\xf9a1\xa1\x91Ed\x86D\xe4Tc\xd6d\xf0\xc4\x04L\r\xa1\x88e\"F\x92\xdb\x06\x04\xca\xfdLK\xdb\x1c\x8a\xc9r2TfGF\x06\xbf\xe8\xe5\xb0\a\xd3d\xfc\x16\x14L*\xef\xcb{\f\x875\xf4u\r\xfbMj?|k\xe0\x17\xec\x99\xdao\x05<\xac\xe0\xcd4\xc4\xefi\xaa\xcb\xb7\xb5\x05*\xf2\x87\xe4\x12\x06\xd9\xb2\xbaEM\x85o\nT\xcd\f\x1d\'#*\x83\xa31\xf2an\x8b\xfb4\xb5\x9bl\xa1\xa0QX!\xa6l\xbb3P\x1a\xba\xf5\xbc\x82G\xdc\x9b4}\xcaq^\xc3\xb1l\x8c6<\xab2\xe8\xb1$O\n\xce\xb4\xe7\xba \x9b\xa8\x0fb\n~5!\x85T\x0f\xf6\xea\xcd\xe9a\xc69\xde\x94\x05\xe7[\xd5\xc9\f\xd9\xb5\xec\x1c\x19#R\xb4\xbaN\xcd\x02\x1f\x89\xce\xa3\xff:m\xb3\xa8\x18?\x92dY3\x841\xdc\x1b\xeb\xe2b\xfa\xeb\x1b)\xe4\xb4}\xd1\xba\x1e]\xe2\xbbz\x995\xcf\xcd\xado\xe9/Zn\xc1\x88\xa15\"\xae\x93K\a\xd7`\xde\xb6\xb8J\xbe\xdafS\x1d\r4\xf5f\xd9o\x02\x95\xd2M3y \x7fcW\xe4\x17\xeb)Wa\xa9\xc7\xd5\xdb{k\x9e\xef\xf8\xc1\xdc\x94\xb1\xbbw\xd3\'1S\xc8\xb2\xdd\xcc\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000100)='-#\xe5r/!6\x19fx\x1e\xb6&b\xefk\x17\x81\x00\x8e\x8c\x00\x02|\xd3\xdch\xe5c\xe6\xa4v%\xf5\x98\x92B\xe2P-\x92\f\xa9\f \xee\x00\x025C\t\x01\x9b\xa2\xf1A\xc4\x83K\xcb\f\xaflF4\xb6\xb4b\xd6\x8c\x8f%\xc8\xc7\x84\x8f1\xe8\r\xf6\x15\x7fJ\xbc\x18\xed\xd72t\x9c\x19g\x04\x03\xfb\xc7\xc8\"f4e\x89vJ\x9dZ4\x16^<', &(0x7f0000000540)='gcB\xc6+\xbf\xcc_\x81 \xd5\xb9\x93L9\x87\x84K\xb9!\x0eX czg\x14\xec*\xed\xa6u\xc4\x14*\xdb_\xe8\\\x96\n\xa6)\v\xf9 \xddb|\xe7\x14\x82\xc3\x90\xf9\r?i\x86Lpw\xba\xe1\v\x1a9G\x04\fpfP\xcf\xee<:C\x1e\\\x1f&\xaf\xea?\x91\a\xea\x8d\x05\x83aJ\xf0v\xc0q\x84\x93il\v\x03\b\xadT\a\x14\xd7\xd5u\x84\x82\xb2\xd4(\x1d\x04\xf2\v\xe9\x8a\xdfE\xd1\x1f\x9b\x1d2mRQ\xea\x90\xa0m#\xa4\x1dy\x9d\xe9\xfa\x06\xa27\x9d;\xe4\xb4\x86\xa7&\xa9c6\x1b\x8d\xa6$\x82\x1b\x9a\a\xc0o/\x8c\x97\x00\x00Jh\x9f\xb2\"\x95j\xd7PN\x89\x7f\xc8AB\xc7\x8d\xf1\xe7\xe2\xad\xdd\xc2\xb7\xe8Ac*v\xf7\x16\x8fe\xef\x84\xf5k\xa9\xeb\xebt\xc3\xf1f\xca\x04*\xec\xfa\xe5b\xeb\xb4\x99\xefSv\x82\xe2\xe3\x02)sP%Z\xad\x83\xda\xbe2\xa9\xf2\xdaH\xf2{\xf6~\x0f\xb9\xdd.\x06W\xd7\x1dG<\x1e\f2c\xf4\xa0d\x01\x88\xee\xcc\x18(\ra\xb1\xc61\xf1\xe7m\xfd\x00\x00\x00\x00\xe4C\"\xba\xd5\x91]]\xb26\xbfA\x86\f\xda\fi\xc8R\x8f\xf9x\xbd\xbb\x90\x17$\x9e\\\xee\xc6\x88?)\r@e*\"_^xb\xc2\x13m[P\xac]\xc2\xc1\xa8\x1df_\xcax\xbd\xf4m\x1e\x18occU\xb5\\\xf5\x05\xec\xa3\x98\f1\x89\x99\xf0P\x8e\x1b\xe3\x9e\xb9\x0f\xf9\xb0\xadd\x9d=d\x94\xec\xceQx\xdb\xf6zG!3\xd7\x05\xf0Xk\xb7vo?1H\x86\x192\xb2&\xa5\x9d\xd7\xbc\x85\a\xfer\x14\x0e\xd9=\x9f\xa1\xda@\xc7-\x93\xbc4\xc0\xfe\xf6\xf6\xc4\xc3ZT>R\x11\xba\xf9\x17\xfd\x98\x06\x06\xe8\x80\xef\xdf\x87\x1f\xfd\xb8\x99\x9c\x19\xb4\xac\xb0\x11i\xcc\xb9BG\x1ac\xbc\xd9&\xb6\xd9\x04\x03\xc6\xebf\x84\xe5\xfeJ\xe7\xe6\xb3\xe9\xca\xe7\xc1\xa7\x9aO\xc1\t\x1c\xeb\xfbl\xa4\x80KQG\x80\xcd\xdd\t\x91\xdb}\xb1\xde\xf9\xbe=\x8b\xde\xf2G\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xf7\xa9\x99t\x87 \x9f\x03}\x8d\x1b\x14\x1eU.r\xe1', &(0x7f0000000180)='@+\x00', &(0x7f00000001c0)='\x00'])

15.491170409s ago: executing program 1 (id=706):
r0 = socket$inet(0x2, 0x3, 0x100)
setsockopt$sock_int(r0, 0x1, 0x6, &(0x7f0000000500)=0x8, 0x4)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000790000000900", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0}, 0x90)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x0, @local}, 0x3c)
connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @broadcast}, 0x10)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f00000000c0)={'gretap0\x00', &(0x7f0000000140)={'gre0\x00', <r2=>0x0, 0x7, 0x8, 0xfff, 0x10, {{0x9, 0x4, 0x2, 0x5, 0x24, 0x65, 0x0, 0x10, 0x29, 0x0, @local, @local, {[@generic={0x89, 0x6, "953b2168"}, @ssrr={0x89, 0x7, 0xf6, [@multicast2]}, @noop]}}}}})
sendmmsg$inet(r0, &(0x7f0000002b00)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=[@ip_tos_u8={{0x11, 0x0, 0x1, 0xfc}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @rand_addr=0x64010100, @local}}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x80}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x4}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r2, @loopback, @multicast2}}}], 0x88}}], 0x2, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r3, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
listen(r3, 0x0)
syz_emit_ethernet(0x5a, &(0x7f00000004c0)={@local, @multicast, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x4c, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @broadcast}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0xe, 0xcfb9cc821fc0631b, 0x0, 0x0, 0x0, {[@md5sig={0x13, 0x12, "182a167fb8683154c59f6736fae00ac7"}, @md5sig={0x13, 0x12, "ed2cb3d053ef96b64f3d6d860b3dc5d2"}]}}}}}}}, 0x0)

15.196065572s ago: executing program 1 (id=708):
r0 = socket$l2tp6(0xa, 0x2, 0x73)
r1 = socket$l2tp6(0xa, 0x2, 0x73)
bind$l2tp6(r1, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback, 0x0, 0x3}, 0x20)
bind$l2tp6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty}, 0x20)
connect$l2tp6(r0, &(0x7f00000000c0)={0xa, 0x0, 0xc0fe, @ipv4={'\x00', '\xff\xff', @loopback}}, 0x20)

15.179036802s ago: executing program 4 (id=709):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x4048aec9, &(0x7f0000000600)={0x18, 0x0, @ioapic={0x0, 0x0, 0x0, 0x0, 0x0, [{}, {}, {}, {}, {0x5}]}})

15.069316981s ago: executing program 1 (id=710):
r0 = syz_usb_connect_ath9k(0x3, 0x5a, &(0x7f0000000100)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0xcf3, 0x9271, 0x108, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x48}}]}}, 0x0)
syz_usb_ep_write$ath9k_ep2(r0, 0x83, 0x100000, 0x0)

14.946388804s ago: executing program 4 (id=712):
madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0xe)
mlock(&(0x7f0000c00000/0x400000)=nil, 0x400000)
mremap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2000, 0x7, &(0x7f0000fff000/0x1000)=nil)
madvise(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x15)
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @broadcast}}, 0x1c)
seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000340)={0x3, &(0x7f0000000000)=[{0xac}, {0x30, 0x0, 0x0, 0x8}, {0x6, 0x0, 0x0, 0xffff0001}]})
recvmmsg(r0, &(0x7f00000009c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)
memfd_create(&(0x7f00000007c0)='\x01\xac=\x9d\xd2\xdb\x1a\'\xf8\n\xedcJ\x8e\x84\xd4N\x00\x9b\x1f\t\xbd\x11+\x86T\x16\xa3\xb3\xae0\x9f9\x00\x00o\xa4k\x012>\xa1\x9c\x86x\x84\x195\xca\x97_\t~\xf3Y\x12\"p^\x00\x02\xb4\xfd\xde\x00\x00\x00\x00#^\x00M\b\xc6:|R\x04\xc2\xb8I\xa3\xb9\xe2\xa2\xebw^Iu7i$\xf1\xd4\x9b\xc7\xb2\xbeD`\x8f\xc3\x96\xbc#4\x17\xf5\xb3\xc9\xb2\x94\xa8_f!\xdf\x90}\xba\xa3\x01\xcf\xb7\"4\a\x04ry\x00#4\x87m\xf7\xe3\xf5\xa7\xda\xb9\xcbU\xbe\x06]\xa9\xb6R~\xc9l}\xb7I\xfeH\xb3\x15\x8c\x06d\xf8c\xc0{\v\xd2\x9d\x8e\\\xae>\xf6qucC\xd42e9\xe0\xbf\xdd\xdc\x99\xf4\\\xd0\x96:\xfb\x8c\x12o\xcc-\x13\x14\xbev\xae\x80Zp\x95c]\x98\x8c\x01\x8fo\xafjN\xcb\x98\xdf[V\xbd[\xb9\x10v\xee\xdc\xc8G\xd0\xdc9\xccO\xf7\xb5\xbc\xcf\xfb\xe9\x14\x00\x00dU\x00\xfd\x00\b\xfb\xb5Z\xb0-\xc8\xdb\xa3f\xf4W\xeb\x06\xc2\xd1\xb6\xd1%\xca\x8f\x013|\x8ez\x1eo\x9a\xe1\xea\xd5\x05e\xd3+m$\x88\xc5I\xd5\xd7\x18\xb6#@P&[\xad\xda\nmU\x823\\&P\xdc\xbcS\x80\xc1dJ!LH\xaa\a\x82\xf3\xde\x96\x85\x0e\x15\x88\xc5\xdd\xa8\x92\xc7\xcb\x91\xf2[Y\x06\x8a\x9fN\x10\xb9\xf4\xecq\xce\xd2\x17\x88\xae\xcc7r\xd7\xeaz\xcevR\xcau\r\xf1\t\xc2$k\xff\x8f\xe2\xbe\xfe\x14AN\xf8\xc6\xa8`Fs[6kYH+\xa5\xdcxUY3\x12t\xef\xec{\xbf\xd7\xf9\xff3\x94<v\xf1\r\xaei\xa0Xam\vN\x7fR\x96.^\xd3\x01VbON\xc3P\xe7\x16\xcc\xca\xd6\xe5\xe8\r\x9b\x8d.\xdd\x1a\xaa\xa6*\xed\xcch\x7f\xfb\x17\xdcMmX\xea\xcf\xc40\x19\b\xe1\xb1\xf4\x7f\xca\xbeg\xb1bEm[\x04\tX8\x15#\x94\xa6M?\xe0\x00R\xa7=/\xfd:\xaf\xc3\x18\x10\f\xa1\x1a\xa7Yt\x151\xc7T\x00\x00\x87d\xac\xcf\xd8\xd0Q\x16\xa1\x94\xa2\xbe,\xf3\xe6\xd5(A\xd0\xc3{/>\xf1*\xee\x1f\xf6s\xdb7h\xf1\xf1\xd6\x0es\x8a\x01\xea\xfb.\xd6\xfe.\xfah\x98\xc1N\x1f\xbb\xa7\xbc\b\x12\xad\xa4\xfd\xce\xc3z\xd3\x11[\xfbJ\x9ck\x9dQ\x124\xb0\x85\xb4\x8bFH/\xda\xdd\xb7\xb0B.\xba\x82c\xc65\xe4\\\xbasVDN\xda\xc3\xae\x83V\x9b\xe9\xa1\xfc\xe8\xcb\xcc\xd1\xd8\x85\xb6\xbe\x18S^i\x17\x15\x92L\xb9\xef\xe9W\xb4\xfc\xac\xfd\xd8\x1f\xec\xab\xb9\xa1\x00\x00\xc1|m/4\x80c`\xf5\x02\x1d\xa9\xf8a\xfc.\xe0\x00/H:\x9c\x93?\xf4*jy\x1e\xfc\x81y\xf0eM\fP\xd7o\x12\xf4\xbfWI\x88\xf7\x8e\xad\x8bY\xf3\x18\xaf\xc6\\}YX\xf2\x1c\xad\xba\nDLh\x8b\xae\x02\f\xdf\xf4w\xed\xd0\r\x9d\x83o:I\xb1\x01\xaf\xf9\x8f\x8c\x13}O\xc20\x06\v\x14\x0e\x81nV\x02g\xe8~\x1e\xa9\x92\'H\xe0\x9d\xea\r\xd2\x89\xe0`\x8d\xea\xfcT\xb0+\x1d\b1`2\xde_\'\xc0\v\xaem\xbfU]\xb6m+\nQI\xcff\xf9\xd1\x88\xb5\xb6\x9e`Lp(H\x03\xf4!\x90\xf7\xfb\x96\x11\xf5\x90\xc2\xf8n\xf2p\xa0]\x91m\x06\xabhm\xbe\xa2\x00'/842, 0x0)
r2 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f0000000140)={0x0, @in6={{0xa, 0x4e22, 0x7, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x21}}, 0xfffffff7, 0x9ab, 0x0, 0x9efa, 0x30, 0xfffffff7, 0x5}, 0x9c)

14.323624012s ago: executing program 4 (id=718):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000020240), 0x10010)
r1 = socket(0xa, 0x1, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
r3 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'syz_tun\x00', <r4=>0x0})
bind$packet(r3, &(0x7f0000000100)={0x11, 0x0, r4}, 0x14)
bind$inet(r2, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
setsockopt$sock_int(r2, 0x1, 0x3c, &(0x7f00000000c0)=0x1, 0x4)
sendto$inet(r2, 0x0, 0x0, 0xc806, &(0x7f0000000180)={0x2, 0x4e21, @multicast2}, 0x10)
sendto$inet(r2, &(0x7f0000000100)='J', 0xfdbe, 0x4004084, 0x0, 0x11000a00)
close(r1)
r5 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$packet_tx_ring(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000100), 0x10)
setsockopt$packet_tx_ring(0xffffffffffffffff, 0x10f, 0x87, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
socket$can_j1939(0x1d, 0x2, 0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x11, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000ac0)=@base={0x6, 0x4, 0x1000, 0x89, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2}, 0x48)
r6 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
r7 = fcntl$dupfd(r6, 0x0, r6)
ioctl$SCSI_IOCTL_GET_PCI(r7, 0x5393, &(0x7f0000000000))
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x13, 0x1e, &(0x7f0000000640)=@raw=[@map_idx_val={0x18, 0xa, 0x6, 0x0, 0x9, 0x0, 0x0, 0x0, 0xba}, @btf_id={0x18, 0x6, 0x3, 0x0, 0x1}, @func={0x85, 0x0, 0x1, 0x0, 0x2}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r7}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7ce}}, @btf_id={0x18, 0x2, 0x3, 0x0, 0x2}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x4000200}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x4}], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x1d, r0, 0x8, &(0x7f0000000280)={0x7, 0x3}, 0x8, 0x10, &(0x7f00000002c0)={0x5, 0xc, 0xb0, 0xab5f}, 0x10, 0x0, r0, 0x2, &(0x7f00000003c0), &(0x7f0000000400)=[{0x5, 0x2, 0x7, 0xc}, {0x4, 0x4, 0xb, 0x4}], 0x10, 0xe}, 0x90)
sendmsg$AUDIT_GET_FEATURE(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x10, 0x3fb, 0x200, 0x70bd29, 0x25dfdbff, "", ["", "", "", ""]}, 0xc}, 0x1, 0x0, 0x0, 0x40004}, 0x4000)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r5, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x1c, &(0x7f00000020c0)=[@in6={0xa, 0x0, 0x0, @remote, 0x34}]}, &(0x7f0000002100)=0x10)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x12, &(0x7f0000000300)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}}, &(0x7f0000003c00)=0x90)
sendmsg$IPCTNL_MSG_EXP_DELETE(r0, &(0x7f0000000600)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000580)={&(0x7f0000000540)={0x14, 0x2, 0x2, 0x3, 0x0, 0x0, {0x2, 0x0, 0xa}}, 0x14}, 0x1, 0x0, 0x0, 0x3000800c}, 0x4004)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x7, 0x10012, r0, 0x0)

14.321176206s ago: executing program 0 (id=719):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.io_service_time_recursive\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x12, r0, 0x0)
ftruncate(r0, 0xc17a)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, &(0x7f0000000000)=0x9, 0x8, 0x0)
mlock2(&(0x7f00003ba000/0x4000)=nil, 0x4000, 0x0)
mbind(&(0x7f00005f7000/0x2000)=nil, 0x2000, 0x0, 0x0, 0x0, 0x0)
mlock2(&(0x7f0000371000/0x1000)=nil, 0x1000, 0x0)
mlock(&(0x7f000094f000/0x4000)=nil, 0x4000)
mlock2(&(0x7f00007fe000/0x1000)=nil, 0x1000, 0x0)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x5000000, 0x0, 0x0, 0x0)

14.035752863s ago: executing program 0 (id=720):
inotify_init()
r0 = socket$netlink(0x10, 0x3, 0x0)
writev(r0, &(0x7f0000000140)=[{&(0x7f0000002840)}], 0x1)
r1 = socket(0x80000000000000a, 0x0, 0x0)
setsockopt$inet6_group_source_req(r1, 0x29, 0x4c, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x800, @remote, 0x81}}, {{0xa, 0x0, 0x200, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}}}, 0x108)
connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x2, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}, 0x1c)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index, 0x0, 0x0, 0xfffffffffffffe54})
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r2, 0x4018620d, &(0x7f0000000140))
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, 0x0)
dup3(r3, r2, 0x0)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000400), 0x0, 0x0, 0x0})
r6 = dup3(r5, r4, 0x0)
r7 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r7, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r7, 0x4018620d, &(0x7f0000000040))
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000300)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r6, 0xc0306201, &(0x7f0000000380)={0x4c, 0x0, &(0x7f0000000740)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x58, 0x18, &(0x7f0000000540)={@ptr={0x70742a85, 0x0, &(0x7f00000004c0)=""/69, 0x45, 0x1, 0x3e}, @flat=@weak_binder, @flat=@weak_handle}, &(0x7f0000000240)={0x0, 0x28, 0x40}}, 0x1000}], 0x0, 0x0, 0x0})

13.478729467s ago: executing program 3 (id=721):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000005dc0)=@delchain={0x274, 0x65, 0x0, 0x0, 0x0, {}, [@filter_kind_options=@f_matchall={{0xd}, {0x1c, 0x2, [@TCA_MATCHALL_FLAGS={0x8}, @TCA_MATCHALL_FLAGS={0x8}, @TCA_MATCHALL_CLASSID={0x8}]}}, @TCA_RATE={0x6}, @TCA_RATE={0x6}, @filter_kind_options=@f_route={{0xa}, {0x208, 0x2, [@TCA_ROUTE4_FROM={0x8}, @TCA_ROUTE4_FROM={0x8}, @TCA_ROUTE4_ACT={0x1f4, 0x6, [@m_ife={0x130, 0x0, 0x0, 0x0, {{0x8}, {0x64, 0x2, 0x0, 0x1, [@TCA_IFE_SMAC={0xa, 0x4, @dev}, @TCA_IFE_TYPE={0x6}, @TCA_IFE_PARMS={0x1c}, @TCA_IFE_METALST={0x14, 0x6, [@IFE_META_TCINDEX={0x4, 0x5, @void}, @IFE_META_SKBMARK={0x8}, @IFE_META_TCINDEX={0x4, 0x5, @void}]}, @TCA_IFE_PARMS={0x1c}]}, {0xa5, 0x6, "21b2caeba32a6f7c5900697624a17b85a9db3a31b129a4976a84cfb4f5d651fd8aa24a645c8f63c025fcca463a6b79a3d7e6c9a8b89a140805ef63939ac2e37b49004b0dc3b8446aa7038eceef52fe7bdca153fe865c65015a3b208b282c16472e451aa10a8631235c49cae271f5fc8ce5e34d9938e3d5f43ac7a0e31b0acfc73199ca90e81246819f4c740a4fa3247a2af88d6569da09be7179b89f9f024c9f46"}, {0xc}, {0xc}}}, @m_ctinfo={0xc0, 0x0, 0x0, 0x0, {{0xb}, {0x4}, {0x91, 0x6, "007cbe9797ed2fc991bbda934119c50857fa14f72b7e9af7ec8d5705e06fd24455a0d1bc49ce2faa684e9a77ec7882a6f9be5a4ed10a4a816f5d68f97b85bcc59797b7734c4d6d50f76e631b8d60249a2cd5e613690c13b22fc13048c5422892d45bf78e6d18be5374c4487a3ebeac76dbf4fc6eadbfb42d070fc9584d35309e2582729e8547c1c86872b9bb88"}, {0xc}, {0xc}}}]}]}}]}, 0x274}}, 0x0)
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x334}, {&(0x7f00000007c0)=""/154, 0x180}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400})

13.190565981s ago: executing program 1 (id=722):
r0 = io_uring_setup(0x0, &(0x7f0000000280))
r1 = io_uring_setup(0x439b, &(0x7f0000000180)={0x0, 0x8a06, 0x4, 0x1}) (async)
r2 = syz_open_dev$dri(&(0x7f00000004c0), 0x100000000, 0x981600)
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r2, 0xc02064b9, &(0x7f0000000dc0)={&(0x7f0000000240), &(0x7f0000000200)}) (async)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="04b1c3e925e6900dbefd26af7c"], 0xd)
ioctl$SG_SET_COMMAND_Q(0xffffffffffffffff, 0x2276, 0xfffffffffffffffe) (async)
syz_emit_vhci(&(0x7f0000000480)=ANY=[@ANYBLOB="042c000700000000000000f9ff00000000000000aad01a769f90803f9a5297aea4415cebbbf6297d5df84c3dc02339481d2a4661bfb25a431d240d0552c7d87e"], 0x14)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="40000000fedbdf25000000000d4cf0a75eba5f33ae920b9e98b7bc22fe786ec69357aac4d559d5acb01ca75bdb3f6971c1708c0b1627d39cc77f2a59b111b2aa414ec1c3330148898e2e2dadf5db51332e5f469fbf0056f2bb29627c1d9fb9a32b8c50faf1aa29355f14cabbb4f141a91d0ad6861a6c79d667a9871dc52457ab282c", @ANYRES32=0x0, @ANYRES64=r3], 0x40}, 0x1, 0x0, 0x0, 0x800}, 0x8805)
syz_open_procfs$pagemap(0xffffffffffffffff, &(0x7f0000000100)) (async)
socket$key(0xf, 0x3, 0x2) (async)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f0000000140)={0xa, 0x0, 0x0, @remote}, 0x1c) (async)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000380)=[@text32={0x20, &(0x7f00000001c0)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000ee6d2f2f800000c00f3266bac0000f3066b808008ed0660f38806f008ee0", 0x3a}], 0x1, 0x0, 0x0, 0x0) (async)
ioctl$KVM_CREATE_IRQCHIP(r5, 0xae60) (async)
ioctl$KVM_CREATE_PIT2(r5, 0x4040ae77, &(0x7f0000000040)) (async)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_SET_PIT(r5, 0x8048ae66, &(0x7f0000000080)={[{0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfc}, {0x0, 0x0, 0xfe}, {0xfffffffe, 0x85e5, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}]}) (async)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) (async)
ioctl$KVM_SET_REGS(r6, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2004cb], 0x0, 0x200})
ioctl$KVM_CAP_ENFORCE_PV_FEATURE_CPUID(r6, 0x4068aea3, &(0x7f0000000200)={0xbe, 0x0, 0x1})
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_RUN(r6, 0xae80, 0x0) (async)
io_uring_register$IORING_REGISTER_FILES(r1, 0x2, &(0x7f0000000200)=[r0], 0x1) (async)
syz_io_uring_setup(0x24f9, &(0x7f0000000200)={0x0, 0x82b7, 0x10100}, &(0x7f0000000080), &(0x7f0000000140)) (async)
memfd_secret(0x0)
socket$inet6_tcp(0xa, 0x1, 0x0) (async)
add_key(&(0x7f0000000000)='asymmetric\x00', 0x0, &(0x7f00000001c0)="dfa6", 0x2, 0xfffffffffffffffe)

12.950848829s ago: executing program 0 (id=723):
r0 = socket$inet6(0xa, 0x6, 0x0)
bind$inet6(r0, &(0x7f0000000180)={0xa, 0x4e20}, 0x1c)
listen(r0, 0x80080400)
r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000003180), 0x0, 0x0)
ioctl$SNDCTL_SEQ_GETOUTCOUNT(r1, 0x40045109, &(0x7f0000000000))
r2 = socket$inet_dccp(0x2, 0x6, 0x0)
connect$inet(r2, &(0x7f0000e5c000)={0x2, 0x4e20, @empty}, 0x10)
r3 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="020a0003070000000000000000000000051e001a00ff0200000000000000000000000000012dac1414bb0000000000113709230000000000"], 0x38}}, 0x0)
getsockopt$inet_int(r2, 0x10d, 0xac, &(0x7f0000000000), &(0x7f0000000080)=0x4)

12.95021184s ago: executing program 4 (id=724):
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'sit0\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x36, 0x4, 0x0, 0x0, 0xd8, 0x64, 0x0, 0x0, 0x0, 0x0, @broadcast, @remote, {[@timestamp={0x44, 0x18, 0x0, 0x0, 0x9, [0x401, 0x5, 0x0, 0x0, 0x0]}, @timestamp_prespec={0x44, 0x44, 0xc0, 0x3, 0x1, [{@private=0xa010100}, {@multicast1}, {@remote}, {@dev, 0x659}, {@broadcast}, {@empty}, {@multicast1, 0xffd200}, {@private=0xa010100, 0x7}]}, @timestamp_prespec={0x44, 0x3c, 0x0, 0x3, 0x8, [{@dev}, {@remote}, {@multicast2, 0x7}, {@private=0xa010101}, {@rand_addr=0x64010101}, {@broadcast, 0x52b1}, {@multicast2, 0xfffffffe}]}, @noop, @noop, @noop, @lsrr={0x83, 0xf, 0xdc, [@private=0xa010102, @rand_addr=0x64010102, @multicast1]}, @rr={0x7, 0x17, 0x0, [@dev, @remote, @multicast1, @private=0xa010102, @remote]}]}}}}})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000240), 0x208e24b) (async)
r3 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_PORT_GET(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)=ANY=[@ANYBLOB="20000000091401001000786895770000040001"], 0x20}}, 0x0) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r2, 0x0)
r4 = dup(r1)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) (async)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0) (async)
dup3(r5, r2, 0x0) (async)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0) (async)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000}) (async)
ioctl$KVM_NMI(r5, 0xae9a) (async)
ioctl$KVM_RUN(r5, 0xae80, 0x0) (async)
r6 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r6, &(0x7f00000002c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-twofish-3way\x00'}, 0x58) (async)
setsockopt$ALG_SET_KEY(r6, 0x117, 0x1, &(0x7f0000001280)="b7f2288a911993f08d3aaea2bc0000de", 0x10) (async)
r7 = socket$nl_route(0x10, 0x3, 0x0)
add_key(&(0x7f0000000040)='asymmetric\x00', 0x0, &(0x7f0000000300)="303e3002a0001f14000000d190c937dc6914243b0402d6dcb70ad80851956fe6727ae888746b02cee670a5882a0ad79716584e6b04b7f62edac751478af9c62f", 0x40, 0xfffffffffffffffc) (async)
sendmsg$nl_route(r7, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="4000000010000d0400"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800b00010065727370616e0000040005800a0001000000000000000000"], 0x40}}, 0x0) (async)
socket$packet(0x11, 0x2, 0x300) (async)
syz_open_dev$dri(&(0x7f0000000000), 0x4e6, 0x90000) (async)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x200, 0x0) (async)
memfd_create(&(0x7f0000000040)='rootmode', 0x0)
syz_emit_ethernet(0x5e, &(0x7f0000000080)={@broadcast, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00', 0x28, 0x3a, 0xff, @local, @mcast2, {[], @ndisc_redir={0x89, 0x0, 0x0, '\x00', @private2={0xfc, 0x2, '\x00', 0x1}, @mcast1}}}}}}, 0x0)
r8 = accept$alg(r6, 0x0, 0x0)
write$binfmt_elf64(r8, &(0x7f00000003c0)=ANY=[], 0x100000530)

12.949957042s ago: executing program 3 (id=725):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000180)={0x26, 'hash\x00', 0x0, 0x0, 'cmac(aes-generic)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f00000003c0)="9f9087453b0000000000000552859b3668", 0x11)

12.545690325s ago: executing program 3 (id=726):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
socketpair$nbd(0x1, 0x1, 0x74000000, 0x0)

12.355546258s ago: executing program 3 (id=727):
r0 = mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x2000007, 0x401d031, 0xffffffffffffffff, 0x0)
r1 = userfaultfd(0x1)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000000))
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000100)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
syz_io_uring_submit(r0, 0x0, 0x0)
syz_io_uring_submit(r0, 0x0, 0x0)
read(r1, &(0x7f0000001600)=""/233, 0xe9)
r2 = syz_open_procfs(0x0, &(0x7f0000000040)='fdinfo/3\x00')
preadv(r2, &(0x7f0000000500)=[{&(0x7f0000000280)=""/134, 0x86}], 0x1, 0x0, 0x0)

11.293643228s ago: executing program 3 (id=728):
gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r0 = socket$inet(0x2, 0x1, 0x0)
setsockopt$sock_int(r0, 0x1, 0x2e, &(0x7f0000000180)=0x7b, 0x4)
shutdown(r0, 0x0)
recvmmsg(r0, &(0x7f00000066c0), 0xa0d, 0x0, 0x0) (fail_nth: 54)

11.154101056s ago: executing program 2 (id=729):
r0 = syz_open_dev$vim2m(&(0x7f0000000200), 0x40002, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000280)={0x6, 0x1, 0x700, "ff0205000000000100"})

11.153705761s ago: executing program 3 (id=730):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0020}]})
set_robust_list(&(0x7f0000000100), 0x18)
r0 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030033000b35d25a806c8c6f94f90a24fc60080004000a000200053582c137153e37000c0980fc0b10000300", 0x33fe0}], 0x1}, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x2c, 0x4}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = signalfd(0xffffffffffffffff, &(0x7f00007aeff8)={[0xfffffffffffffffe]}, 0x8)
io_setup(0x3ff, &(0x7f0000000500)=<r2=>0x0)
io_submit(r2, 0x1, &(0x7f0000000240)=[&(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f00000012c0)="edb8f45edd4797499f69a988927242aecab13b47889ef568bd665869219208fc9378ce384dcaa0fb320e0c442a1f1eb330d19168c6bfda8d252cf58a7018a5226c3674790bd3bc00ddd3173cecf25b3004e16b010fd88046155a2bdb78b2b3a4c303a57bafbb9909cee49f7ae25146dd4d181ac55312184598a85d8d040bf771", 0x80}])
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
bind$netlink(0xffffffffffffffff, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYRESOCT], 0x110}}, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000002c0)=@ipv4_newroute={0x34, 0x18, 0x1, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, [@RTA_ENCAP={0x10, 0x9, 0x0, 0x1, @SEG6_LOCAL_SRH={0xc}}, @RTA_FLOW={0x8, 0xb, 0x6}]}, 0x34}}, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
r6 = openat$cgroup_int(r3, &(0x7f00000002c0)='cpuset.cpu_exclusive\x00', 0x2, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x8, 0x46d, 0xc295, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, {0x9}}}]}}]}}, 0x0)
syz_usb_connect$uac1(0x0, 0x7e, &(0x7f0000000300)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x6c, 0x3, 0x1, 0x0, 0x0, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, {{}, [@mixer_unit={0x5}]}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@format_type_i_discrete={0x8}]}, {{0x9, 0x5, 0x1, 0x9, 0x0, 0x0, 0x0, 0x0, {0x7}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x82, 0x9, 0x0, 0x0, 0x0, 0xee, {0x7, 0x25, 0x1, 0x2}}}}}}}]}}, 0x0)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="043e1f0a00"], 0x22)
sendmsg$nl_route(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newlink={0x48, 0x10, 0x439, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x18, 0x2, 0x0, 0x1, [@IFLA_BR_AGEING_TIME={0x8}, @IFLA_BR_GROUP_ADDR={0xa, 0x14, @link_local}]}}}]}, 0x48}}, 0x0)
write$cgroup_int(r6, &(0x7f0000000180), 0x12)

10.947806157s ago: executing program 2 (id=731):
r0 = socket$kcm(0xa, 0x0, 0x11)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
ioctl$FIGETBSZ(r0, 0x2, &(0x7f0000000080))
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0x18ff2}], 0x1, 0x10000000, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000009440)={0x0, 0x0, 0x0}, 0x10)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
socket$inet(0x2, 0x4000000805, 0x0)
ioctl$USBDEVFS_CLEAR_HALT(0xffffffffffffffff, 0x80045515, &(0x7f0000000000)={0x1, 0x1})
ioctl$VIDIOC_QUERYCTRL(0xffffffffffffffff, 0xc0445624, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = creat(&(0x7f0000000040)='./file0\x00', 0xde)
close(r2)
execve(&(0x7f0000000280)='./file0\x00', 0x0, &(0x7f0000000200)=[&(0x7f0000000780)='\\\\B\xc6+\xd5\xb9\x93L\\\x87\x84K\xb9!\x0eX =z\\\x14\xec*\xed\xa6u\xc4\x14=\xdb_\xe8\\\x96\n\xa6)\v\xf9 \xddb|\xe7\x14\x82\xc3\x90\xf9=?i\x86Lpw\xba\xe1\v\x1a9G\a\xf9\x18\xe4\xf6f\xd6\fpfP\xcf\xee<\\C\x1e\\\x1f&\xaf\xea?\x91\a\xea\x8d\x05\x83aJ\xf0v\xc0q\x84\x93il\v\x03\b\xadT\a\x14\xd7\xd5u\x84\x82\xb2\xd4(\x1dC\xba2\xa6u\x14\x0ee\xef\x04\xf2\v\xe9\x8a\xdfU\xd1\x1f\x9b\x1d2mRQ\xea\x90\xa0m#\xa4\x1dy\x9d\xe9\xfa\x06\xa27\x9d;\xe4\xb4\x86\xa7&\xa9c6\x1b\x8d\xae\xa0\"(\x9a\x82\xc0o/\x8c\x97\xb9BJh\x9f\xb2\"\x95h\xd7PN\xf1\xe7\xe2\xb7\xe8Ac*v\xf7\x16\x8fe\xef\x84\xf5k\xa9\xeb\xebt\xc3\xf1f\xca\x04*\xec\xfa\xe5bP%Z\xad\x83\xda\xbe2\xa9\xf2\xdaH\xf2{\xf6~\x0f\xb9\xdd.\x06W\xd7\x1dG<\x1e\f2c\xf4\xa0d\x01\x88\xee\xcc\x18(\rap\x98?\xb1$\xe9\xe9+\xa6\xfb\xb1\xc61\xf1\xe7m\xfd\x05\xee\xa0L\xe4C\"\xba\xd5\x91]]\xb26\xbfA\x86\f\xda\xa1w,\xc7\x15oA\xc5m\xbb\x15\xd1\x1e\fi\xc8\xefl&*\"_^5\xd1 H\x17\xf0\xcc\a\x10dxb\xc2\x13m[P\xac]\xc2\xc1\xa8\x1df_\xcax\xbd\xf4moccU\xb5\\\xf5\x05\xec\xa7\x98\f1\x89\x99\xf0P\x8e\x1b\xe3\x9e\xb9\x0f\xf9\xb0\xacd\x9d=d\xae\xbf\xd7K\x9do)p\x00!3\xd7\x05\xf0Xk\xb7vo?1H\x86\x19f\xd3\t\xf8\x96\'\x8c{\a\xfer\x14\x0e\xd9=\x9f\xa1\xda@\xc7-\x93\xbc4\xc0\xfe\xf6\xf6\xc4\xc3ZT>R\x11\xba\xf9\x17\r\x98\a\x06\xe8\x80\xf3\xdf\x87\x1f\xfd\xb8\x99\x9c\x19\xb4\xac\xca\xc2-\xfc\xe8\xc3qAt\b\x94\xee\x9e4\x85\xd0\xfe+\xc0\x17\xbfE\x15\xfdZ\xce\x954v\x8a\x05\xde\xaal\xf4\x82\xe2?\xabS\xe4\xe2\xe1\xd83\x17\xfe\xf8~\x04\xb6\x11\xc4K3\x82\x127\xf7\xc7\x06\x177\x8bWF\xb21\xce\xc7\x19|\x9f\xe87\x80\xbc\xac\xb6;\xcc\xafr\xbd\x90\xde9\x0e\xda\x05\x86\xf0i\xf4{\xbf\x82#\xfd9\xdc\xa7\x01\x00\x12\xea1K\xc9\xe1\xfdv#0U\xd2\t\x14\x10\xe6\xfc\xba\xa1\xac=\xfd\xd7\xa8\xc8\x18\x00\x00\x00\xc4w', &(0x7f00000020c0)='gcB\xc6+\xbf\xcc_\x81 \xd5\xb9\x93L9\x87\x84K9\"\xf1@\a\xea\xbb\xfe\x9cY\xfc\x80\x99\xb9!\x0eX czg\x14\xec*\xed\xa6u\xc4\x14*\xdb_\xe8\\\x96\n\xa6)\v\xf9 \xddb|\xe7\x14\x82\xc3\x90\xf9\r?i\x86Lpw\xba\xe1\v\x1a9G\x04\fpfP\xcf\xee<:C\x1e\\\x1f&\xaf\xea?\x91\a\xea\x8d\x05\x83aJ\xf0v\xc0q\x84\x93il\v\x03\b\xadT\a\x14\xd7\xd5u\xdfU\xd1\x1f\x9b\x1d2mRQ\xea\x90\xa0m#\xa4\x1dy\x9d\xe9\xfa\x06\xa27\x9d;\xe4\xb4\x86\xa7&\xa9c6\x1b\x8d\xa6$\x82\x1b\x9a\x82\xc0o/\x8c\x97\xb9BJh\x9f\xb2\"\x95j\xd7PN\x89\x7f\xc8AB\xc7}T\xbe\xf1\xe7\xe2\xad\xdd\xc2\xb7\xe8Ac*v\xf7\x16\x8fe\xef\x84\xf5k\xa9\xeb\xebt\xc3\xf1f\xca\x04*\xec\xfa\xe5b\xeb\xb4\x99\xefSv\x82\xe2\xe3\x02)sP%Z\xad\x83\xda\xbe2\xa9\xf2\x04\xda\nU\x84\xc2\xe3E\xc1\xd8L\xb1r\xb0\xdaH\xf2{\xf6~\x0f\xb9\xdd.\x06W\xd7\x1dG<\x1e\f2c\xf4\xa0d\x11\x88\xee\xcc\x18(\rap\x98?\xb1$\xe9\xe9+\xa6\xfb\xb1\xc61\xf1\xe7\xf7\xff]]\xb26\xbfA\x86\f\xda\fi\xc8\xefl&*\"_^5\xd1 H\x17\xf0\xa7\x83}\x92W\xeb\xe5\xa3\xcc\a\x10dxb\xc2\x13mNP\xac]\xc2\xc1\xa8\x1df_\xcax\xbd\xf4m\x1e\x18occU\xb6\\\xf5\xf3\xeb\xa3\x98\f1\x8b\x99\xf0P\x8e\x1b\xe3\x9e\xb9\x0f\xf9\xb0\xadd\x9d=d\x94\xec\xceQx\xdb\xf6zG!3\xd7\x05\xf0=k\xb7vo?1H\x86\x192\xb2&\xa5\x9d\xd7\xbc\x85\a\xfer\x14\x0e\xd9=\xa6\xa1\x03cz>R\x11\xba\xf9\x17\r\x98\ap\xda-\xb0R\t\x93.r/\xce\xa4\rK\xcb\x1aO\x03z$\xbeYvYn\xddI\xe7\x13\x8f\x15\xefL\xba`\x9d\xea\xed\xf0)s\x12r\x9b\xf2&\xf2-\xc6\xec\x96\x19\xc9\xd7\xda\x06\xba\x87\x18\xef+\xcdp\x95\xef\xd9\xb9s\x8b\xf3\x8b\x88<\xa0\xa3\xad\x8c\xaf&iMM\xc5>\xa7v\x17\xdf \xca\x86#\xa7*\xecl\xbfp\xc3x\xc3\xc1r\xbe7\xb5\xa3\xf11[`\xcb7z\xa0P\xd5p\xe9\xddC\xc0\x80=\xd9y\x01\x1c\xe7\x1cdN\xd5x\x89\xc9\xc0\xc4{\x01\xa6o\x9ceZ\xe1\xfa0?\x94\x1f\x9aQ\xf0Lf\x1e\x17A@\x06\x89\xadg+$/V\r\xc9oQ=k\xa0\xa6\\\x00\x99\x94\x10dy\x7f\xd1\xd2\xd04\x96\b\x80/\x9a\xfc\a\'\x83\xb8\xcd\xb1\xf5#\tr\xb4\xc4\x929\x01\xee\xe6\n\x8ba\xde\xdbsAzG\xe86\xfe\x83\x1d\xb3K2\xf0\x8f\xde\x85\x00M&\x00\x00O\x86\xec2/\xea\xe6$(L\x85\xf8Y\xcf,\xa3\x87^\xe1\xd8F\xe4AJ\xaa\x1f\xe9\xff?\x9aF\x97M\x80\xe9LR\xdc\x9f~\xce\xb5\xef\x14M\f#>O\xb44LB\xc6a\x82\xc5\x107\xae\xdb\v\xf7\xc4k\xab\xf8:\x1fj\xa2vf)\xee\xab\xb3C\x92\x8e\x80\xb1\x01\x85\xb1v\xae*\xa7])n)+\xd9\xcf\xe9\x9ag\x8a*u\xe4e?\xf9\x93\x93u\xd2M\xfd\xa1\xc5\xff\xd9\x15-\xabH\x90\x04\xea\x88\"\xfe\v\x1d\xa5}H\xee\xc7\x94\xdb\x02\xf7\t5\x1e\xd6~R\x9e\xb5NV)\xa6\x1ff\xde\xbf\x97V\x87\v\x94\xb4\xb0\x7f3\xa3\x85c=\xb0\x8ab\x06\xfa\xe9\xb3\x1d\x0e0\xfe\xc7\xf9\xde\xd6\xe6\x14O\xc8\xff7\xd8\xed\xc6\xdf\x01\xb3\n8\xbf\xbe\x1e\v\x18\xd9\xb3+X4\xb5S\xe7\xf6oO;\xc5\xc8-\x9e\xb5\xbe\x97\xb4k\xd2n\xfa\xd1\x82\x16\xea\x93\xc7\xb3?\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb7\xf2K\xe9\xcf\xc6y\xb00\xe0\xa0\f\xef\x02\xd5 (S\xffhY\"\x83\x05M\x0f\v\xec0B\x1f\xd7\x80\xdaL\xa2Q\x8c\xde\x17* \xf5)tk\xb6\xb9\x86?\x1a\xff\xdc\xecP\xd1w1\xf4a\x00r\x06,\x86S\x11)\xf4\x16W\xd6\x86\x10\x02\x15mod\x854\xd4\'^\xb6\xe9f\xd6:\xfc5%\x16\xc5\xa5\xf1\x11k\xdd{\xaai\x8a\xde\xa6\x18,H\xd8\xe5\xf5g\xe7U\\(\x01\xc5\xde\x1d\x8acHf\x86`9qV|=\xbb\xd1\x95\x0f\x86\xffa\xb1\xdb\x82l\xc3\xcf\x88\xeeJ\xda\x8b0f\xac\xc2n\xd1\')\xf2\xaf\xc0\x06\x01\xb4b\xef\xa8!\xf9\n\xf7{C\xdc`h\b6>\x171\x16\x89\xa8\xe9OC\x7f\xb1\x1c\xd4\xd5\xa7\x7f\xfd\xa8Y\xf0s_\xfb\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00.\xeb\x1a\x18\xf1h\x04\xa8\xe8\x92\xe6\xbc\xe1O\xcf', &(0x7f0000001c40)='gcB\xc6+[;\x88\xfe\x97B*[\a\x03\x96l\x1e\b\xd9\xbf\xcc_\x81 \xd5\xb9\x93L9\x87\x84K\xb9!\x0eX c\x03\x00\x00\x00\x00\x00\x00\x00\t\x00\x00\x00\x00\x00\x00\x00\n\xa6)\xd9\x10#\xf5b|i\x86Lpw\xba\xe1\v\x1a9G\x04\fpfP\xcf\xee<:C\x1e\\\x1f&\xaf\xea?\x91\a\xea\x8d\x05\x83aJ\xf0v\xc0q\x84\x93il\v\x03\b\xadT\a\x14\xd7\xd5u\x84\x82\xb2\xd4(\x1d\x04\xf2\v\xe9\x8a\xdfE\xd1\x1f\x9b\x1d2mRQ\xea\x90\xa0m#\xa4\x1dy\x9d\xe9\xfa\x06\xa27\x9d;\xe4\xb4\x86\xa7&\xa9c6\x1b\x8d\xa6$\x82\x1b\x9a\x82\xc0o/\x8c\x97\x00\x00Jh\x9f\xb2\"\x95j\xd7PN\x89\x7f\xc8AB\xc7\x8d\xf1\xe7\xe2\xad\xdd\xc2\xb7\xe8Ac*v\xf7\x16\x8f_\xda8l\xc8\xa2\xb0\xd1\fg\x00\x00\x00\x00\x00\x00\xfa\xe5b\xeb\xb4\x99\xefSv\x82\xe2\xe3\x02)sP%Z\xad\x83\xda\xbe2\xa9\xf2\xdaH\xf2{/~\x0f\xb9\xdd.\x06W\xd7\x1dG<\x1e\f2c1\xf1\xe7m\xfd\x00\x00\x00\x00\xe4C\"\xba\xd5\x91]]\xb26\xbfA\x86\f\xda\fi\xc8\xefl&\x9c\xbd\xbb\x90\x17$\x9e\\\xee\xc6\x88?)\r@e*\"_^xb\xc2\x13m[P\xac]\xc2\xc1\xa8\x1df_\xcax\xbd\xf4m\x1e\x18occU\xb5\\\xf5\x05\xec\xa3\x98\f1\x89\x99\xf0P\x8e\x1b\xe3\x9e\xb9\x0f\xf9\xb0\xadd\x9d=d\x94\xec\xceQx\xdb\xf6zG!3\xd7\x05\xf0Xk\xb7vo?1H\x86\x192\xb2&\xa5\x9d\xd7\xbc\x85\a\xfer\x14\x0e\xd9=\x9f\xa1\xda@\xc7-\x93\xbc4\xc0\xfe\xf6\xf6\xc4\xc3ZT>R\x11\xba\xf9\x17\xfd\x98\x06\x06\xe8\x80\xef\xdf\x87\x1f\xfd\xb8\x99\x9c\x19\xb4\xac\xb0\x11i\xcc\xb9BG\x1ac\xbc\xd9&\xb6\xd9\x04\x03\xc6\xebf\x84\xe5\xfe[\xe7\xe6\xb3\xe9\xca\xe7\xc1\xa7\x9aO\xc1\t\x1c\xeb\xfbl\xa4\x80KQG\x80\xcd\xdd\t\x91\xdb}\xb1\xde\xf9\xbe=\x8b\xde\xf2G\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xf7\xa9\x99t\x87 \x9f\x03}\x8d\x1b\x14\x1eU.r\xe1\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000d00)='gcB\xc6+\xbf\xcc_\x81 \xd5\xb9\x93L9\x87\x84K\xb9!3\xf2\x84\xa9H\x92\x1e4\"u\xc4\x14*\xdb_\xe8\\\x96\n\xa6)\v\xf9 \xddb|\xe7\x14\x82\xc3\x90\xf9\r?i\x86Lpw\xba\xe1\v\x1a9G\x04\fpfP\xcf\xee<:C\x1e\\\x1f&\xaf\xea?\x91\a\xea\x8d\x05\x83aJ\xf0v\xc0q\x84\x93il\v\x03\b\xadT\a\x14\xd7\xd5u\x84\x82\xb2\xd4(\x1d\x04\xf2\v\xe9\x8a\xdfU\xd1\x1f\x9b\x1d2mRQ\xea\x90\xa0m#\xa4\x1dy\x9d\xe9\xfa\x06\xa27\x9d;\xe4\xb4\x86\xa7&\xa9c6\x1b\x8d\xa6 \x82\x1b\x9a\x82\xc0o/\x8c\x97\xb9BJ9\x13V\x1e\b\x16\xf6/\xc3{h\x9f\xb2\"\x95j\xd7PN\x89\x7f\xc8AB\xc7}T\xbe\x8aO\x9d\x94\x8d\xf1\xe7\xe2\xad\xdd\xc2\xb7\xe8Ac*v\xf7\x16\x8fe\xef\x84\xf5k\xa9\xeb\xebt\xc3\xf1f\xca\x04*\xec\xfa\xe5b\xeb\xb4\x99\xefSv\x82\xe2\x1f\x02)sP%Z\xad\x83\xda\xbe2r\xb0\xdaH\xf2{\xf6~\x0f\xb9\xdd.\x06W\xd7\x1dG<\x1e\f2c\xf4\xafd\x01\x88\xee\xcc\x18(\rap\x98?\xb1$\xe9\xe9+\xa6\xfb\xb1\xc61\xf1\xe7m\xfd\x05\xee\xa0L\xe4C\"\xba\xd5\x91_]\xb26\xbf\x9cA\x86\f\xda\fi\xc8\xefl&*\"_^5\xd1 H\x17\xf0\xcc\a\x10`xb\xc2\x13m[P\xac]\xc2\xc1\xa8\x1df_\xcax\xbd\xf4m\x1e\x18occU\xb5\\\xf5\x05\xec\xa3\x98\f1\x8b\x99\xf0P\x8e\x1b\xe3\x9e\xb9\x0f\xf9\xb0\xadd\x9d=d\x94\xec\xceQx\xdb\xf6zG!3\xd7\x05\xf0\xd8k\xb7vo?1H\x86\x032\xb2&\xa5\x9d\xd7\xbc\x85\a\xfer\x14\x0e\xd9=\x9f\xa1\xda@\xc7-\x93\xbc4\xc0\xfe\xf6\xf6\xc4\xc3ZT>R\x11\xba\xf9\x17\xf2\a\x00\x00\x00\x00\x00\x00\x00\x00\x13\x9eX$\xe1\x00\x00\x00\x00\x00\x00\x003\xe0\xe3\x0e\xaa\x8e\x9a\x1f\x12\fRw\x11B\x17xO<x6tw\x18\xc4\xf1%\xd8S\xdd\"6\xa3s\x99O\xb0\xf2/0\x1d\x04\xcc\xadVr\x9bP\xd0Z3\xa7\xdd@\xf9a\xe6\xa1\x9c#\xb9\xb8\xb0\xc6r\"\xdd\xc4\xe5\xf8\xb5\xacF\x9aP\xbd\xf0\x94\x99;\x18\xd4\x9d\xf2f\x93\v\xe0\x8c\x91\x87\xd3\xc57\xe2\x11r\xea(\xb7\xd1\xba\x00C\x00(?\xeb34\xea\x865lD\xd4\xc7\x91*\x8e\x0f\xf6Zl^\xe1\x9b\xab}\xe7;\xd3h\xda4\xb5r\xe9l\xd1F\xdepA\x02\x90X\xed\x10\x98\xa2\xfb=\xdb\xba7\xf0Y\xafUt\x12\xe7\x87wbd\x86R\x02\xa7\xa3F\a\x83\x19;\xeb\xba\bm\x84\xba\x90\xd8\x9f\xc2\xb3V\xd0\xd8M\x1eM\x8d\x1a.\xea\xea:A$:/\x96\xf1\xb8\xdd\xa3\b?\x8b%\xce\x8a]\xb4!n \xcd\xdc\xc0\xca$\x8dA\xce\xd4\xab\x1at\x1b\x87\xc1W\xff\x91%6]1\xfb \xc9\xa7\xff\x92I\x91\xed\xed-\x89J7\\\x82\xbe\x8e~$\xafbl/\xf4\xad\xc6\x04\x0fZH\x97C^Y\x12\xcd\xab\x9eS\xdb\xfe\x83\xc3\xbb5,hS\x82\xefR.]\xa9\b\xd4o\x92\xf7\x99\xd2\x0e\xef \x83\xb4\xe7\xb6j\xa4\xe3m\xa4\xd7\xaa\x97\xe3\xc9\xcfP\x9e\xb0vU{\x8b3R\x1a\x06\xc3\ts\x8e\x1f\x8b\xc7\xe3\xbe\xc3j\xb6\x83\x0e\xe9*\xc2r7\x92\x8b\xf2\x02\xf0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x05\xa2\xf7\xafPK8\x0e1\xcez\x00\x00', &(0x7f00000018c0)='gcB\xc6\xcd\xd6\x18H+\xbf\xcc_\x81 \xd5\xb9\x93L9\x87\x84K\xb9!\x0eX czg\x14\xe4*\xed\xa6u\xc4\x14*\xdb_\xe8\\\x96\n\xa6)\v\xf9 \xebb|\xe7\x14\x82\xc3\x90\xf9\r?i\x86Lpw\xba\xe1\v\x1a9G\x04\fpfP\xdf\xee<\x9b\xf8-d\xe2\x13\x8a\x19\xbf;\xe2\x14\x80u\xc9\\:C\x1e\\\x1f&\xaf\xea?\x91\a\xea\x8d\x05\x83aJ\xf0v\xc0q\x84\x93il\v\x03\b\xadT\a\x14\xd7\xd5u\x84\x82\xb2\xd4(\x1d\x04\xf2\v\xe9\x8a\xdfU\xd1\x1f\x9b\x1d2mRQ\xea\x90\xa0m#\xa4\x1dy\x9d\xe9\xfa\x06\xa27\x9d;\xe4\xb4\x86\xa7&\xa9c6\x1b\x8d\xa6$\x82\x1b\x9a\x82\xc0o/\x8c\x97\xb9BJh\x9f\xb2\"\x95j\xd7PN\x89\x7f\xc8AB\xc7}T\xbe\x8aO\x9d\x94\x8d\xf1\xe7\xe2\xad\xdd\xc2\xb7\xe8Ac*t\xf7\x16\x8fe\xef\x84\xf5k\xa9\xeb\xebt\xc3\xf1f\xca\x04*\xec\xfa\xe5b\xeb\xb4\x99\xefSv\x82\xe2\xe3\x02)sP%Z\xad\x83\xda\xbe2\xa9\xf2\xdaH\xf2{\xf6~\x0f\xb9\xdd.\x06W\xd7\x1dG<\x1e\f2c\xf4\xa0d\x01\x88\xee\xcc\x10(\rap\x98?\xb1$\xe9\xe9+\xa6\xfb\xb1\xc61\xba\xd5\x91]]\xb26\xbfA\x86\f\xda\fi\xc8\xef\"_^5\xd1 H\x17[xS\rO\x880\xf1P\xac]\xc2\xc1\xa8\x1df\xf2$\xa4m\xbd_\xcax\xbd\xf4m\x1e\x18ocmU\xb5\\\xf5\x05\xec\xa3\x98\f1\x89\x99\xf0P\x8e\x1b\xe3\x9e\xb9\x0f\xf9\xb0\xadd\x9d=d\x94\xec\xceQx\xdb\xf6zG\x053\xb9\x05\xf0\xae\xfc\x88\f\x96+\xd3\xac\xf3\xef\xa7\xb7\xd1Xk\xb7vo?1H\x86\x192\xb2&\xa5\x9d\xd7\xbc\x85\a\xfer\x14\x0e\xd9=\x9f\xa1\xda@\xc7-\x93\xbc4\xc0\xfe\xf6\xf6\xc4\xc3ZT>R\x11\xba\xf9\x17\r\x98\a\x06\xe8\x80\xef\xdf\x87\x1f\xfd\xb8\x99\x9c\b\xb4\xac%~\x12\x7ft\xa9\v\x99\x7f\xce)dC\xef\xca\xc1\x92\xa7C\xae\x9c\xf3\xb0\xb9\t\x8d\xb9p\xcb\xe3csR\xe2\xfbL\x9f\xb3\xa4^\xc1\xf7m0\xa8\xfd\xcf\xfdY\\d\x03(\x89\xe7\xe1\xcf\xa4m3SQc\xbaG\xcd\xce\xf5o@\xfdi\xd1w~\xc8\xb9\x04\b\b\x00\x00\x00\x00\x00\xd4\xe8\xcaP\x89\x9b\x12\xa7\xdb\x95c=\x16\xd5\x06\xf9O\x87\x02\xcd\xa4\xc0\xa17\x92]_\xa2>\xbb\xc8?\x98\xa6+\xcf^\xa0\xe8\x9a\x9e>O\xbf\xd3Fd\xfe\x9c|0\xdd\x7f\x85^\xdf\xe0\x84\x17\xe5\xc05\x8av\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xcd\xd3o26\x9b\xc9\x90\x1a\x87\x9a\xea0\xc5\x9b\xa8\x8a\xc5\x13\x86\xbd\x86\xbc\x12\xf5\xa2![\x84i\xe1\xb2\xa2\xa1F\xd9{\x95\xdc\xbbc\x8a\xa1B\x10W\x00\x00\x00\x00\x00\x00\x00\x05\xe5.\r\x1dd\xfc\x97\x9dn\xef\xc0\xa6\x9a\xe0\xd5\x98o\x18\xaf\xba\x88\xa4\xbd`Qa\xdc\xcb\xce\xcc\\e\x00\x9f\xd4\xac\xea\xe4\xa3\xfa\x14\x06\xa9\xc0\xbb\x12$\xcf+z\xb0\xc8\x95\xed\xa0&\xafg\xdf\x94\xaaK)\x86~\\\xfd\xb6,\xe1\xe6\xab\x9estQ\x8b\xa0\x8e\x00i\xc3\xb4b)e\x13\xbf\xc1O\x00\xc0\xab\x95\xfa\x12e,\x19 _\xca[\xd1\x9e\xc3N\\1;\xe3t\xaa\xa1\x83\xd1\n\x17\xd2\xd8\x02+\xf1aY\xfb\x00^\x95\xab\x97\x8f#\xeax\r\t\xcb\xb7\xc8\xc7', &(0x7f0000000a00)='gcB\xc6+\xbf\xcc_\x81 \xd5\xb9\x93L9\x87\x84K\xb9!\x0eX cz\xb8\x14\xec*\xed\xa6u\xc4\x14*\x82\xc3\x90\xf9\r?i\x86Lpw\xba\xe1\v\x1a9G\x04\fpfP\xcf\xee<:C\x1e\\\x1f&\xaf\xea?\x91\a\xea\x8d\x05\x83aJ\xf0v\xc0q\x84\x93il\v\x03\b\xadT\a\x14\xd7\xd5u\x84\x82\xb2\xd4(\x1d\x04\xf2\v\xe9\x8a\xdfU\xd1\x1f\x9b\x1d2mRQ\xea\x90\xe6\\h\\\x1dy\x9d\xe9\xfa\x06\xa27\x9d;\xe4\xb4\x86\xa7&\xa9c6\x1b\x8d\xa6$\x82\x1b\x9a\x82\xc0o/\x8c\x97\xb9BJh\x9f\xb2\"\x95j\xd7PN\x89\x7f\xc8AB\xc7}T\xbe\x8aO\x9d\x94\x8d\xf1\xe7\xc1\xad\xdd\xc2\xb7\xe8Ac*v\xf7\x16\x8fe\xef\x84\xf5k\xa9\xeb\xebt\xc3\xf1f\xca\x04*\xec\xfa\xe5b\xeb\xb4\x99\xefSv\x82\xe2\xe3\x02)sP%Z\xad\x83\xda\xbe2\xa9\xf2\x04\xda\nU\x84\x82\xe3E\xc1\xd8L\xb1r\xb0\xdaH\xf2{\xf6~\x0f\xb9\xdd.\x06W\xd7\x1dG<\x1e\f2c\xf4\xa0d\x11\x88\xee\xcc\x18(\rap\x98?\xb1$\xe9\xe9+\xa6\xfb\xb1\xc61\xf1\xe7m\x91]]\xb26\xbfA\x86\f\xda\fi\xc8\xefl&*\"_^5\xd1 H\x17\xf0\xa7\x83}\x92W\xeb\xe5\xa3\xcc\a\x10dxb\xc2\x13m[P\xac]\xc2\xc1\xa8\x1df_\xcax\xbd\xf4m\x1e\x18occQ\xb6\\\xf5\xf3\xeb\xa3\x98\f1\x8b\x99\xf0P\x8e\x1b\xe3\x9e\xb9\x0f\xf9\xb0\xadd\x9d=d\x94\xec\xceQx\xdb\xf6z?1H\x86\x192\xb2&\xa5\x9d\xd7\xbc\x85\a\xfer\x14\x0e\xd9=\xa6\xa1\xda@\xc7-\x93\xbc4.C\f\x193\x03cz>R\x11\xba\xf9\x17\r\x98\ap\xda-\xb0R\t\x93.r/\xce\xa4\rK\xcb\x1aO\x03z$\xbeYvYn\xddI\xe7\x13\x8f\x15\xefL\xba`\x9d\xea\xed\xf0)s\x12r\x9b\xf2&\xf2-\xc6\xec\x96\x19\xc9\xd7\xda\x06\xad#\x18\xef+\xcdp\x95\xef\xd9\xb9s\x8b\xf3\x8b\x88<\xa0\xa3\xad\x8c\xaf&iMM\xc5>\xa7v\x17\xdf \xca\x86#\xa7[`\xcb7z\xa0P\xd5p\xe9\xddC\xc0\x80M\xd9y\x01\x1c\xe7\x1cdN\xd5x\x89\xc9\xc0\xc4{\x01\xa6o\x9ceZ\xe1\xfa0?\x94\x1f\x9aQ\xb2\xea\br\xfb\xdc\'\xb8\xdbh\x02|\xacW\xd5\xf0Lf\x1e\x17A@\x06\x89\xadg+$/V\r\xc9o\xda3C\xa0\x06\xd4^\x8bQ=k\xa0\xa6\\\x00\x99\x94\x10dy\x7f\xd1\xd2\xe36\xa1\xd3\xb1o\x7f0:}\xad\xd04\x96\b\x80/\x9a\xfc\a\'\x83\xb8\xcd\xb1\xf5#\tzG\xe86\xfe\x83\x1d\xb3K2\xf0\x8f\xde\x85\x00M&\x00\x00O\x86\xec2/\xea\xe6$(L\x85\xf8Y\xcf,\xa3\x87^\xe1\xd8F\xe4AJ\xaa\x1f\xe9\xff?\x9aF\x97M\x80\xe9LR\xdc\x9f~\xce\xb5\xef\x14M\f#>O\xb44L`\xc6a\x82\xc5\x107\xae\xdb\v\xf7\xc4k\xab\xf8:\x1fj\xa2vf\xab', &(0x7f00000012c0)='gcB\xc6+\xbf\x0eX czg\x14\xec*\xed\xa6u\xc4\x14*\xdb_\xe8\\\x96\n\xa6)\v\xf9 \xddb|\xe7\x14\x82\xc3\x90\xf9\r?i\x86Lpw\xba\xe1\v\x1a9G\x04\fpfP\xdf\xee<:C\x1e\\\x1f&\xaf\xea?\x91\a\xea\x8d\x05\x83aJ\xf0vl\v\x03\b\xadT\a\x14\xd7\xd7\xb5\x84\x82\xb2\xd4(\x1d\x04\xf2\v\xe9\x8a\xdfU\xd1\x1f\x9b\x1d2mRQ\xea\x90\xa0m\xb3\fv\xc5\x9d\xe9\xfa\x06\xa27\x9d;\xe4\xb4\x86\xa7&\xa9c6\x1b\x8d\xa6$\x82\x1b\x9a\x82\xc0o/\x8c\x97\xb9BJh\x9f\xb2\"\x95j\xd7PN\x89\x7f\xc8AB\xc7}T\xbe\x8aO\x9d\x94\x16\xf0\xf9s\x9af$\xb3x\x8d\xf1\xe7\xe2\xad\xdd\xdf\xb7\xe8Ac*t\xf7\x16\x8fe\xef\x84\xf5k\xa9\xeb\xebt\xc3\xf1f\xca\x04*\xec\xfa\xe5b\xeb\xb4\x99\xefSv\x82\xe2\xe3\x02)sP%Z\xad\x83\xda\xbe2\xa9\xf2\xdaH\xf2{\xf6~\x0f\xb9\xdd.\x06W\xd7\x1dG<\x1e\f2c\xf4\xa0d\x01\x88\xee\xcc\x10(\rap\x98?\xb1$\xe9\xe9+\xa6\xfb\xb1\xc61\xba\xd1\x91]]\xb26\xbfA\x96\f\xda\fi\xc8\xefl&*\"_^5\xd1 H\x16\xf0\xcc\a\x10dxb\xc2\x13m[xS\rO\x880\xf1P\xac]\xc2\xc1\xa8\x1df_\xcax\xbd\xf4m\x1e\x18occU\xb5^\xf5\x05\xec\xa3\x98\f1\t\x99\xf0P\x8e\x1b\xe3\x9e\xb9\x0f\xf9\xb0\xadd\x9d=d\x94\xec\xcex\xdb\xf6zG!3\xb9\x05\xf0Xk\xb7vo?1H\x86\x192\xb2&\xa5\x9d\xd7\xbc\x85\a\xfer\x14\x0e\xd9=\x9f\xa1\xda@\xc7-\x93\xbc4\xc0\xfe\xf6\xf6\xc4\xc3ZT>R\x11\xba\xf9\x17\r\x98\a\x06\xe8\x80\xef\xdf\x87\x01\xfd\xb8\x99\x9c\x19\xb4\xac%~\x12\x7ft\xa9A\x1brx\x87\xa16\x93\xd5fap\x83k\xf6O\v\xae\x9c\xf3\xb0\xb9\t\x8d\xb9p\xcb\xe3csR\xe2\xfbL\x9f\xb3\xa4^\xc1\xf7m0\xa8\x1b\xd0\xfdY\\d\x03(\x89\xe7\xe1G\xcd\xce\xf5o@\xfdi\xd1w~\xc8\x95\x94\xea\xd4\xe8\xcaP\x89\x9b\x12\xa7\xdb\x95c=\x16\xd5\x06\xf9O\xa6+\xcf\n\xd5\xad\x15^\xa0\xe8\x9a\x9e>O\xbf\xd3Fd\xfe\xe7\xc7X\xeaf\x9cn0\xdd\x7f\x85^\xdf\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00`DK\x17\xe9s2\xe0\xe2[IZS5\xa9\x00\x00\x00\x00\x00\xd5\x84\xc4\x91d\\L\xa0|o\xa9\"f\x9ah\xbda~H\xdf\xaf\xa1c\x83+\x00\xb5t\xc28\xb9\x15\xb1\r[g\xab\x1f\xe74N\xa1\xbe\'x\xf7\xfe\xd3=\xfa\nP\xf8\x89M\xd2\xefk.\xaa.\xc3\xddmr\xa3f\t\xfcC\xd7\xc8\xde\xbb\xa6\xf0\x06\xca\xbb\xf4\x0f\xfd\xc1\xca\xd9\x1d\xf0\x12\x94\x02\xdc\xe5`\xfc\x92_\xfe\x82\xcf\xc4\xa1\x8f\x95\xf9e\xbd$\x93V\xf0\xd6\xd9iu\x1d\x00\x00\x00\x00\xed\x9f\n\'\x00\x00\x00\x00\x00\x00\x00\x00x(\xbd\xfd.\xb1I<\xc31H\xe37\xecM:\xc0N\xdd\x81\xb0g\xf7<j\xea\xc9\x1cQ\x9e\xb4\xd7\xa9=c\xbec\xf8z\xdfV\xb3fE1\x8e\xb3\x9b_\xda\xb3M:\xe6wr\xd4P\xb9QU\xddV4#6JE\x06\xeccV\xce@3\xec\xb6\x16\xe3\x88\x10\xb4\x10$\xc6EH\x9e\xe1\xf6\r\x11h\x1a\xdcs1\x90\x89<E@\xc0#\x82\xbba\a\xe0\xe1O\x84\xb8\x87\xb8V\x7f\xc9mX\x8ct\x92\xe6\xb7\x02Y(\xca\x8b22\\7\x84h\x15\xad\xdc\x93,\xc3\xf8\xcc\x82 ?~\x7f\x82\x91+\xcd\x15\x1d\xe0;\xbd\xdc\xf8 \xb2\xe1O1\xf2\xe4\xbaN\xff\xcf\xdbI\x1f\xb2\x01T6\xba\x9f\xb3\xfd(\x1c\xdd\xef5\x84\x01\xa8v9\x9a\xee\x85\xbe0\x95p5\x1a\xc8\xc7\xb2\x85\x96\xd0`5_\xfe_&|\xc6\xff\x1a\xe3c\xe2\x03\x9b\xdav\x1c\xf7!\x1d.[Jh\xea\x05\xac\xd5\x95Q\x13&\xcb\n\x13\xbb\x1b\xfe\xc8\xbd\xdePF\xd0Se\xa1V\x1d\xc2\xe2\x9c\xf7y\xb2<\x81\x9b\xf9\x86\x00\xd3\xe0\x7f\x1aX\xba\xa9\x1b\f\xa1z]H\xea1\xf2\xcf\x1e\x88\xa2\x9e|\x14q\xcb\x10\x7f\xf7Wx\r|\xc2$\x00m!\xb2<\xb3^\xca\x17<\xa29l\xc4\tuk\x15{Xd\x95\xfa\xc5\xb4l\x88\x05\xb7\x84?.\x0f\x80\xaf\x83>;I)\xff\xc0\x8d|\x14D\xb2L2\xa4\xacBg=\xb8\xe9\xd0zh\x1d\x1d\xa0\xc8\xacJ\xf2\xe8W\xd9\xa9+6V!\x94\xbd\xec\xac\xad\x8cY\x05\xc4e\xdfc\x9a\xa4u\xad\x01\xf8:\xc0\xea\xae\xd4\xf66A\xf9\x15\xb5]\xf9\x18)v%?g6j\xdd\xd4\xe8\x98\xa3\xbaoi\x802\xd1\xfaZ\xf3!\x983\xb1\xfbH\x9a\x94\xf0\xf0l\xdd[\x99\x9f\x8ftPO`z\x94\xdd\x04_-u\x1aP>W3\xbc\xc9\x9fw<\x97C\xa8\x90\xf0\xe7\xfeUN\xeb\xf7\xf06\xc2\xd8l\x14\xd9>\xa27[R\x02K\x82\x01\x10\x16\x93\'\xafL\x81\x8c\xef\"\x1a\xa8\x15*u\xbb\xbc7u}\x877\xa5s[\x13\xa6\x99Iv~\xf4`+\xdf\xe2\xd1\xfe\x03\b\xcf\x81\xd6\xc5\xcb\xb6\x7f\x8a\xbf#\xc4\xdbq\xd0J\x862iG\xfc\x7fIl\xb9!\x0e\x14\xdcLor\xeb\x16D\x83\xf2f\xfb\at\xd8F\x12\xbe-\n\x04k\x01k\xd7?\x03~h\x9a\b\xae\x1b\xd1\xb2\xbd\xe8\x1c\x8d\xcd\xcbUh\xf6\xfd\xd3\x9c\x06\xd7\x99\t\x0e\xdc\x11\x15\r\x8a\x86X\xdfq\xb2\xc2\x12(\xab\xd2\xca\xd0\x05\xe3u\xfbM\xe0\xf9\xd8\x98\x8b91\x9cJH\xd3\x9c\xd2\xa9\x80M\x96\"\x01\b\xfc\x9a\n\v\x19}?\f\xb6\xd4w\x12r\xba\x90!\xd40\xdaA\x82b\x92\x9f_\xe9\xf5\xba\xf3k\xe4\x9f\xa4\xfd\x15\xa5::\x86\xa7>\xabU\xa5\xe9{Yh\xec\xe9\x14\x12\x19\xb0\x93s\xb6\xe3\x15\xdd\xd4\xf9~$)\xf5\x95\xabU\xec\xc3\xa0!Ac\xe8<u\xda\xe8', &(0x7f0000002840)='gcB\xc6+\xbf\xcc_\x81 \xd5\xb9\x93L9\x87\x84K\xb9!\x0eX czg\x14\xec*\xed\xa6u\xc4\x14*\xdb_\xe8\\\x96\n\xa6)\v\xf9 \xebb|\xe7\x14\x82\xc3\x90\xf9\r?i\x86Lpw\xba\xe1\v\x1a9G\x04\fpfP\xdf\xee<:C\x1e\\\x1f&\xaf\xea?\x91\a\xea\x8d\x05\x83aJ\xf0v\xc0q\x84\x93il\v\x03\b\xadT\aO\x8d\xd5u\x84\x82\xb2\xd4(\x1d\x04\xf2\v\xe9\x8a\xdfU\xd1\x1f\x9b\x1d2mRQ\xea\x90\xa0\xa27\x9d;\xe4\xb4\x86\xa7&\xa9c6\x1b\x8d\xa6$\x82\x1b\x9a\x82\xc0o/\x8c\x97\xb9:Jh\x9f\xb2\"\x95j\xd7PN\x89\x7f\xc8AB\xc7}T\xbe\x8aO\x9d\x94\x8d\xf1\xe7\xe2\xad\xdd\xc2\xb7\xe8Ac*t\xf7\x16\x8fe\xef\x84\xf5k\xa9\xeb\xebt\xc3\xf1f\xca\x04*\xec\xfa\xe5b\xeb\xb4\x99\xefSv\x82\xe2\xe3\x02)sP%Z\xad\x83\xda\xbe2\xa9\xf2\xdaH\xf2{\xf6~\x0f\xb9\xdd.\x06W\xd7\x1dG<\x1e\f2c\xf4\xa0d\x01\x88\xee\xcc\x10(\rap\x98?\xb1$\xe9\xe9+\xa6\xfb\xb1\xc61\xba\xd5\x91]]\xb26\xbfA\x86\f\xda\fi\xc8\xef\"_^5\xd1~)\x7f\x0eK\xea\x83\xe7%d\xc5 H\x17\xf0\xcc\a\x10dxb\xc2\x13m[xS\rO\x880\xf1P\xac]\xc2He\xa9\xff\xc1\xa8\x1df_\xcax\xbd\xf4m\x1e\x18ocmU5\\\xf5\x05\xec\xa3\x98\f1\x89\x99\xf0P\x8e\x1b\xe3\x9e\xb9\x0f\xf9\xb0\xadd\x9d=d\x94\xec\xceQx\xdb\xf6zG!3\xb9\x05\xf0\xae\xfc\x88\f\x96+\xd3\xac\xf3\xef\xa7\xb7\xd1Xk\xb7vo?1H\x86\x192\xb2&\xa5\x9d\xd7\xbc\xa5\a\xfer\x14\x0e\xd9=\x9f\xa1\xda@\xc7-\x93\xbc4\xc0\xfe\xf6\xf6\xc4\xc3ZT>R\x11\xba\xf9\x17\r\x98\a\x06\xe8\x80\xef\xdf\x87\x1f\xfd\xb8\x19\x9c\x19\xb4\xac%~\x12\x7ft\xa9\v\xae\x9c\xf3\xb0\xb9\t\x8d\xb9\x14\xcb\xe3csR\xe2\xfbL\x9f\xb3\xa4^\xc1\xf7m0N\xf7\xcf\xfdY\\d\x03(\x89\xe7\xe1\xcf\xa4\x953SQc\xbaG\xcd\xce\xf5o@\xfdi\xd1w~\xc8\xb9\\\a\xeba\x18\x95\x94\xea\xd4\xe8\xcaP\x89\x9b\x12\xa7\xdb\x95c=\x16\xd5\x06\xf9O\x87\x02\xcd\xa4\xc0\xa17\x92]_\xa2>\xbb\xc8?\x98\xa6+\xcf\xf5\xa0\xe8\x9a\x9e>O\xbf\xd3Fd\xfe\x9c|0\xdd\x7f\x85^\xdf\xe0\x84\x17\xe5\xc05\x8av\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xcd\xd3o26\x8a\xc5\x13\x86\xbd\x86\xbc\x12\xf5\xa2![\x84i\xe1\xb2\xa2\xa1F\xd9{\x95\xdc\xbbc\x8a\xa1B\x10W\xbe\xc2\xa2\t\xd4\xfdp\x06\xe5.\r\x1dd\xfc\x97\x9dn\xef\xc0\xa6\x9a\xe0\xd5\x98o\x18\xaf\xba\x03\x00\xbd`Qa\xdc\xcb\xce\x91\xcd\x00\x80\x00\x00\x00\x00\x00\x00\xc3\x01\x004.\x8d\xf7F\xb0\xc4_g\x82\x96M`l\x84\xd9\xab\xd6\xacYBG\xfb\x821e\xb4\xe6@\xe3\x82\xc6\x85\x96FQn\x0e\xa9\xc6\x9e\xc4\xdbA\xafSt\x9d\x15\xd0\xbd\xd8k\xd3G\x80\x1dE\x168+\v\xfb_\xc3\xd3\xc9\x87\f8\x03\x8c\xed_\xeb\x9c\xbd]=Blu\x04-g)\x01\x9a\xde\xf1\xdf\xe3\xd7)\b\xee@,\xcc#\xc2\xf4p\x1a\xa9\xe9 :J.\xdf\xdb>y\x95+,m\xc7\xad\xf9a1\xa1\x91Ed\x86D\xe4Tc\xd6d\xf0\xc4\x04L\r\xa1\x88e\"F\x92\xdb\x06\x04\xca\xfdLK\xdb\x1c\x8a\xc9r2TfGF\x06\xbf\xe8\xe5\xb0\a\xd3d\xfc\x16\x14L*\xef\xcb{\f\x875\xf4u\r\xfbMj?|k\xe0\x17\xec\x99\xdao\x05<\xac\xe0\xcd4\xc4\xefi\xaa\xcb\xb7\xb5\x05*\xf2\x87\xe4\x12\x06\xd9\xb2\xbaEM\x85o\nT\xcd\f\x1d\'#*\x83\xa31\xf2an\x8b\xfb4\xb5\x9bl\xa1\xa0QX!\xa6l\xbb3P\x1a\xba\xf5\xbc\x82G\xdc\x9b4}\xcaq^\xc3\xb1l\x8c6<\xab2\xe8\xb1$O\n\xce\xb4\xe7\xba \x9b\xa8\x0fb\n~5!\x85T\x0f\xf6\xea\xcd\xe9a\xc69\xde\x94\x05\xe7[\xd5\xc9\f\xd9\xb5\xec\x1c\x19#R\xb4\xbaN\xcd\x02\x1f\x89\xce\xa3\xff:m\xb3\xa8\x18?\x92dY3\x841\xdc\x1b\xeb\xe2b\xfa\xeb\x1b)\xe4\xb4}\xd1\xba\x1e]\xe2\xbbz\x995\xcf\xcd\xado\xe9/Zn\xc1\x88\xa15\"\xae\x93K\a\xd7`\xde\xb6\xb8J\xbe\xdafS\x1d\r4\xf5f\xd9o\x02\x95\xd2M3y \x7fcW\xe4\x17\xeb)Wa\xa9\xc7\xd5\xdb{k\x9e\xef\xf8\xc1\xdc\x94\xb1\xbbw\xd3\'1S\xc8\xb2\xdd\xcc\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000100)='-#\xe5r/!6\x19fx\x1e\xb6&b\xefk\x17\x81\x00\x8e\x8c\x00\x02|\xd3\xdch\xe5c\xe6\xa4v%\xf5\x98\x92B\xe2P-\x92\f\xa9\f \xee\x00\x025C\t\x01\x9b\xa2\xf1A\xc4\x83K\xcb\f\xaflF4\xb6\xb4b\xd6\x8c\x8f%\xc8\xc7\x84\x8f1\xe8\r\xf6\x15\x7fJ\xbc\x18\xed\xd72t\x9c\x19g\x04\x03\xfb\xc7\xc8\"f4e\x89vJ\x9dZ4\x16^<', &(0x7f0000000540)='gcB\xc6+\xbf\xcc_\x81 \xd5\xb9\x93L9\x87\x84K\xb9!\x0eX czg\x14\xec*\xed\xa6u\xc4\x14*\xdb_\xe8\\\x96\n\xa6)\v\xf9 \xddb|\xe7\x14\x82\xc3\x90\xf9\r?i\x86Lpw\xba\xe1\v\x1a9G\x04\fpfP\xcf\xee<:C\x1e\\\x1f&\xaf\xea?\x91\a\xea\x8d\x05\x83aJ\xf0v\xc0q\x84\x93il\v\x03\b\xadT\a\x14\xd7\xd5u\x84\x82\xb2\xd4(\x1d\x04\xf2\v\xe9\x8a\xdfE\xd1\x1f\x9b\x1d2mRQ\xea\x90\xa0m#\xa4\x1dy\x9d\xe9\xfa\x06\xa27\x9d;\xe4\xb4\x86\xa7&\xa9c6\x1b\x8d\xa6$\x82\x1b\x9a\a\xc0o/\x8c\x97\x00\x00Jh\x9f\xb2\"\x95j\xd7PN\x89\x7f\xc8AB\xc7\x8d\xf1\xe7\xe2\xad\xdd\xc2\xb7\xe8Ac*v\xf7\x16\x8fe\xef\x84\xf5k\xa9\xeb\xebt\xc3\xf1f\xca\x04*\xec\xfa\xe5b\xeb\xb4\x99\xefSv\x82\xe2\xe3\x02)sP%Z\xad\x83\xda\xbe2\xa9\xf2\xdaH\xf2{\xf6~\x0f\xb9\xdd.\x06W\xd7\x1dG<\x1e\f2c\xf4\xa0d\x01\x88\xee\xcc\x18(\ra\xb1\xc61\xf1\xe7m\xfd\x00\x00\x00\x00\xe4C\"\xba\xd5\x91]]\xb26\xbfA\x86\f\xda\fi\xc8R\x8f\xf9x\xbd\xbb\x90\x17$\x9e\\\xee\xc6\x88?)\r@e*\"_^xb\xc2\x13m[P\xac]\xc2\xc1\xa8\x1df_\xcax\xbd\xf4m\x1e\x18occU\xb5\\\xf5\x05\xec\xa3\x98\f1\x89\x99\xf0P\x8e\x1b\xe3\x9e\xb9\x0f\xf9\xb0\xadd\x9d=d\x94\xec\xceQx\xdb\xf6zG!3\xd7\x05\xf0Xk\xb7vo?1H\x86\x192\xb2&\xa5\x9d\xd7\xbc\x85\a\xfer\x14\x0e\xd9=\x9f\xa1\xda@\xc7-\x93\xbc4\xc0\xfe\xf6\xf6\xc4\xc3ZT>R\x11\xba\xf9\x17\xfd\x98\x06\x06\xe8\x80\xef\xdf\x87\x1f\xfd\xb8\x99\x9c\x19\xb4\xac\xb0\x11i\xcc\xb9BG\x1ac\xbc\xd9&\xb6\xd9\x04\x03\xc6\xebf\x84\xe5\xfeJ\xe7\xe6\xb3\xe9\xca\xe7\xc1\xa7\x9aO\xc1\t\x1c\xeb\xfbl\xa4\x80KQG\x80\xcd\xdd\t\x91\xdb}\xb1\xde\xf9\xbe=\x8b\xde\xf2G\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xf7\xa9\x99t\x87 \x9f\x03}\x8d\x1b\x14\x1eU.r\xe1', &(0x7f0000000180)='@+\x00', &(0x7f00000001c0)='\x00'])

1.153272017s ago: executing program 2 (id=735):
r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000980)={0x1, @pix_mp={0x8d2}})
r1 = add_key$fscrypt_v1(&(0x7f00000000c0), &(0x7f0000000100)={'fscrypt:', @desc1}, &(0x7f0000000140)={0x0, "ce48095266720c5490b566794dd81a667a570ddf5ca2d1175d0b72c3acc30835a473dad39aba70ef7b503ea28d151d714f0165634cc4da13fe67565871bfe657"}, 0x48, 0xffffffffffffffff)
unshare(0x22020600)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x442, 0x0)
pipe2(&(0x7f0000000240)={0x0, <r3=>0x0}, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r4, &(0x7f0000000280)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r4, 0x0)
syz_emit_ethernet(0x2a, &(0x7f0000000080)=ANY=[@ANYBLOB="b9aa98aaaaaa000000000000000000000000000000000000000008c7171a061bfa01f874c79078000000"], 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x0, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007baaf8ff00000000b5080200000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb702000008000000182300", @ANYRES32, @ANYBLOB="1d00000000000000b7050000080000008500000005000000950000ffff"], 0x0}, 0x90)
r5 = syz_open_dev$loop(&(0x7f0000000100), 0x0, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.stat\x00', 0x275a, 0x0)
write$binfmt_aout(r6, &(0x7f00000010c0)=ANY=[], 0x1a3)
write$binfmt_misc(r6, &(0x7f0000000040)=ANY=[], 0xe09)
ioctl$LOOP_CONFIGURE(r5, 0x4c0a, &(0x7f00000002c0)={r6, 0x0, {0x2a00, 0x80010000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1c, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd64c6a4b4e00d9683dda1af1ea89de2b7fb0a0100000000000000000300", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "90be8b1c551265406c7f306003d8a0f4bd00"}})
splice(r2, &(0x7f0000000040), r3, 0x0, 0x808, 0x0)
keyctl$KEYCTL_PKEY_ENCRYPT(0x19, &(0x7f0000000000)={r1}, &(0x7f0000000040)={'enc=', 'pkcs1', ' hash=', {'sha256-ssse3\x00'}}, 0x0, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f00000005c0)={0x1, @sliced={0x0, [0x7fff]}})

586.546473ms ago: executing program 2 (id=737):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x4788, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="2c0000002000010000040000200000000a000000000000000000000008000a000b000000080010"], 0x2c}}, 0x0)

181.645061ms ago: executing program 2 (id=738):
r0 = socket(0x11, 0x800000003, 0x0)
r1 = socket(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000600)={'team0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)=@newqdisc={0x88, 0x24, 0xf0b, 0x14, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_mqprio={{0xb}, {0x58, 0x2, {{0x2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfc]}}}}]}, 0x88}}, 0x0)

0s ago: executing program 2 (id=739):
r0 = syz_open_dev$usbfs(&(0x7f0000003f00), 0x1ff, 0x0)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
r1 = getpid()
r2 = syz_pidfd_open(r1, 0x0)
r3 = pidfd_getfd(r2, r2, 0x0)
r4 = fcntl$dupfd(r0, 0x0, r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x200000f, 0x12, r4, 0x0) (fail_nth: 9)

kernel console output (not intermixed with test programs):

888022878c00: rx timeout, send abort
[  128.745471][   T45] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  128.752241][    C0] vcan0: j1939_xtp_rx_abort_one: 0xffff88807fd9ac00: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  128.770637][   T45] usb 1-1: config 0 descriptor??
[  128.774351][    C0] vcan0: j1939_xtp_rx_abort_one: 0xffff888022878c00: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  128.863568][  T746] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  128.891248][  T746] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  128.921643][ T5871] 8021q: adding VLAN 0 to HW filter on device bond0
[  128.969576][  T746] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  128.988431][  T746] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  129.004191][ T5871] 8021q: adding VLAN 0 to HW filter on device team0
[  129.053228][ T5098] bridge0: port 1(bridge_slave_0) entered blocking state
[  129.060545][ T5098] bridge0: port 1(bridge_slave_0) entered forwarding state
[  129.089369][ T5098] bridge0: port 2(bridge_slave_1) entered blocking state
[  129.096719][ T5098] bridge0: port 2(bridge_slave_1) entered forwarding state
[  129.211666][   T45] appletouch 1-1:0.0: Geyser mode initialized.
[  129.234667][   T45] input: appletouch as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/input/input11
[  129.382479][ T5871] 8021q: adding VLAN 0 to HW filter on device batadv0
[  129.466507][ T5150] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  129.490966][ T5148] udevd[5148]: Error opening device "/dev/input/event4": Input/output error
[  129.529240][ T5148] udevd[5148]: Unable to EVIOCGABS device "/dev/input/event4"
[  129.564161][ T5148] udevd[5148]: Unable to EVIOCGABS device "/dev/input/event4"
[  129.594532][ T5148] udevd[5148]: Assertion 'close_nointr(fd) != -EBADF' failed at util.c:228, function safe_close(). Aborting.
[  129.647755][ T5871] veth0_vlan: entered promiscuous mode
[  129.665009][ T6074] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  129.686087][ T5150] usb 2-1: Using ep0 maxpacket: 16
[  129.705014][ T6074] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  129.720392][ T5150] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024
[  129.737524][ T5871] veth1_vlan: entered promiscuous mode
[  129.748770][ T4547] udevd[4547]: worker [5148] terminated by signal 6 (Aborted)
[  129.764749][ T5150] usb 2-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  129.770875][ T4547] udevd[4547]: worker [5148] failed while handling '/devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/input/input11/event4'
[  129.813989][ T5150] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  129.868713][ T5150] usb 2-1: config 0 descriptor??
[  129.916768][ T5871] veth0_macvtap: entered promiscuous mode
[  129.953201][ T5871] veth1_macvtap: entered promiscuous mode
[  130.028883][ T5871] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  130.046074][ T5871] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  130.059369][ T5871] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  130.070029][ T5871] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  130.082981][ T5871] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  130.098450][ T5871] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  130.109180][ T5871] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  130.121958][ T5871] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  130.158238][ T5871] batman_adv: batadv0: Interface activated: batadv_slave_0
[  130.190469][ T5871] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  130.204492][ T5871] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  130.218730][ T5871] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  130.232953][ T5871] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  130.244445][ T5871] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  130.255659][ T5871] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  130.267352][ T5871] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  130.279169][ T5871] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  130.292294][ T5871] batman_adv: batadv0: Interface activated: batadv_slave_1
[  130.325024][ T5871] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  130.335144][ T5871] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  130.344480][ T5871] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  130.355518][ T5871] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  130.380258][ T6078] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  130.408299][ T6078] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  130.444652][ T5150] hid-generic 0003:0158:0100.0002: unknown main item tag 0x1
[  130.453665][ T5150] hid-generic 0003:0158:0100.0002: unexpected long global item
[  130.488060][ T5150] hid-generic 0003:0158:0100.0002: probe with driver hid-generic failed with error -22
[  130.546188][  T785] usb 1-1: USB disconnect, device number 11
[  130.641626][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  130.677604][  T785] appletouch 1-1:0.0: input: appletouch disconnected
[  130.699720][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  130.737914][ T5150] usb 2-1: USB disconnect, device number 11
[  130.894199][ T2796] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  130.949669][ T2796] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  133.020438][ T1250] ieee802154 phy0 wpan0: encryption failed: -22
[  133.026863][ T1250] ieee802154 phy1 wpan1: encryption failed: -22
[  133.960259][   T12] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  134.152359][   T12] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  134.261999][    C1] vcan0: j1939_tp_rxtimer: 0xffff88802d324400: rx timeout, send abort
[  134.270518][    C1] vcan0: j1939_tp_rxtimer: 0xffff88802d327400: rx timeout, send abort
[  134.279232][    C1] vcan0: j1939_xtp_rx_abort_one: 0xffff88802d324400: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  134.293727][    C1] vcan0: j1939_xtp_rx_abort_one: 0xffff88802d327400: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  134.440627][   T12] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  134.602553][   T12] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  134.997873][   T25] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  135.044845][   T12] bridge_slave_1: left allmulticast mode
[  135.054770][ T5111] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  135.071784][   T12] bridge_slave_1: left promiscuous mode
[  135.077942][ T5111] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  135.086598][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  135.101357][ T5111] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  135.134143][ T5111] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  135.143848][ T5111] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  135.155145][ T5111] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  135.163477][   T12] bridge_slave_0: left allmulticast mode
[  135.178486][   T12] bridge_slave_0: left promiscuous mode
[  135.184646][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  135.248524][   T25] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  135.290908][   T25] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  135.306045][   T25] usb 4-1: New USB device found, idVendor=05ac, idProduct=022a, bcdDevice= 0.00
[  135.315318][   T25] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  135.327199][   T25] usb 4-1: config 0 descriptor??
[  135.516046][  T785] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  135.733948][  T785] usb 3-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  135.751775][   T25] appletouch 4-1:0.0: Geyser mode initialized.
[  135.763620][  T785] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  135.772439][  T785] usb 3-1: Product: syz
[  135.777139][  T785] usb 3-1: Manufacturer: syz
[  135.782209][  T785] usb 3-1: SerialNumber: syz
[  135.796321][   T25] input: appletouch as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/input/input12
[  135.810331][  T785] usb 3-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  135.950811][ T5150] usb 3-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  136.234747][   T25] usb 3-1: USB disconnect, device number 9
[  136.258511][ T5238] udevd[5238]: Error opening device "/dev/input/event4": Input/output error
[  136.282159][ T5238] udevd[5238]: Unable to EVIOCGABS device "/dev/input/event4"
[  136.295597][ T5238] udevd[5238]: Unable to EVIOCGABS device "/dev/input/event4"
[  136.328463][ T5238] udevd[5238]: Assertion 'close_nointr(fd) != -EBADF' failed at util.c:228, function safe_close(). Aborting.
[  136.395460][ T4547] udevd[4547]: worker [5238] terminated by signal 6 (Aborted)
[  136.403423][ T4547] udevd[4547]: worker [5238] failed while handling '/devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/input/input12/event4'
[  136.433333][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  136.449880][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  136.481536][   T12] bond0 (unregistering): Released all slaves
[  137.020029][ T5150] ath9k_htc 3-1:1.0: ath9k_htc: Target is unresponsive
[  137.259427][ T5111] Bluetooth: hci2: command tx timeout
[  137.594779][ T5164] usb 4-1: USB disconnect, device number 8
[  137.669544][ T5150] ath9k_htc: Failed to initialize the device
[  137.690512][   T25] usb 3-1: ath9k_htc: USB layer deinitialized
[  137.827653][ T5164] appletouch 4-1:0.0: input: appletouch disconnected
[  138.205119][   T12] hsr_slave_0: left promiscuous mode
[  138.304148][   T12] hsr_slave_1: left promiscuous mode
[  138.454777][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  138.586094][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  138.841139][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  138.909489][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  139.286636][   T12] veth1_macvtap: left promiscuous mode
[  139.327273][   T12] veth0_macvtap: left promiscuous mode
[  139.336259][ T5111] Bluetooth: hci2: command tx timeout
[  139.362100][   T12] veth1_vlan: left promiscuous mode
[  139.367919][   T12] veth0_vlan: left promiscuous mode
[  139.773797][ T6185] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  139.792720][ T6185] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  140.030977][    C0] vcan0: j1939_tp_rxtimer: 0xffff88802c867c00: rx timeout, send abort
[  140.066768][ T6191] raw_sendmsg: syz.2.281 forgot to set AF_INET. Fix it!
[  140.262853][   T12] team0 (unregistering): Port device team_slave_1 removed
[  140.315332][   T12] team0 (unregistering): Port device team_slave_0 removed
[  140.539277][    C0] vcan0: j1939_tp_rxtimer: 0xffff88802c867c00: abort rx timeout. Force session deactivation
[  140.788962][ T6165] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR
[  140.926597][ T6189] netlink: 'syz.3.280': attribute type 4 has an invalid length.
[  141.365433][ T6131] chnl_net:caif_netlink_parms(): no params data found
[  141.419755][ T5111] Bluetooth: hci2: command tx timeout
[  141.625849][    T9] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  141.717090][ T6131] bridge0: port 1(bridge_slave_0) entered blocking state
[  141.753431][ T6131] bridge0: port 1(bridge_slave_0) entered disabled state
[  141.788501][ T6131] bridge_slave_0: entered allmulticast mode
[  141.832553][ T6131] bridge_slave_0: entered promiscuous mode
[  141.855999][    T9] usb 4-1: Using ep0 maxpacket: 8
[  141.868543][    T9] usb 4-1: config 0 has an invalid interface number: 174 but max is 0
[  141.897597][ T6131] bridge0: port 2(bridge_slave_1) entered blocking state
[  141.905920][   T29] audit: type=1326 audit(1720483402.133:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6222 comm="syz.4.289" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fe56a575bd9 code=0x0
[  141.916363][    T9] usb 4-1: config 0 has no interface number 0
[  141.938834][ T6131] bridge0: port 2(bridge_slave_1) entered disabled state
[  141.960831][ T6131] bridge_slave_1: entered allmulticast mode
[  141.967360][    T9] usb 4-1: config 0 interface 174 has no altsetting 0
[  141.991378][ T6131] bridge_slave_1: entered promiscuous mode
[  142.004930][    T9] usb 4-1: New USB device found, idVendor=1bc7, idProduct=eac7, bcdDevice=ba.3c
[  142.030281][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  142.054815][    T9] usb 4-1: Product: syz
[  142.075662][    T9] usb 4-1: Manufacturer: syz
[  142.089443][    T9] usb 4-1: SerialNumber: syz
[  142.128575][    T9] usb 4-1: config 0 descriptor??
[  142.151536][    T9] usb 4-1: bad CDC descriptors
[  142.194544][ T6131] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  142.239183][ T6131] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  142.382533][ T6131] team0: Port device team_slave_0 added
[  142.417209][ T6131] team0: Port device team_slave_1 added
[  142.560654][ T6131] batman_adv: batadv0: Adding interface: batadv_slave_0
[  142.578724][ T6131] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  142.608064][ T6131] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  142.648776][ T6131] batman_adv: batadv0: Adding interface: batadv_slave_1
[  142.666055][ T6131] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  142.755849][ T6131] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  142.774876][ T6246] Cannot find add_set index 0 as target
[  143.022236][ T6131] hsr_slave_0: entered promiscuous mode
[  143.049745][ T6131] hsr_slave_1: entered promiscuous mode
[  143.090196][ T6131] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  143.155624][ T6131] Cannot create hsr debugfs directory
[  143.229354][ T6255] usb usb8: usbfs: process 6255 (syz.2.295) did not claim interface 0 before use
[  143.511253][ T5111] Bluetooth: hci2: command tx timeout
[  143.693943][   T29] audit: type=1326 audit(1720483403.933:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6273 comm="syz.4.298" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe56a575bd9 code=0x0
[  143.715432][    C1] vkms_vblank_simulate: vblank timer overrun
[  144.365896][   T25] usb 1-1: new high-speed USB device number 12 using dummy_hcd
[  144.394482][   T29] audit: type=1326 audit(1720483404.633:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6291 comm="syz.2.302" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd125d75bd9 code=0x7ffc0000
[  144.523165][   T29] audit: type=1326 audit(1720483404.633:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6291 comm="syz.2.302" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd125d75bd9 code=0x7ffc0000
[  144.578082][   T25] usb 1-1: New USB device found, idVendor=110a, idProduct=1450, bcdDevice=c2.c6
[  144.607989][   T25] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  144.645180][   T25] usb 1-1: config 0 descriptor??
[  144.651306][   T29] audit: type=1326 audit(1720483404.663:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6291 comm="syz.2.302" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fd125d75bd9 code=0x7ffc0000
[  144.651356][   T29] audit: type=1326 audit(1720483404.663:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6291 comm="syz.2.302" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd125d75bd9 code=0x7ffc0000
[  144.651400][   T29] audit: type=1326 audit(1720483404.663:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6291 comm="syz.2.302" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd125d75bd9 code=0x7ffc0000
[  144.651445][   T29] audit: type=1326 audit(1720483404.673:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6291 comm="syz.2.302" exe="/root/syz-executor" sig=0 arch=c000003e syscall=444 compat=0 ip=0x7fd125d75bd9 code=0x7ffc0000
[  144.651487][   T29] audit: type=1326 audit(1720483404.673:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6291 comm="syz.2.302" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd125d75bd9 code=0x7ffc0000
[  144.651530][   T29] audit: type=1326 audit(1720483404.683:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6291 comm="syz.2.302" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd125d75bd9 code=0x7ffc0000
[  144.697484][    C1] vkms_vblank_simulate: vblank timer overrun
[  144.849487][ T6296] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  144.903822][ T6296] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  145.100163][ T5098] usb 4-1: USB disconnect, device number 9
[  145.307060][ T6288] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  145.348142][ T6288] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  145.445939][ T5168] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  145.584761][   T25] mxuport 1-1:0.0: mxuport_recv_ctrl_urb - usb_control_msg failed (-71)
[  145.603756][   T25] mxuport 1-1:0.0: probe with driver mxuport failed with error -5
[  145.616484][ T5168] usb 3-1: device descriptor read/64, error -71
[  145.640105][   T25] usb 1-1: USB disconnect, device number 12
[  145.896648][ T5168] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  145.931710][ T6131] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  145.973394][ T6131] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  146.003121][ T6131] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  146.019766][ T6131] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  146.066482][ T5168] usb 3-1: device descriptor read/64, error -71
[  146.189779][ T5168] usb usb3-port1: attempt power cycle
[  146.196438][ T6131] 8021q: adding VLAN 0 to HW filter on device bond0
[  146.245541][ T6131] 8021q: adding VLAN 0 to HW filter on device team0
[  146.266017][  T785] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  146.270980][   T25] bridge0: port 1(bridge_slave_0) entered blocking state
[  146.280864][   T25] bridge0: port 1(bridge_slave_0) entered forwarding state
[  146.295079][ T6331] netlink: 12 bytes leftover after parsing attributes in process `syz.0.310'.
[  146.327650][ T6331] bond1: entered promiscuous mode
[  146.347007][ T5151] bridge0: port 2(bridge_slave_1) entered blocking state
[  146.354184][ T5151] bridge0: port 2(bridge_slave_1) entered forwarding state
[  146.370865][ T6331] ip6gretap1: entered promiscuous mode
[  146.389333][ T6331] bond1: (slave ip6gretap1): Enslaving as an active interface with an up link
[  146.456867][  T785] usb 4-1: Using ep0 maxpacket: 32
[  146.469934][  T785] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  146.481583][  T785] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 2
[  146.491287][  T785] usb 4-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  146.525535][  T785] usb 4-1: string descriptor 0 read error: -22
[  146.541542][  T785] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  146.583507][  T785] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  146.626223][ T5168] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  146.627355][ T6131] 8021q: adding VLAN 0 to HW filter on device batadv0
[  146.637566][  T785] cdc_ncm 4-1:1.0: CDC Union missing and no IAD found
[  146.683285][  T785] cdc_ncm 4-1:1.0: bind() failure
[  146.689599][ T5168] usb 3-1: device descriptor read/8, error -71
[  146.789689][ T6131] veth0_vlan: entered promiscuous mode
[  146.824375][ T6131] veth1_vlan: entered promiscuous mode
[  146.927087][ T6131] veth0_macvtap: entered promiscuous mode
[  146.954535][ T6131] veth1_macvtap: entered promiscuous mode
[  146.965929][ T5168] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  146.986040][ T5151] usb 1-1: new high-speed USB device number 13 using dummy_hcd
[  147.019313][ T5168] usb 3-1: device descriptor read/8, error -71
[  147.026165][ T6131] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  147.051746][ T6131] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  147.070954][ T6131] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  147.082040][ T6131] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  147.093275][ T6131] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  147.108851][ T6131] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  147.127584][ T6131] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  147.138796][ T6131] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  147.163655][ T6131] batman_adv: batadv0: Interface activated: batadv_slave_0
[  147.171929][ T5168] usb usb3-port1: unable to enumerate USB device
[  147.206031][ T5151] usb 1-1: Using ep0 maxpacket: 8
[  147.218761][  T785] usb 4-1: USB disconnect, device number 10
[  147.233697][ T6131] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  147.251109][ T5151] usb 1-1: config index 0 descriptor too short (expected 301, got 45)
[  147.263104][ T6131] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  147.277466][ T5151] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  147.285945][ T6131] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  147.305554][ T5151] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  147.306016][ T6131] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  147.317240][ T5151] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  147.317273][ T5151] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  147.317322][ T5151] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  147.317357][ T5151] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  147.411261][ T6131] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  147.426052][ T6131] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  147.437182][ T6131] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  147.472559][ T6131] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  147.490296][ T6131] batman_adv: batadv0: Interface activated: batadv_slave_1
[  147.514476][ T6131] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  147.538482][ T5151] usb 1-1: usb_control_msg returned -32
[  147.554357][ T5151] usbtmc 1-1:16.0: can't read capabilities
[  147.560476][ T6131] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  147.560589][ T6131] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  147.560622][ T6131] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  147.695478][ T6351] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  147.706421][ T6351] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  147.850165][   T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  147.878743][   T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  149.712756][   T25] usb 1-1: USB disconnect, device number 13
[  150.637483][ T5164] usb 1-1: new high-speed USB device number 14 using dummy_hcd
[  150.860334][ T5164] usb 1-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  150.908813][ T5164] usb 1-1: New USB device found, idVendor=05ac, idProduct=025b, bcdDevice= 0.40
[  150.945911][ T5164] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  150.954031][ T5164] usb 1-1: Product: syz
[  150.967247][ T5164] usb 1-1: Manufacturer: syz
[  150.971946][ T5164] usb 1-1: SerialNumber: syz
[  150.989224][ T5164] input: bcm5974 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/input/input13
[  151.708464][ T4532] bcm5974 1-1:1.0: could not read from device
[  151.718988][  T930] usb 1-1: USB disconnect, device number 14
[  151.738875][ T6415] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  151.751531][ T4532] bcm5974 1-1:1.0: could not read from device
[  151.761245][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  151.769121][ T6415] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  151.780468][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  151.813763][ T5323] bcm5974 1-1:1.0: could not read from device
[  151.841366][ T4532] bcm5974 1-1:1.0: could not read from device
[  152.194478][ T5323] udevd[5323]: Error opening device "/dev/input/event4": No such file or directory
[  152.210010][ T2836] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  152.246408][ T5323] udevd[5323]: Unable to EVIOCGABS device "/dev/input/event4"
[  152.271485][ T5323] udevd[5323]: Unable to EVIOCGABS device "/dev/input/event4"
[  152.280177][ T5323] udevd[5323]: Unable to EVIOCGABS device "/dev/input/event4"
[  152.288022][   T45] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  152.317266][ T5323] udevd[5323]: Unable to EVIOCGABS device "/dev/input/event4"
[  152.505552][ T2836] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  152.553753][   T45] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  152.636472][   T45] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  152.692157][   T45] usb 3-1: New USB device found, idVendor=05ac, idProduct=022a, bcdDevice= 0.00
[  152.702295][   T45] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  152.737591][   T45] usb 3-1: config 0 descriptor??
[  152.781115][ T2836] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  152.984104][ T6430] netlink: 'syz.0.328': attribute type 29 has an invalid length.
[  153.002439][ T2836] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  153.015138][ T6430] netlink: 8 bytes leftover after parsing attributes in process `syz.0.328'.
[  153.042413][ T6430] netlink: 'syz.0.328': attribute type 29 has an invalid length.
[  153.073135][ T6430] netlink: 8 bytes leftover after parsing attributes in process `syz.0.328'.
[  153.128021][ T6434] netlink: 'syz.0.328': attribute type 29 has an invalid length.
[  153.150036][ T6434] netlink: 8 bytes leftover after parsing attributes in process `syz.0.328'.
[  153.181704][   T45] appletouch 3-1:0.0: Geyser mode initialized.
[  153.211190][   T45] input: appletouch as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/input/input14
[  153.298867][ T6436] fuse: Invalid rootmode
[  153.308909][ T6436] fuse: Unknown parameter '0xffffffffffffffff'
[  153.312595][ T5097] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  153.325977][ T5097] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  153.334013][ T5097] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  153.345192][ T5097] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  153.353752][ T5097] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  153.367246][ T5097] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  153.589315][ T2836] bridge_slave_1: left allmulticast mode
[  153.612937][ T2836] bridge_slave_1: left promiscuous mode
[  153.640860][ T2836] bridge0: port 2(bridge_slave_1) entered disabled state
[  153.687817][ T2836] bridge_slave_0: left allmulticast mode
[  153.714325][ T2836] bridge_slave_0: left promiscuous mode
[  153.743434][ T2836] bridge0: port 1(bridge_slave_0) entered disabled state
[  153.758993][ T5323] udevd[5323]: Error opening device "/dev/input/event4": Input/output error
[  153.788803][ T5323] udevd[5323]: Unable to EVIOCGABS device "/dev/input/event4"
[  153.804520][ T5323] udevd[5323]: Unable to EVIOCGABS device "/dev/input/event4"
[  153.818611][ T5323] udevd[5323]: Assertion 'close_nointr(fd) != -EBADF' failed at util.c:228, function safe_close(). Aborting.
[  153.884716][ T4547] udevd[4547]: worker [5323] terminated by signal 6 (Aborted)
[  154.903524][ T5151] usb 3-1: USB disconnect, device number 14
[  154.979853][ T5151] appletouch 3-1:0.0: input: appletouch disconnected
[  155.416206][ T5111] Bluetooth: hci0: command tx timeout
[  155.974698][ T2836] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  156.006979][ T2836] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  156.028798][ T2836] bond0 (unregistering): Released all slaves
[  157.496333][ T5111] Bluetooth: hci0: command tx timeout
[  157.783796][ T6474] erspan0: entered promiscuous mode
[  157.797169][ T6474] erspan0: left promiscuous mode
[  157.857299][ T6476] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  158.254859][ T6488] fuse: Invalid rootmode
[  158.271780][ T6488] fuse: Unknown parameter '0xffffffffffffffff'
[  158.445844][   T29] audit: type=1326 audit(1720483418.683:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6496 comm="syz.4.344" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe56a575bd9 code=0x0
[  158.614995][ T2836] hsr_slave_0: left promiscuous mode
[  158.667865][ T2836] hsr_slave_1: left promiscuous mode
[  158.681251][ T2836] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  158.689490][ T6505] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  158.697402][ T2836] batman_adv: batadv0: Removing interface: batadv_slave_0
[  158.730242][ T2836] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  158.746104][ T2836] batman_adv: batadv0: Removing interface: batadv_slave_1
[  158.854577][ T2836] veth1_macvtap: left promiscuous mode
[  158.887872][ T2836] veth0_macvtap: left promiscuous mode
[  158.913933][ T2836] veth1_vlan: left promiscuous mode
[  158.942888][ T2836] veth0_vlan: left promiscuous mode
[  159.301796][ T6520] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  159.404853][ T5097] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  159.416038][ T5097] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  159.425707][ T5097] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  159.438721][ T5097] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  159.452010][ T5097] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  159.459919][ T5097] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  159.576914][ T5111] Bluetooth: hci0: command tx timeout
[  160.256062][  T930] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[  160.363498][ T2836] team0 (unregistering): Port device team_slave_1 removed
[  160.449125][ T2836] team0 (unregistering): Port device team_slave_0 removed
[  160.455978][  T930] usb 3-1: Using ep0 maxpacket: 8
[  160.476032][  T930] usb 3-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  160.490918][  T930] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  160.503567][  T930] usb 3-1: config 0 descriptor??
[  161.169528][ T6536] vlan2: entered promiscuous mode
[  161.190047][ T6536] gretap0: entered promiscuous mode
[  161.213199][ T6536] gretap0: left promiscuous mode
[  161.353532][  T930] asix 3-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[  161.457491][  T930] asix 3-1:0.0: probe with driver asix failed with error -71
[  161.496864][ T5111] Bluetooth: hci4: command tx timeout
[  161.543223][  T930] usb 3-1: USB disconnect, device number 15
[  161.660422][ T5111] Bluetooth: hci0: command tx timeout
[  161.761265][ T6441] chnl_net:caif_netlink_parms(): no params data found
[  161.796719][ T6552] fuse: Invalid rootmode
[  161.807619][ T6552] fuse: Unknown parameter '0xffffffffffffffff'
[  162.299202][   T29] audit: type=1326 audit(1720483422.543:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6562 comm="syz.2.357" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd125d75bd9 code=0x0
[  162.378788][ T6441] bridge0: port 1(bridge_slave_0) entered blocking state
[  162.416067][ T6441] bridge0: port 1(bridge_slave_0) entered disabled state
[  162.423461][ T6441] bridge_slave_0: entered allmulticast mode
[  162.439436][ T6441] bridge_slave_0: entered promiscuous mode
[  162.477468][ T6441] bridge0: port 2(bridge_slave_1) entered blocking state
[  162.505197][ T6441] bridge0: port 2(bridge_slave_1) entered disabled state
[  162.514387][ T6441] bridge_slave_1: entered allmulticast mode
[  162.528925][ T6441] bridge_slave_1: entered promiscuous mode
[  162.690957][ T6441] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  162.711262][ T6441] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  162.842140][ T6530] chnl_net:caif_netlink_parms(): no params data found
[  162.935154][ T6441] team0: Port device team_slave_0 added
[  162.982728][ T6441] team0: Port device team_slave_1 added
[  163.380857][ T6441] batman_adv: batadv0: Adding interface: batadv_slave_0
[  163.388024][ T6441] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  163.417725][ T6441] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  163.479125][ T2836] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  163.580441][ T6611] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  163.582114][ T5111] Bluetooth: hci4: command tx timeout
[  163.589296][ T6611] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  163.656797][ T6441] batman_adv: batadv0: Adding interface: batadv_slave_1
[  163.664008][ T6441] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  163.691336][ T6441] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  163.749650][ T2836] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  163.804044][ T6530] bridge0: port 1(bridge_slave_0) entered blocking state
[  163.823444][ T6530] bridge0: port 1(bridge_slave_0) entered disabled state
[  163.832285][ T6530] bridge_slave_0: entered allmulticast mode
[  163.845621][ T6530] bridge_slave_0: entered promiscuous mode
[  163.876935][ T6611] netlink: 24 bytes leftover after parsing attributes in process `syz.4.365'.
[  164.066214][ T2836] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  164.093781][ T6530] bridge0: port 2(bridge_slave_1) entered blocking state
[  164.114541][ T6530] bridge0: port 2(bridge_slave_1) entered disabled state
[  164.131644][ T6530] bridge_slave_1: entered allmulticast mode
[  164.147435][ T6530] bridge_slave_1: entered promiscuous mode
[  164.247788][ T2836] team0: Port device netdevsim0 removed
[  164.259914][   T25] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[  164.274343][ T2836] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  164.341640][ T6441] hsr_slave_0: entered promiscuous mode
[  164.363172][ T6441] hsr_slave_1: entered promiscuous mode
[  164.370224][ T6441] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  164.381481][ T6441] Cannot create hsr debugfs directory
[  164.459630][   T25] usb 3-1: config index 0 descriptor too short (expected 106, got 36)
[  164.471186][ T6530] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  164.486422][   T25] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  164.535220][   T25] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  164.547778][   T25] usb 3-1: New USB device found, idVendor=1b1c, idProduct=1b3e, bcdDevice= 0.00
[  164.557963][   T25] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  164.590374][   T25] usb 3-1: config 0 descriptor??
[  164.615047][ T6530] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  164.766132][   T29] audit: type=1326 audit(1720483425.003:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6627 comm="syz.1.370" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb5f2b75bd9 code=0x0
[  164.850874][   T25] usbhid 3-1:0.0: can't add hid device: -71
[  164.865308][   T25] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  164.886712][   T25] usb 3-1: USB disconnect, device number 16
[  164.892866][ T6530] team0: Port device team_slave_0 added
[  164.980509][ T6530] team0: Port device team_slave_1 added
[  165.188603][ T6530] batman_adv: batadv0: Adding interface: batadv_slave_0
[  165.206121][ T6530] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  165.261029][ T6530] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  165.314037][ T2836] bridge_slave_1: left allmulticast mode
[  165.327194][ T2836] bridge_slave_1: left promiscuous mode
[  165.343357][ T2836] bridge0: port 2(bridge_slave_1) entered disabled state
[  165.358682][ T2836] bridge_slave_0: left allmulticast mode
[  165.374705][ T2836] bridge_slave_0: left promiscuous mode
[  165.386006][ T2836] bridge0: port 1(bridge_slave_0) entered disabled state
[  165.657228][ T5111] Bluetooth: hci4: command tx timeout
[  165.876176][ T5098] usb 3-1: new high-speed USB device number 17 using dummy_hcd
[  166.056135][ T5111] Bluetooth: hci1: command tx timeout
[  166.070842][ T5098] usb 3-1: Using ep0 maxpacket: 16
[  166.103591][ T5098] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024
[  166.138775][ T5098] usb 3-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  166.169584][ T5098] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  166.211816][ T5098] usb 3-1: config 0 descriptor??
[  166.473847][ T6652] syz.1.373 (6652): attempted to duplicate a private mapping with mremap.  This is not supported.
[  166.743927][ T2836] bond1 (unregistering): (slave ip6gretap1): Releasing backup interface
[  166.802483][ T6653] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  166.829807][ T6653] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  166.902227][ T5098] usbhid 3-1:0.0: can't add hid device: -71
[  166.914246][ T5098] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  166.945056][ T5098] usb 3-1: USB disconnect, device number 17
[  167.329158][ T2836] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  167.349468][ T2836] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  167.361011][ T2836] bond0 (unregistering): Released all slaves
[  167.379164][ T2836] bond1 (unregistering): Released all slaves
[  167.397697][ T6530] batman_adv: batadv0: Adding interface: batadv_slave_1
[  167.404822][ T6530] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  167.431307][ T6530] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  167.736368][ T5111] Bluetooth: hci4: command tx timeout
[  167.789369][ T6530] hsr_slave_0: entered promiscuous mode
[  167.845147][ T6530] hsr_slave_1: entered promiscuous mode
[  167.914654][ T6530] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  167.935814][ T6530] Cannot create hsr debugfs directory
[  167.943494][ T5115] syz-executor (5115) used greatest stack depth: 18448 bytes left
[  167.978577][ T6663] netlink: 20 bytes leftover after parsing attributes in process `syz.4.374'.
[  168.037266][ T6663] netlink: 24 bytes leftover after parsing attributes in process `syz.4.374'.
[  168.755589][ T5097] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  168.775335][ T5097] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  168.796020][ T5097] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  168.807107][ T5097] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  168.821025][ T2836] hsr_slave_0: left promiscuous mode
[  168.821715][ T5097] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  168.834508][ T5097] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  168.885487][ T2836] hsr_slave_1: left promiscuous mode
[  168.938645][   T29] audit: type=1326 audit(1720483429.183:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6680 comm="syz.1.380" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb5f2b75bd9 code=0x0
[  168.938874][ T2836] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  168.979755][ T6685] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  168.988992][ T6685] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  168.993390][ T2836] batman_adv: batadv0: Removing interface: batadv_slave_0
[  169.014216][ T2836] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  169.023475][ T2836] batman_adv: batadv0: Removing interface: batadv_slave_1
[  169.091381][ T2836] veth1_macvtap: left promiscuous mode
[  169.097877][ T2836] veth0_macvtap: left promiscuous mode
[  169.103576][ T2836] veth1_vlan: left promiscuous mode
[  169.110174][ T2836] veth0_vlan: left promiscuous mode
[  170.092529][ T2836] team0 (unregistering): Port device team_slave_1 removed
[  170.181575][ T2836] team0 (unregistering): Port device team_slave_0 removed
[  170.936265][ T5111] Bluetooth: hci1: command tx timeout
[  171.638609][   T29] audit: type=1326 audit(1720483431.883:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6719 comm="syz.1.392" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb5f2b75bd9 code=0x0
[  171.767777][ T6441] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  171.805123][ T6441] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  171.846711][ T6441] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  171.919736][ T2836] IPVS: stop unused estimator thread 0...
[  171.925135][ T6441] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  171.948484][ T6682] chnl_net:caif_netlink_parms(): no params data found
[  172.324681][ T6682] bridge0: port 1(bridge_slave_0) entered blocking state
[  172.332250][ T6682] bridge0: port 1(bridge_slave_0) entered disabled state
[  172.341471][ T6682] bridge_slave_0: entered allmulticast mode
[  172.352783][ T6682] bridge_slave_0: entered promiscuous mode
[  172.376690][ T6682] bridge0: port 2(bridge_slave_1) entered blocking state
[  172.384870][ T6682] bridge0: port 2(bridge_slave_1) entered disabled state
[  172.397776][ T6682] bridge_slave_1: entered allmulticast mode
[  172.412394][ T6682] bridge_slave_1: entered promiscuous mode
[  172.482985][ T6682] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  172.554429][ T6682] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  172.695649][ T6682] team0: Port device team_slave_0 added
[  172.796972][ T6682] team0: Port device team_slave_1 added
[  172.850520][ T6741] usb usb8: usbfs: process 6741 (syz.1.396) did not claim interface 0 before use
[  172.910302][ T6530] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  173.016534][ T5111] Bluetooth: hci1: command tx timeout
[  173.086190][ T6530] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  173.131260][ T6530] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  173.171363][ T6682] batman_adv: batadv0: Adding interface: batadv_slave_0
[  173.185956][ T6682] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  173.215544][ T6682] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  173.260000][ T6530] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  173.386971][ T6748] netlink: 12 bytes leftover after parsing attributes in process `syz.4.398'.
[  173.397485][ T6682] batman_adv: batadv0: Adding interface: batadv_slave_1
[  173.404480][ T6682] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  173.434329][ T6682] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  173.660213][ T6759] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  173.686038][ T6759] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  173.733004][ T6441] 8021q: adding VLAN 0 to HW filter on device bond0
[  173.764281][ T6682] hsr_slave_0: entered promiscuous mode
[  173.771308][ T6682] hsr_slave_1: entered promiscuous mode
[  173.783730][ T6682] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  173.794536][ T6682] Cannot create hsr debugfs directory
[  173.920645][ T6441] 8021q: adding VLAN 0 to HW filter on device team0
[  173.994764][  T785] bridge0: port 1(bridge_slave_0) entered blocking state
[  174.001982][  T785] bridge0: port 1(bridge_slave_0) entered forwarding state
[  174.069596][ T6530] 8021q: adding VLAN 0 to HW filter on device bond0
[  174.085171][  T785] bridge0: port 2(bridge_slave_1) entered blocking state
[  174.092493][  T785] bridge0: port 2(bridge_slave_1) entered forwarding state
[  174.212882][   T29] audit: type=1326 audit(1720483434.453:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6766 comm="syz.1.404" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb5f2b75bd9 code=0x0
[  174.284252][ T6530] 8021q: adding VLAN 0 to HW filter on device team0
[  174.438994][ T6682] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  174.480015][    T9] bridge0: port 1(bridge_slave_0) entered blocking state
[  174.487290][    T9] bridge0: port 1(bridge_slave_0) entered forwarding state
[  174.515345][  T785] bridge0: port 2(bridge_slave_1) entered blocking state
[  174.522602][  T785] bridge0: port 2(bridge_slave_1) entered forwarding state
[  174.687580][ T6682] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  174.855507][ T6682] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  175.076731][ T6441] 8021q: adding VLAN 0 to HW filter on device batadv0
[  175.096311][ T5111] Bluetooth: hci1: command tx timeout
[  175.405058][ T6441] veth0_vlan: entered promiscuous mode
[  175.504327][ T6801] netlink: 'syz.1.410': attribute type 4 has an invalid length.
[  175.521003][ T6801] netlink: 17 bytes leftover after parsing attributes in process `syz.1.410'.
[  175.538445][ T6797] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  175.564751][ T6797] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  175.608201][ T6530] 8021q: adding VLAN 0 to HW filter on device batadv0
[  175.641675][ T6441] veth1_vlan: entered promiscuous mode
[  175.707893][ T6682] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  175.746043][ T6682] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  175.796900][ T6682] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  175.843464][ T6682] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  175.969082][ T6441] veth0_macvtap: entered promiscuous mode
[  176.026625][ T6441] veth1_macvtap: entered promiscuous mode
[  176.059941][ T6530] veth0_vlan: entered promiscuous mode
[  176.129340][ T6530] veth1_vlan: entered promiscuous mode
[  176.179173][ T6441] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  176.212960][ T6441] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  176.235840][ T6441] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  176.247740][ T6441] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  176.258623][ T6441] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  176.269952][ T6441] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  176.282152][ T6441] batman_adv: batadv0: Interface activated: batadv_slave_0
[  176.322932][ T6441] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  176.363681][ T6441] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  176.405404][ T6441] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  176.445916][ T6441] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  176.459878][ T6441] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  176.482655][ T6441] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  176.518122][ T6441] batman_adv: batadv0: Interface activated: batadv_slave_1
[  176.583903][ T6530] veth0_macvtap: entered promiscuous mode
[  176.628626][ T6441] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  176.640869][ T6441] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  176.651906][ T6441] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  176.661650][ T6441] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  176.679032][ T6530] veth1_macvtap: entered promiscuous mode
[  176.855218][ T6530] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  176.883872][ T6530] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  176.905962][ T6530] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  176.945908][ T6530] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  176.980511][ T6530] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  176.994732][   T29] audit: type=1326 audit(1720483437.233:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6835 comm="syz.1.416" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb5f2b75bd9 code=0x0
[  177.005899][ T6530] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  177.044063][ T6530] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  177.065786][ T6530] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  177.082635][ T6530] batman_adv: batadv0: Interface activated: batadv_slave_0
[  177.169806][ T6530] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  177.182864][ T5097] Bluetooth: hci1: command tx timeout
[  177.203064][ T6530] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  177.241045][ T6843] netlink: 'syz.4.418': attribute type 2 has an invalid length.
[  177.259313][ T6530] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  177.295944][ T6530] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  177.345987][ T6530] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  177.369076][ T6530] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  177.388901][ T6530] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  177.400031][ T6530] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  177.412973][ T6530] batman_adv: batadv0: Interface activated: batadv_slave_1
[  177.488833][ T6530] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  177.522518][ T6530] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  177.532008][ T6530] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  177.541141][ T6530] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  177.585086][  T746] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  177.618148][  T746] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  177.630111][ T6682] 8021q: adding VLAN 0 to HW filter on device bond0
[  177.900546][ T2796] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  177.934357][ T6682] 8021q: adding VLAN 0 to HW filter on device team0
[  177.959138][ T2796] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  177.991021][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  178.024950][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  178.047453][   T25] bridge0: port 1(bridge_slave_0) entered blocking state
[  178.054756][   T25] bridge0: port 1(bridge_slave_0) entered forwarding state
[  178.074510][ T6866] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  178.121225][ T6866] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  178.134470][   T25] bridge0: port 2(bridge_slave_1) entered blocking state
[  178.141771][   T25] bridge0: port 2(bridge_slave_1) entered forwarding state
[  178.325625][ T5097] Bluetooth: hci2: Received unexpected HCI Event 0x00
[  178.469483][   T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  178.514094][   T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  178.520985][ T6882] usb usb8: usbfs: process 6882 (syz.4.424) did not claim interface 0 before use
[  178.606518][ T5150] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[  178.866289][ T6682] 8021q: adding VLAN 0 to HW filter on device batadv0
[  178.896050][ T5150] usb 2-1: Using ep0 maxpacket: 32
[  178.930843][ T5150] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  179.005550][ T5150] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  179.061826][ T5150] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  179.122649][ T5150] usb 2-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0
[  179.180952][ T5150] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[  179.210339][ T5150] usb 2-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0
[  179.228637][ T5150] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  179.242331][ T6682] veth0_vlan: entered promiscuous mode
[  179.259136][ T5150] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  179.289879][ T5150] usb 2-1: Product: syz
[  179.311818][ T5150] usb 2-1: Manufacturer: syz
[  179.341035][ T6682] veth1_vlan: entered promiscuous mode
[  179.362133][ T5150] usb 2-1: SerialNumber: syz
[  179.619754][ T5150] cdc_ncm 2-1:1.0: bind() failure
[  179.677445][ T5150] cdc_ncm 2-1:1.1: CDC Union missing and no IAD found
[  179.681514][ T6682] veth0_macvtap: entered promiscuous mode
[  179.684267][ T5150] cdc_ncm 2-1:1.1: bind() failure
[  179.770785][ T6682] veth1_macvtap: entered promiscuous mode
[  179.790608][ T5150] usb 2-1: USB disconnect, device number 12
[  179.930408][ T6682] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  180.028746][ T6682] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  180.061924][ T6682] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  180.110083][ T6682] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  180.134546][ T6682] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  180.147244][ T6682] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  180.157598][ T6682] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  180.168684][ T6682] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  180.180421][ T6682] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  180.238772][ T6682] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  180.269975][ T6682] batman_adv: batadv0: Interface activated: batadv_slave_0
[  180.402052][ T6682] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  180.445633][ T6682] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  180.473262][ T6682] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  180.514428][ T6682] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  180.555852][ T6682] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  180.607789][ T6682] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  180.675479][ T6682] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  180.712465][   T29] audit: type=1326 audit(1720483440.953:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6921 comm="syz.3.430" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f4b02175bd9 code=0x0
[  180.739671][ T6682] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  180.774382][ T6682] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  180.803823][ T6682] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  180.846074][   T45] usb 2-1: new full-speed USB device number 13 using dummy_hcd
[  180.849862][ T6682] batman_adv: batadv0: Interface activated: batadv_slave_1
[  180.874624][ T6925] netlink: 12 bytes leftover after parsing attributes in process `syz.4.429'.
[  180.929468][ T6682] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  180.979569][ T6682] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  181.000107][ T6929] netlink: 36 bytes leftover after parsing attributes in process `syz.4.429'.
[  181.014828][ T6682] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  181.025158][ T6682] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  181.067623][   T45] usb 2-1: config 1 contains an unexpected descriptor of type 0x1, skipping
[  181.081925][   T45] usb 2-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[  181.124076][   T45] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  181.157962][   T25] usb 1-1: new high-speed USB device number 15 using dummy_hcd
[  181.187457][   T45] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  181.211481][   T45] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  181.247940][   T45] usb 2-1: Product: syz
[  181.263247][   T45] usb 2-1: Manufacturer: syz
[  181.290575][   T45] usb 2-1: SerialNumber: syz
[  181.333092][ T2796] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  181.354157][ T2796] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  181.376948][   T25] usb 1-1: Using ep0 maxpacket: 16
[  181.393365][   T25] usb 1-1: New USB device found, idVendor=079b, idProduct=000f, bcdDevice=57.ce
[  181.418037][   T25] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  181.467850][   T25] usb 1-1: Product: syz
[  181.487801][   T25] usb 1-1: Manufacturer: syz
[  181.492533][   T25] usb 1-1: SerialNumber: syz
[  181.531413][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  181.583754][   T25] usb 1-1: config 0 descriptor??
[  181.600908][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  181.679254][   T45] usb 2-1: 0:2 : does not exist
[  181.858793][   T25] usb 1-1: USB disconnect, device number 15
[  181.939842][   T45] usb 2-1: USB disconnect, device number 13
[  182.233678][  T785] usb 4-1: new full-speed USB device number 11 using dummy_hcd
[  182.257329][ T5198] udevd[5198]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  182.434906][  T785] usb 4-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 0
[  182.513347][  T785] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  182.561930][  T785] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  182.580726][  T785] usb 4-1: SerialNumber: syz
[  182.611705][  T785] cdc_acm 4-1:1.0: Control and data interfaces are not separated!
[  182.629864][  T785] cdc_acm 4-1:1.0: This needs exactly 3 endpoints
[  182.645434][  T785] cdc_acm 4-1:1.0: probe with driver cdc_acm failed with error -22
[  182.836449][  T785] usb 4-1: USB disconnect, device number 11
[  183.243114][ T6992] netlink: 8 bytes leftover after parsing attributes in process `syz.2.442'.
[  183.291552][ T6992] netlink: 16 bytes leftover after parsing attributes in process `syz.2.442'.
[  183.341277][ T6992] macvlan0: entered allmulticast mode
[  183.702419][ T7003] program syz.3.446 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  183.726796][ T7003] FAULT_INJECTION: forcing a failure.
[  183.726796][ T7003] name failslab, interval 1, probability 0, space 0, times 0
[  183.807102][ T7003] CPU: 0 PID: 7003 Comm: syz.3.446 Not tainted 6.10.0-rc7-syzkaller #0
[  183.815406][ T7003] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  183.825496][ T7003] Call Trace:
[  183.828804][ T7003]  <TASK>
[  183.831765][ T7003]  dump_stack_lvl+0x241/0x360
[  183.836487][ T7003]  ? __pfx_dump_stack_lvl+0x10/0x10
[  183.841733][ T7003]  ? __pfx__printk+0x10/0x10
[  183.846372][ T7003]  ? __nla_validate_parse+0x26ce/0x3090
[  183.851954][ T7003]  ? __lock_acquire+0x1346/0x1fd0
[  183.857024][ T7003]  should_fail_ex+0x3b0/0x4e0
[  183.861747][ T7003]  ? __alloc_skb+0x1c3/0x440
[  183.866390][ T7003]  should_failslab+0x9/0x20
[  183.870930][ T7003]  kmem_cache_alloc_node_noprof+0x71/0x320
[  183.876855][ T7003]  __alloc_skb+0x1c3/0x440
[  183.881307][ T7003]  ? __pfx___alloc_skb+0x10/0x10
[  183.886273][ T7003]  ? __lock_acquire+0x1ef0/0x1fd0
[  183.891326][ T7003]  ? __mutex_trylock_common+0x183/0x2e0
[  183.896923][ T7003]  netlink_dump+0x233/0xe50
[  183.901505][ T7003]  ? __nla_parse+0x40/0x60
[  183.905974][ T7003]  ? __pfx_netlink_dump+0x10/0x10
[  183.911027][ T7003]  ? ip_set_dump_start+0x36f/0x530
[  183.916195][ T7003]  __netlink_dump_start+0x59d/0x780
[  183.921433][ T7003]  ip_set_dump+0x16d/0x1f0
[  183.925872][ T7003]  ? nfnetlink_rcv_msg+0xa5c/0x1180
[  183.931102][ T7003]  ? nfnetlink_rcv_msg+0x225/0x1180
[  183.936315][ T7003]  ? __pfx_ip_set_dump+0x10/0x10
[  183.941288][ T7003]  ? __pfx_ip_set_dump_start+0x10/0x10
[  183.946772][ T7003]  ? __pfx_ip_set_dump_do+0x10/0x10
[  183.951999][ T7003]  ? __pfx_ip_set_dump_done+0x10/0x10
[  183.957405][ T7003]  ? nfnetlink_rcv_msg+0x225/0x1180
[  183.962631][ T7003]  nfnetlink_rcv_msg+0xbec/0x1180
[  183.967701][ T7003]  ? nfnetlink_rcv_msg+0x225/0x1180
[  183.972967][ T7003]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  183.978485][ T7003]  ? kasan_save_track+0x51/0x80
[  183.983448][ T7003]  ? kasan_save_track+0x3f/0x80
[  183.988347][ T7003]  ? kasan_save_free_info+0x40/0x50
[  183.993594][ T7003]  ? __dev_queue_xmit+0x1b0e/0x3d30
[  183.998835][ T7003]  ? __netlink_deliver_tap+0x54d/0x7c0
[  184.004345][ T7003]  ? netlink_deliver_tap+0x19d/0x1b0
[  184.009665][ T7003]  ? netlink_unicast+0x7b8/0x980
[  184.014638][ T7003]  ? netlink_sendmsg+0x8db/0xcb0
[  184.019608][ T7003]  ? ____sys_sendmsg+0x525/0x7d0
[  184.024581][ T7003]  netlink_rcv_skb+0x1e3/0x430
[  184.029393][ T7003]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  184.034962][ T7003]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  184.040294][ T7003]  ? apparmor_capable+0x138/0x1b0
[  184.045346][ T7003]  ? bpf_lsm_capable+0x9/0x10
[  184.050052][ T7003]  ? security_capable+0x90/0xb0
[  184.054965][ T7003]  nfnetlink_rcv+0x297/0x2a80
[  184.059684][ T7003]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  184.066055][ T7003]  ? __local_bh_enable_ip+0x168/0x200
[  184.071443][ T7003]  ? lockdep_hardirqs_on+0x99/0x150
[  184.076677][ T7003]  ? __local_bh_enable_ip+0x168/0x200
[  184.082078][ T7003]  ? dev_hard_start_xmit+0x773/0x7e0
[  184.087387][ T7003]  ? __dev_queue_xmit+0x2d2/0x3d30
[  184.092519][ T7003]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  184.098285][ T7003]  ? __dev_queue_xmit+0x2d2/0x3d30
[  184.103426][ T7003]  ? __dev_queue_xmit+0x16c9/0x3d30
[  184.108667][ T7003]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  184.113824][ T7003]  ? __dev_queue_xmit+0x2d2/0x3d30
[  184.118994][ T7003]  ? ref_tracker_free+0x643/0x7e0
[  184.124075][ T7003]  ? __asan_memcpy+0x40/0x70
[  184.128674][ T7003]  ? __pfx_ref_tracker_free+0x10/0x10
[  184.134105][ T7003]  ? netlink_deliver_tap+0x2e/0x1b0
[  184.139317][ T7003]  ? skb_clone+0x240/0x390
[  184.143762][ T7003]  ? __pfx_lock_release+0x10/0x10
[  184.148824][ T7003]  ? __netlink_deliver_tap+0x77e/0x7c0
[  184.154314][ T7003]  ? netlink_deliver_tap+0x2e/0x1b0
[  184.159526][ T7003]  netlink_unicast+0x7ea/0x980
[  184.164402][ T7003]  ? __pfx_netlink_unicast+0x10/0x10
[  184.169728][ T7003]  ? __check_object_size+0x49c/0x900
[  184.175049][ T7003]  ? bpf_lsm_netlink_send+0x9/0x10
[  184.180187][ T7003]  netlink_sendmsg+0x8db/0xcb0
[  184.185008][ T7003]  ? __pfx_netlink_sendmsg+0x10/0x10
[  184.190326][ T7003]  ? __import_iovec+0x536/0x820
[  184.195205][ T7003]  ? aa_sock_msg_perm+0x91/0x160
[  184.200168][ T7003]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  184.205485][ T7003]  ? security_socket_sendmsg+0x87/0xb0
[  184.211003][ T7003]  ? __pfx_netlink_sendmsg+0x10/0x10
[  184.216311][ T7003]  __sock_sendmsg+0x221/0x270
[  184.221029][ T7003]  ____sys_sendmsg+0x525/0x7d0
[  184.225848][ T7003]  ? __pfx_____sys_sendmsg+0x10/0x10
[  184.231166][ T7003]  __sys_sendmsg+0x2b0/0x3a0
[  184.235792][ T7003]  ? __pfx___sys_sendmsg+0x10/0x10
[  184.240937][ T7003]  ? vfs_write+0x7c4/0xc90
[  184.245408][ T7003]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  184.251853][ T7003]  ? do_syscall_64+0x100/0x230
[  184.256668][ T7003]  ? do_syscall_64+0xb6/0x230
[  184.261370][ T7003]  do_syscall_64+0xf3/0x230
[  184.265902][ T7003]  ? clear_bhb_loop+0x35/0x90
[  184.270609][ T7003]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  184.276523][ T7003] RIP: 0033:0x7f4b02175bd9
[  184.280967][ T7003] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  184.300611][ T7003] RSP: 002b:00007f4b02eb4048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  184.309064][ T7003] RAX: ffffffffffffffda RBX: 00007f4b02303f60 RCX: 00007f4b02175bd9
[  184.317054][ T7003] RDX: 0000000020040000 RSI: 00000000200004c0 RDI: 0000000000000006
[  184.325038][ T7003] RBP: 00007f4b02eb40a0 R08: 0000000000000000 R09: 0000000000000000
[  184.333036][ T7003] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  184.341027][ T7003] R13: 000000000000000b R14: 00007f4b02303f60 R15: 00007f4b0242fa78
[  184.349044][ T7003]  </TASK>
[  184.829658][   T29] audit: type=1326 audit(1720483445.073:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7011 comm="syz.1.450" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb5f2b75bd9 code=0x7ffc0000
[  184.932201][   T29] audit: type=1326 audit(1720483445.073:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7011 comm="syz.1.450" exe="/root/syz-executor" sig=0 arch=c000003e syscall=318 compat=0 ip=0x7fb5f2b75bd9 code=0x7ffc0000
[  184.981246][   T29] audit: type=1326 audit(1720483445.073:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7011 comm="syz.1.450" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb5f2b75bd9 code=0x7ffc0000
[  185.020171][   T29] audit: type=1326 audit(1720483445.073:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7011 comm="syz.1.450" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb5f2b75bd9 code=0x7ffc0000
[  185.091071][   T29] audit: type=1326 audit(1720483445.073:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7011 comm="syz.1.450" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fb5f2b75bd9 code=0x7ffc0000
[  185.120095][   T29] audit: type=1326 audit(1720483445.073:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7011 comm="syz.1.450" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb5f2b75bd9 code=0x7ffc0000
[  185.206172][   T29] audit: type=1326 audit(1720483445.073:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7011 comm="syz.1.450" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb5f2b75bd9 code=0x7ffc0000
[  185.290646][   T29] audit: type=1326 audit(1720483445.073:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7011 comm="syz.1.450" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7fb5f2b75bd9 code=0x7ffc0000
[  185.314556][   T45] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[  185.506242][   T45] usb 2-1: Using ep0 maxpacket: 8
[  185.518809][   T45] usb 2-1: New USB device found, idVendor=0424, idProduct=7800, bcdDevice=e9.41
[  185.532000][   T45] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  185.578681][   T45] usb 2-1: config 0 descriptor??
[  185.786273][ T7040] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  185.833336][ T7040] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  186.056060][   T45] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  186.255995][   T45] usb 4-1: Using ep0 maxpacket: 8
[  186.269763][   T45] usb 4-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  186.289438][   T45] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  186.347244][   T45] usb 4-1: config 0 descriptor??
[  186.625981][  T785] usb 1-1: new high-speed USB device number 16 using dummy_hcd
[  186.775305][   T45] asix 4-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -32
[  186.786581][   T45] asix 4-1:0.0: probe with driver asix failed with error -32
[  186.806746][ T7062] netlink: 4 bytes leftover after parsing attributes in process `syz.2.465'.
[  186.822359][ T7062] sctp: [Deprecated]: syz.2.465 (pid 7062) Use of int in maxseg socket option.
[  186.822359][ T7062] Use struct sctp_assoc_value instead
[  186.846032][  T785] usb 1-1: Using ep0 maxpacket: 8
[  186.854378][  T785] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  186.877506][  T785] usb 1-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  186.892896][  T785] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  186.903499][  T785] usb 1-1: config 0 descriptor??
[  187.127983][  T785] iowarrior 1-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior1
[  187.137023][   T45] usb 3-1: new high-speed USB device number 18 using dummy_hcd
[  187.337233][   T29] audit: type=1326 audit(1720483447.573:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7066 comm="syz.4.467" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe56a575bd9 code=0x0
[  187.364299][   T45] usb 3-1: config 36 interface 0 altsetting 0 endpoint 0x6 has an invalid bInterval 192, changing to 11
[  187.384328][   T25] usb 1-1: USB disconnect, device number 16
[  187.397524][   T45] usb 3-1: New USB device found, idVendor=6993, idProduct=b001, bcdDevice=3d.29
[  187.414897][   T25] iowarrior 1-1:0.0: I/O-Warror #1 now disconnected
[  187.422921][   T45] usb 3-1: New USB device strings: Mfr=244, Product=0, SerialNumber=16
[  187.436975][   T45] usb 3-1: Manufacturer: syz
[  187.442960][   T45] usb 3-1: SerialNumber: syz
[  187.676371][   T45] usbhid 3-1:36.0: couldn't find an input interrupt endpoint
[  187.694457][   T45] usb 3-1: USB disconnect, device number 18
[  187.699355][ T5150] usb 4-1: USB disconnect, device number 12
[  187.749491][ T7072] FAULT_INJECTION: forcing a failure.
[  187.749491][ T7072] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  187.768533][ T7072] CPU: 1 PID: 7072 Comm: syz.3.468 Not tainted 6.10.0-rc7-syzkaller #0
[  187.776822][ T7072] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  187.786902][ T7072] Call Trace:
[  187.790206][ T7072]  <TASK>
[  187.793164][ T7072]  dump_stack_lvl+0x241/0x360
[  187.797891][ T7072]  ? __pfx_dump_stack_lvl+0x10/0x10
[  187.803137][ T7072]  ? __pfx__printk+0x10/0x10
[  187.807776][ T7072]  ? __pfx_lock_release+0x10/0x10
[  187.812832][ T7072]  should_fail_ex+0x3b0/0x4e0
[  187.817543][ T7072]  _copy_from_user+0x2f/0xe0
[  187.822153][ T7072]  copy_msghdr_from_user+0xae/0x680
[  187.827398][ T7072]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  187.833235][ T7072]  __sys_sendmsg+0x23d/0x3a0
[  187.837841][ T7072]  ? __pfx___sys_sendmsg+0x10/0x10
[  187.842963][ T7072]  ? vfs_write+0x7c4/0xc90
[  187.847416][ T7072]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  187.853757][ T7072]  ? do_syscall_64+0x100/0x230
[  187.858534][ T7072]  ? do_syscall_64+0xb6/0x230
[  187.863327][ T7072]  do_syscall_64+0xf3/0x230
[  187.867866][ T7072]  ? clear_bhb_loop+0x35/0x90
[  187.872550][ T7072]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  187.878454][ T7072] RIP: 0033:0x7f4b02175bd9
[  187.882884][ T7072] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  187.902516][ T7072] RSP: 002b:00007f4b02eb4048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  187.910951][ T7072] RAX: ffffffffffffffda RBX: 00007f4b02303f60 RCX: 00007f4b02175bd9
[  187.918921][ T7072] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000003
[  187.926892][ T7072] RBP: 00007f4b02eb40a0 R08: 0000000000000000 R09: 0000000000000000
[  187.934897][ T7072] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  187.942869][ T7072] R13: 000000000000000b R14: 00007f4b02303f60 R15: 00007f4b0242fa78
[  187.950855][ T7072]  </TASK>
[  188.032358][   T25] usb 2-1: USB disconnect, device number 14
[  188.204702][ T7078] netlink: 8 bytes leftover after parsing attributes in process `syz.0.471'.
[  188.222887][ T7078] netlink: 8 bytes leftover after parsing attributes in process `syz.0.471'.
[  188.974726][    C0] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  189.515888][  T785] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  189.666977][ T7123] No such timeout policy "syz0"
[  189.715841][  T785] usb 4-1: Using ep0 maxpacket: 8
[  189.734439][  T785] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  189.754391][  T785] usb 4-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  189.766632][  T785] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  189.777708][  T785] usb 4-1: config 0 descriptor??
[  189.908622][ T7132] capability: warning: `syz.2.487' uses 32-bit capabilities (legacy support in use)
[  189.945997][   T45] usb 1-1: new high-speed USB device number 17 using dummy_hcd
[  190.019064][  T785] iowarrior 4-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior1
[  190.141802][   T45] usb 1-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  190.173822][   T45] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  190.197360][   T45] usb 1-1: config 0 descriptor??
[  190.215485][   T45] cp210x 1-1:0.0: cp210x converter detected
[  190.285618][ T5098] usb 4-1: USB disconnect, device number 13
[  190.315135][ T5098] iowarrior 4-1:0.0: I/O-Warror #1 now disconnected
[  190.645544][   T45] cp210x 1-1:0.0: failed to get vendor val 0x000e size 3: -32
[  190.733414][   T45] usb 1-1: cp210x converter now attached to ttyUSB0
[  191.667806][ T5098] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  191.908020][ T5098] usb 4-1: config 0 has no interfaces?
[  191.931501][ T5098] usb 4-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  191.970389][ T5098] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  191.999169][ T5098] usb 4-1: config 0 descriptor??
[  192.655905][  T785] usb 3-1: new high-speed USB device number 19 using dummy_hcd
[  192.731823][ T5151] usb 1-1: USB disconnect, device number 17
[  192.796678][ T5151] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  192.864197][ T5151] cp210x 1-1:0.0: device disconnected
[  192.915828][  T785] usb 3-1: Using ep0 maxpacket: 8
[  192.941321][  T785] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  192.994599][  T785] usb 3-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  193.034543][  T785] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  193.080399][  T785] usb 3-1: config 0 descriptor??
[  193.328929][  T785] iowarrior 3-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior1
[  193.580291][ T5098] usb 3-1: USB disconnect, device number 19
[  193.594363][ T5098] iowarrior 3-1:0.0: I/O-Warror #1 now disconnected
[  193.805875][   T25] usb 1-1: new high-speed USB device number 18 using dummy_hcd
[  193.970409][ T7209] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  193.995038][ T7209] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  194.039575][   T25] usb 1-1: Using ep0 maxpacket: 16
[  194.056308][   T25] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 160, changing to 11
[  194.071080][   T25] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 1519, setting to 1024
[  194.116122][   T25] usb 1-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  194.138884][   T25] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  194.169017][   T25] usb 1-1: config 0 descriptor??
[  194.186903][ T7198] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  194.322925][ T5098] usb 4-1: USB disconnect, device number 14
[  194.478349][ T1250] ieee802154 phy0 wpan0: encryption failed: -22
[  194.491302][ T1250] ieee802154 phy1 wpan1: encryption failed: -22
[  194.714196][ T7221] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  194.744235][ T7221] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  194.822976][ T7224] dvmrp2: entered allmulticast mode
[  195.165980][  T785] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[  195.380520][  T785] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  195.414096][  T785] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  195.427507][ T7235] usb usb8: usbfs: process 7235 (syz.4.519) did not claim interface 0 before use
[  195.459749][  T785] usb 4-1: New USB device found, idVendor=05ac, idProduct=022a, bcdDevice= 0.00
[  195.482155][  T785] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  195.518180][  T785] usb 4-1: config 0 descriptor??
[  195.985685][  T785] appletouch 4-1:0.0: Geyser mode initialized.
[  196.045958][  T785] input: appletouch as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/input/input18
[  196.376724][  T746] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  196.398602][  T785] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  196.427014][ T5150] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  196.440096][ T5098] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  196.448651][ T5150] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  196.559704][ T5667] udevd[5667]: Error opening device "/dev/input/event4": Input/output error
[  196.591258][ T5667] udevd[5667]: Unable to EVIOCGABS device "/dev/input/event4"
[  196.602066][   T25] usbhid 1-1:0.0: can't add hid device: -71
[  196.638369][   T25] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  196.657993][ T5667] udevd[5667]: Unable to EVIOCGABS device "/dev/input/event4"
[  196.722737][   T25] usb 1-1: USB disconnect, device number 18
[  197.196974][   T25] usb 1-1: new high-speed USB device number 19 using dummy_hcd
[  197.234227][ T7266] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  197.243428][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  197.252818][ T7266] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  197.263767][  T746] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  197.298097][ T7265] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  197.405877][   T25] usb 1-1: Using ep0 maxpacket: 8
[  197.413570][   T25] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  197.437245][   T25] usb 1-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  197.467220][   T25] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  197.487173][ T7268] bridge0: port 2(bridge_slave_1) entered disabled state
[  197.495374][   T25] usb 1-1: config 0 descriptor??
[  197.495903][ T7268] bridge0: port 1(bridge_slave_0) entered disabled state
[  197.769334][   T25] iowarrior 1-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior1
[  197.797162][   T45] usb 4-1: USB disconnect, device number 15
[  197.887661][   T45] appletouch 4-1:0.0: input: appletouch disconnected
[  198.030362][ T5150] usb 1-1: USB disconnect, device number 19
[  198.093034][ T5150] iowarrior 1-1:0.0: I/O-Warror #1 now disconnected
[  198.159570][ T7282] FAULT_INJECTION: forcing a failure.
[  198.159570][ T7282] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  198.222863][ T7282] CPU: 0 PID: 7282 Comm: syz.1.537 Not tainted 6.10.0-rc7-syzkaller #0
[  198.231173][ T7282] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  198.241262][ T7282] Call Trace:
[  198.244584][ T7282]  <TASK>
[  198.247543][ T7282]  dump_stack_lvl+0x241/0x360
[  198.252259][ T7282]  ? __pfx_dump_stack_lvl+0x10/0x10
[  198.257508][ T7282]  ? __pfx__printk+0x10/0x10
[  198.262144][ T7282]  ? __pfx_lock_release+0x10/0x10
[  198.267217][ T7282]  should_fail_ex+0x3b0/0x4e0
[  198.271942][ T7282]  _copy_from_iter+0x1f6/0x1960
[  198.276839][ T7282]  ? __virt_addr_valid+0x183/0x520
[  198.281998][ T7282]  ? __pfx_lock_release+0x10/0x10
[  198.287067][ T7282]  ? __alloc_skb+0x28f/0x440
[  198.291692][ T7282]  ? __pfx__copy_from_iter+0x10/0x10
[  198.297026][ T7282]  ? __virt_addr_valid+0x183/0x520
[  198.302186][ T7282]  ? __virt_addr_valid+0x183/0x520
[  198.307343][ T7282]  ? __virt_addr_valid+0x44e/0x520
[  198.312505][ T7282]  ? __check_object_size+0x49c/0x900
[  198.317842][ T7282]  netlink_sendmsg+0x743/0xcb0
[  198.322657][ T7282]  ? __pfx_netlink_sendmsg+0x10/0x10
[  198.327993][ T7282]  ? __import_iovec+0x536/0x820
[  198.332881][ T7282]  ? aa_sock_msg_perm+0x91/0x160
[  198.333542][ T7284] dvmrp2: entered allmulticast mode
[  198.337846][ T7282]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  198.337874][ T7282]  ? security_socket_sendmsg+0x87/0xb0
[  198.337905][ T7282]  ? __pfx_netlink_sendmsg+0x10/0x10
[  198.337936][ T7282]  __sock_sendmsg+0x221/0x270
[  198.337976][ T7282]  ____sys_sendmsg+0x525/0x7d0
[  198.338016][ T7282]  ? __pfx_____sys_sendmsg+0x10/0x10
[  198.374123][ T7282]  __sys_sendmsg+0x2b0/0x3a0
[  198.378758][ T7282]  ? __pfx___sys_sendmsg+0x10/0x10
[  198.383902][ T7282]  ? vfs_write+0x7c4/0xc90
[  198.388418][ T7282]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  198.394787][ T7282]  ? do_syscall_64+0x100/0x230
[  198.399591][ T7282]  ? do_syscall_64+0xb6/0x230
[  198.404327][ T7282]  do_syscall_64+0xf3/0x230
[  198.408885][ T7282]  ? clear_bhb_loop+0x35/0x90
[  198.413601][ T7282]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  198.419542][ T7282] RIP: 0033:0x7fb5f2b75bd9
[  198.423989][ T7282] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  198.443641][ T7282] RSP: 002b:00007fb5f388a048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  198.452094][ T7282] RAX: ffffffffffffffda RBX: 00007fb5f2d03f60 RCX: 00007fb5f2b75bd9
[  198.460102][ T7282] RDX: 0000000000000000 RSI: 00000000200002c0 RDI: 0000000000000003
[  198.468123][ T7282] RBP: 00007fb5f388a0a0 R08: 0000000000000000 R09: 0000000000000000
[  198.476126][ T7282] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  198.484131][ T7282] R13: 000000000000000b R14: 00007fb5f2d03f60 R15: 00007fb5f2e2fa78
[  198.492158][ T7282]  </TASK>
[  198.495327][    C0] vkms_vblank_simulate: vblank timer overrun
[  198.842542][ T7293] binder: 7287:7293 ioctl c0306201 0 returned -14
[  199.320124][   T29] audit: type=1326 audit(1720483459.563:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7304 comm="syz.4.544" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe56a575bd9 code=0x7ffc0000
[  199.403205][   T29] audit: type=1326 audit(1720483459.563:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7304 comm="syz.4.544" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe56a575bd9 code=0x7ffc0000
[  199.492320][   T29] audit: type=1326 audit(1720483459.563:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7304 comm="syz.4.544" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fe56a575bd9 code=0x7ffc0000
[  199.621892][   T29] audit: type=1326 audit(1720483459.563:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7304 comm="syz.4.544" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe56a575bd9 code=0x7ffc0000
[  199.734771][   T29] audit: type=1326 audit(1720483459.563:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7304 comm="syz.4.544" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe56a575bd9 code=0x7ffc0000
[  199.831646][   T29] audit: type=1326 audit(1720483459.563:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7304 comm="syz.4.544" exe="/root/syz-executor" sig=0 arch=c000003e syscall=32 compat=0 ip=0x7fe56a575bd9 code=0x7ffc0000
[  199.853671][    C0] vkms_vblank_simulate: vblank timer overrun
[  199.912301][ T7316] netlink: 'syz.2.546': attribute type 2 has an invalid length.
[  199.927539][   T29] audit: type=1326 audit(1720483459.563:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7304 comm="syz.4.544" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe56a575bd9 code=0x7ffc0000
[  200.015823][   T29] audit: type=1326 audit(1720483459.563:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7304 comm="syz.4.544" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fe56a575bd9 code=0x7ffc0000
[  200.037745][    C0] vkms_vblank_simulate: vblank timer overrun
[  200.083571][ T7319] netlink: 52 bytes leftover after parsing attributes in process `syz.4.548'.
[  200.148409][   T29] audit: type=1326 audit(1720483459.563:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7304 comm="syz.4.544" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe56a575bd9 code=0x7ffc0000
[  200.170536][    C0] vkms_vblank_simulate: vblank timer overrun
[  200.212090][ T7300] syz.1.542 (7300): drop_caches: 2
[  200.310759][   T29] audit: type=1326 audit(1720483459.563:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7304 comm="syz.4.544" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe56a575bd9 code=0x7ffc0000
[  200.566928][ T7306] syz.1.542 (7306): drop_caches: 2
[  200.755952][   T45] usb 3-1: new high-speed USB device number 20 using dummy_hcd
[  200.969239][   T45] usb 3-1: Using ep0 maxpacket: 8
[  201.025070][   T45] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  201.066801][ T5098] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[  201.079351][   T45] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  201.131710][   T45] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  201.149396][   T45] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  201.173547][   T45] usb 3-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58
[  201.201991][   T45] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  201.254605][   T45] usb 3-1: config 0 descriptor??
[  201.287704][ T7346] dvmrp2: entered allmulticast mode
[  201.297955][ T5098] usb 2-1: Using ep0 maxpacket: 8
[  201.311600][ T5098] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  201.345652][ T5098] usb 2-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  201.401316][ T5098] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  201.450873][ T5098] usb 2-1: config 0 descriptor??
[  201.499924][  T746] net_ratelimit: 13 callbacks suppressed
[  201.499999][  T746] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  201.521719][   T45] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  201.537064][ T5150] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  201.696846][ T5098] iowarrior 2-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior1
[  201.704420][ T7354] fuse: Invalid rootmode
[  201.712802][ T7354] fuse: Unknown parameter '0xffffffffffffffff'
[  201.817491][ T5098] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  201.955402][  T785] usb 2-1: USB disconnect, device number 15
[  201.983120][  T785] iowarrior 2-1:0.0: I/O-Warror #1 now disconnected
[  202.859001][ T5164] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  202.933952][ T7379] netlink: 12 bytes leftover after parsing attributes in process `syz.1.564'.
[  203.091300][ T7382] netlink: 36 bytes leftover after parsing attributes in process `syz.1.564'.
[  203.273553][ T5164] usb 3-1: USB disconnect, device number 20
[  203.418802][ T2796] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  203.427512][ T2796] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  203.437993][ T5098] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  203.447625][  T785] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  203.618147][ T7386] netlink: 12 bytes leftover after parsing attributes in process `syz.2.567'.
[  203.896910][ T5164] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  203.909028][ T7396] fuse: Invalid rootmode
[  203.922011][ T7396] fuse: Unknown parameter '0xffffffffffffffff'
[  204.004694][ T7404] bridge0: port 2(bridge_slave_1) entered disabled state
[  204.012996][ T7404] bridge0: port 1(bridge_slave_0) entered disabled state
[  204.426054][ T5164] usb 1-1: new high-speed USB device number 20 using dummy_hcd
[  204.626859][ T5150] usb 3-1: new high-speed USB device number 21 using dummy_hcd
[  204.641251][ T5164] usb 1-1: Using ep0 maxpacket: 8
[  204.671366][ T5164] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  204.766664][ T5164] usb 1-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  204.806145][ T5164] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  204.839255][ T5150] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  204.885664][ T5164] usb 1-1: config 0 descriptor??
[  204.891450][ T5150] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  204.926982][ T5150] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  204.962968][ T5150] usb 3-1: Product: syz
[  204.988526][ T5150] usb 3-1: Manufacturer: syz
[  205.009669][ T5150] usb 3-1: SerialNumber: syz
[  205.108658][ T5164] iowarrior 1-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior1
[  205.397587][ T5098] usb 1-1: USB disconnect, device number 20
[  205.434520][ T5150] cdc_ncm 3-1:1.0: bind() failure
[  205.450290][ T7434] netlink: 12 bytes leftover after parsing attributes in process `syz.1.580'.
[  205.486744][ T5150] cdc_ncm 3-1:1.1: probe with driver cdc_ncm failed with error -71
[  205.488602][ T5098] iowarrior 1-1:0.0: I/O-Warror #1 now disconnected
[  205.525572][ T5150] cdc_mbim 3-1:1.1: probe with driver cdc_mbim failed with error -71
[  205.596284][ T5150] usbtest 3-1:1.1: probe with driver usbtest failed with error -71
[  205.674251][ T5150] usb 3-1: USB disconnect, device number 21
[  205.743948][ T7437] netlink: 36 bytes leftover after parsing attributes in process `syz.1.580'.
[  206.684065][ T7463] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  206.720031][ T7463] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  206.927775][ T7477] dvmrp2: entered allmulticast mode
[  207.036217][ T5098] net_ratelimit: 3 callbacks suppressed
[  207.036238][ T5098] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  207.086247][   T25] usb 3-1: new high-speed USB device number 22 using dummy_hcd
[  207.244966][ T7483] trusted_key: syz.3.596 sent an empty control message without MSG_MORE.
[  207.260586][ T1281] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  207.276569][ T5168] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  207.302082][ T5150] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  207.315917][   T25] usb 3-1: Using ep0 maxpacket: 8
[  207.326033][ T5168] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  207.349176][   T25] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  207.395961][   T25] usb 3-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  207.455296][   T25] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  207.541363][   T25] usb 3-1: config 0 descriptor??
[  207.772622][   T25] iowarrior 3-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior1
[  208.044927][   T25] usb 3-1: USB disconnect, device number 22
[  208.067786][ T5164] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  208.091831][   T25] iowarrior 3-1:0.0: I/O-Warror #1 now disconnected
[  208.619266][ T5097] Bluetooth: hci2: command tx timeout
[  208.861730][ T7523] geneve1: entered promiscuous mode
[  208.867631][ T7520] usb usb8: usbfs: process 7520 (syz.4.609) did not claim interface 0 before use
[  209.109276][   T25] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  209.182191][   T12] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  209.182687][   T12] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  209.207093][   T25] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  209.262533][ T7536] netlink: 8 bytes leftover after parsing attributes in process `syz.3.616'.
[  210.249438][   T45] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[  210.307134][ T7582] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  210.465936][   T45] usb 4-1: Using ep0 maxpacket: 8
[  210.484925][   T45] usb 4-1: New USB device found, idVendor=0c10, idProduct=0000, bcdDevice=bd.3b
[  210.502475][   T45] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  210.552839][   T45] usb 4-1: config 0 descriptor??
[  210.552922][ T5168] usb 3-1: new high-speed USB device number 23 using dummy_hcd
[  210.788645][ T5168] usb 3-1: New USB device found, idVendor=2833, idProduct=0211, bcdDevice=54.5a
[  210.821958][ T5168] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  210.827339][ T7573] geneve0: entered promiscuous mode
[  210.863301][ T5168] usb 3-1: config 0 descriptor??
[  210.868738][ T7573] geneve0: left promiscuous mode
[  210.962272][ T5150] usb 4-1: USB disconnect, device number 16
[  211.139203][ T5168] usb 3-1: language id specifier not provided by device, defaulting to English
[  211.530754][ T7607] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  211.553458][ T5168] usb 3-1: Found UVC 0.00 device <unnamed> (2833:0211)
[  211.566935][ T7607] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  211.589563][ T5168] usb 3-1: No valid video chain found.
[  211.605538][ T5168] usb 3-1: USB disconnect, device number 23
[  211.630499][ T7607] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  211.683033][ T7607] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  211.746381][ T7617] vhci_hcd: invalid port number 0
[  211.752601][  T785] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  211.958090][  T785] usb 2-1: config 0 has an invalid interface number: 81 but max is 1
[  211.958125][  T785] usb 2-1: config 0 has no interface number 1
[  211.958185][  T785] usb 2-1: New USB device found, idVendor=05c6, idProduct=9008, bcdDevice=a9.1a
[  211.958213][  T785] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  211.963668][  T785] usb 2-1: config 0 descriptor??
[  211.981830][  T785] usb 2-1: unknown number of interfaces: 2
[  212.171026][  T785] usb 2-1: USB disconnect, device number 16
[  212.232206][   T25] net_ratelimit: 4 callbacks suppressed
[  212.232223][   T25] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  212.313534][ T7634] netlink: 16 bytes leftover after parsing attributes in process `syz.2.640'.
[  212.376878][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  212.637002][ T7654] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  212.652249][  T785] usb 1-1: new full-speed USB device number 21 using dummy_hcd
[  212.665028][ T7654] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  212.680103][ T7654] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  212.692459][ T7654] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  212.721342][ T7654] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  212.743521][ T7654] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  212.765516][ T7654] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  212.777428][ T7654] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  212.794056][ T7654] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  212.815338][ T7654] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  212.842496][ T7654] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  212.862244][ T7654] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  212.893115][  T785] usb 1-1: unable to get BOS descriptor or descriptor too short
[  212.911012][  T785] usb 1-1: unable to read config index 0 descriptor/start: -71
[  212.926706][  T785] usb 1-1: can't read configurations, error -71
[  212.999226][ T7660] [U] 
[  213.002470][ T7660] [U] 
[  213.005196][ T7660] [U] 
[  213.007920][ T7660] [U] 
[  213.011704][ T7660] [U] 
[  213.014440][ T7660] [U] 
[  213.017164][ T7660] [U] 
[  213.017931][   T11] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  213.019865][ T7660] [U] 
[  213.021853][ T7660] [U] 
[  213.033385][ T7660] [U] 
[  213.036118][ T7660] [U] 
[  213.039474][ T5150] usb 4-1: new high-speed USB device number 17 using dummy_hcd
[  213.048418][   T25] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  213.059116][ T7660] [U] 
[  213.062420][ T7662] mmap: syz.1.647 (7662) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  213.075480][ T5151] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  213.213095][   T29] kauditd_printk_skb: 17 callbacks suppressed
[  213.213115][   T29] audit: type=1326 audit(1720483473.453:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7663 comm="syz.2.649" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1a03d75bd9 code=0x0
[  213.246043][ T5150] usb 4-1: Using ep0 maxpacket: 32
[  213.256227][   T45] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  213.272299][ T5150] usb 4-1: New USB device found, idVendor=077d, idProduct=0410, bcdDevice=a3.b6
[  213.281630][ T5150] usb 4-1: New USB device strings: Mfr=1, Product=18, SerialNumber=3
[  213.292657][ T5150] usb 4-1: Product: syz
[  213.296960][ T5150] usb 4-1: Manufacturer: syz
[  213.301651][ T5150] usb 4-1: SerialNumber: syz
[  213.311322][ T5150] usb 4-1: config 0 descriptor??
[  213.330077][ T5150] powermate 4-1:0.0: probe with driver powermate failed with error -22
[  213.415903][   T25] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[  213.529441][   T45] usb 4-1: USB disconnect, device number 17
[  213.608591][   T25] usb 2-1: Using ep0 maxpacket: 32
[  213.627303][   T25] usb 2-1: config 0 has an invalid interface number: 39 but max is 0
[  213.650396][   T25] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  213.667162][   T25] usb 2-1: config 0 has no interface number 0
[  213.675239][   T25] usb 2-1: config 0 interface 39 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 12
[  213.690428][   T25] usb 2-1: New USB device found, idVendor=257a, idProduct=1609, bcdDevice=e7.c8
[  213.700115][   T25] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  213.713725][   T25] usb 2-1: config 0 descriptor??
[  213.743855][   T25] option 2-1:0.39: GSM modem (1-port) converter detected
[  214.296252][   T25] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  214.514909][ T7695] FAULT_INJECTION: forcing a failure.
[  214.514909][ T7695] name failslab, interval 1, probability 0, space 0, times 0
[  214.547971][ T7693] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  214.558625][ T7695] CPU: 0 PID: 7695 Comm: syz.0.661 Not tainted 6.10.0-rc7-syzkaller #0
[  214.567010][ T7695] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  214.577085][ T7695] Call Trace:
[  214.580381][ T7695]  <TASK>
[  214.583336][ T7695]  dump_stack_lvl+0x241/0x360
[  214.588113][ T7695]  ? __pfx_dump_stack_lvl+0x10/0x10
[  214.593355][ T7695]  ? __pfx__printk+0x10/0x10
[  214.597991][ T7695]  ? __pfx___might_resched+0x10/0x10
[  214.603322][ T7695]  should_fail_ex+0x3b0/0x4e0
[  214.608039][ T7695]  ? kobject_create_and_add+0x5b/0x240
[  214.613547][ T7695]  should_failslab+0x9/0x20
[  214.618095][ T7695]  kmalloc_trace_noprof+0x6c/0x2c0
[  214.623257][ T7695]  kobject_create_and_add+0x5b/0x240
[  214.628587][ T7695]  ? __raw_spin_lock_init+0x45/0x100
[  214.633916][ T7695]  iommu_group_alloc+0x234/0x390
[  214.638920][ T7695]  __iommu_probe_device+0x4ce/0x1150
[  214.644432][ T7695]  ? iommu_bus_notifier+0x82/0x2d0
[  214.649596][ T7695]  ? __pfx___iommu_probe_device+0x10/0x10
[  214.655355][ T7695]  ? __pfx_lock_acquire+0x10/0x10
[  214.660420][ T7695]  ? __pfx_down_read+0x10/0x10
[  214.665231][ T7695]  iommu_bus_notifier+0x8c/0x2d0
[  214.670231][ T7695]  notifier_call_chain+0x19f/0x3e0
[  214.675390][ T7695]  blocking_notifier_call_chain+0x69/0x90
[  214.681155][ T7695]  bus_notify+0x141/0x180
[  214.685568][ T7695]  device_add+0x631/0xbf0
[  214.689946][ T7695]  iommufd_test+0x1abf/0x39c0
[  214.694675][ T7695]  ? __pfx_iommufd_test+0x10/0x10
[  214.699740][ T7695]  ? __might_fault+0xaa/0x120
[  214.704475][ T7695]  ? __pfx_lock_release+0x10/0x10
[  214.709578][ T7695]  ? __might_fault+0xc6/0x120
[  214.714306][ T7695]  iommufd_fops_ioctl+0x4d9/0x5a0
[  214.719380][ T7695]  ? __pfx_iommufd_fops_ioctl+0x10/0x10
[  214.725017][ T7695]  ? bpf_lsm_file_ioctl+0x9/0x10
[  214.729993][ T7695]  ? security_file_ioctl+0x87/0xb0
[  214.735135][ T7695]  ? __pfx_iommufd_fops_ioctl+0x10/0x10
[  214.740767][ T7695]  __se_sys_ioctl+0xfc/0x170
[  214.745393][ T7695]  do_syscall_64+0xf3/0x230
[  214.749952][ T7695]  ? clear_bhb_loop+0x35/0x90
[  214.754682][ T7695]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  214.760620][ T7695] RIP: 0033:0x7f85a6775bd9
[  214.765068][ T7695] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  214.784716][ T7695] RSP: 002b:00007f85a74ca048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  214.793156][ T7695] RAX: ffffffffffffffda RBX: 00007f85a6903f60 RCX: 00007f85a6775bd9
[  214.801173][ T7695] RDX: 0000000020000180 RSI: 0000000000003ba0 RDI: 0000000000000003
[  214.809185][ T7695] RBP: 00007f85a74ca0a0 R08: 0000000000000000 R09: 0000000000000000
[  214.817182][ T7695] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  214.825175][ T7695] R13: 000000000000000b R14: 00007f85a6903f60 R15: 00007f85a6a2fa78
[  214.833194][ T7695]  </TASK>
[  214.947734][   T11] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  214.957125][  T785] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  214.967700][  T785] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  215.391582][ T7715] netlink: 24 bytes leftover after parsing attributes in process `syz.4.669'.
[  215.441785][ T7715] sch_tbf: burst 88 is lower than device veth5 mtu (1514) !
[  215.849518][ T7729] netlink: 8 bytes leftover after parsing attributes in process `syz.4.675'.
[  215.881444][ T7728] fuse: Invalid rootmode
[  215.906788][ T7728] fuse: Unknown parameter '0xffffffffffffffff'
[  216.217809][   T25] usb 2-1: USB disconnect, device number 17
[  216.243477][   T25] option 2-1:0.39: device disconnected
[  217.011278][ T7764] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  217.028192][ T7762] fuse: Invalid rootmode
[  217.044609][ T7764] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  217.055441][ T7762] fuse: Unknown parameter '0xffffffffffffffff'
[  217.418139][ T5098] net_ratelimit: 7 callbacks suppressed
[  217.418157][ T5098] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  217.449947][ T7771] [U] 
[  217.452723][ T7771] [U] 
[  217.455460][ T7771] [U] 
[  217.458195][ T7771] [U] 
[  217.496562][ T7771] [U] 
[  217.499315][ T7771] [U] 
[  217.502041][ T7771] [U] 
[  217.504770][ T7771] [U] 
[  217.546118][ T7771] [U] 
[  217.548869][ T7771] [U] 
[  217.551584][ T7771] [U] 
[  217.554302][ T7771] [U] 
[  217.610472][ T7771] [U] 
[  217.613238][ T7771] [U] 
[  217.615971][ T7771] [U] 
[  217.618703][ T7771] [U] 
[  217.725987][ T7771] [U] 
[  217.728777][ T7771] [U] 
[  217.731497][ T7771] [U] 
[  217.734209][ T7771] [U] 
[  217.742818][ T7771] [U] 
[  217.745592][ T7771] [U] 
[  217.748317][ T7771] [U] 
[  217.751038][ T7771] [U] 
[  217.757767][ T7771] [U] 
[  217.760515][ T7771] [U] 
[  217.763238][ T7771] [U] 
[  217.765963][ T7771] [U] 
[  217.826527][ T7771] [U] 
[  217.829291][ T7771] [U] 
[  217.832024][ T7771] [U] 
[  217.834762][ T7771] [U] 
[  217.839397][ T7771] [U] 
[  217.842172][ T7771] [U] 
[  217.844900][ T7771] [U] 
[  217.847639][ T7771] [U] 
[  217.851141][ T7771] [U] 
[  217.853881][ T7771] [U] 
[  217.856603][ T7771] [U] 
[  217.859336][ T7771] [U] 
[  217.864675][ T7771] [U] 
[  217.867425][ T7771] [U] 
[  217.870163][ T7771] [U] 
[  217.872891][ T7771] [U] 
[  217.916126][ T7771] [U] 
[  217.918876][ T7771] [U] 
[  217.921593][ T7771] [U] 
[  217.924316][ T7771] [U] 
[  217.959178][ T7771] [U] 
[  217.961936][ T7771] [U] 
[  217.964677][ T7771] [U] 
[  217.967406][ T7771] [U] 
[  218.026546][ T7771] [U] 
[  218.029306][ T7771] [U] 
[  218.032035][ T7771] [U] 
[  218.034780][ T7771] [U] 
[  218.072972][ T7771] [U] 
[  218.075735][ T7771] [U] 
[  218.078478][ T7771] [U] 
[  218.081211][ T7771] [U] 
[  218.084727][ T7771] [U] 
[  218.087472][ T7771] [U] 
[  218.090199][ T7771] [U] 
[  218.092930][ T7771] [U] 
[  218.121465][ T7771] [U] 
[  218.124201][ T7771] [U] 
[  218.126904][ T7771] [U] 
[  218.129617][ T7771] [U] 
[  218.165968][ T7771] [U] 
[  218.168815][ T7771] [U] 
[  218.171545][ T7771] [U] 
[  218.174275][ T7771] [U] 
[  218.206064][ T7771] [U] 
[  218.208816][ T7771] [U] 
[  218.211546][ T7771] [U] 
[  218.214275][ T7771] [U] 
[  218.239743][ T7771] [U] 
[  218.242482][ T7771] [U] 
[  218.245201][ T7771] [U] 
[  218.247926][ T7771] [U] 
[  218.284886][ T7807] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  218.302358][ T7771] [U] 
[  218.305109][ T7771] [U] 
[  218.307816][ T7771] [U] 
[  218.310518][ T7771] [U] 
[  218.364658][ T7771] [U] 
[  218.465315][ T5164] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  218.652574][ T7816] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  218.659634][ T7818] program syz.2.707 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  218.886371][    C1] sd 0:0:1:0: [sda] tag#1095 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s
[  218.896996][    C1] sd 0:0:1:0: [sda] tag#1095 CDB: Write(6) 0a 00 00 00 00 00
[  219.176618][ T5150] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  219.306492][ T5168] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[  219.393333][ T7841] netlink: 104 bytes leftover after parsing attributes in process `syz.3.715'.
[  219.413128][ T7841] netlink: 'syz.3.715': attribute type 1 has an invalid length.
[  219.510860][ T5168] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  219.511851][   T25] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  219.536548][ T5164] usb 3-1: new high-speed USB device number 24 using dummy_hcd
[  219.553327][ T5168] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  219.576878][ T5168] usb 2-1: Product: syz
[  219.581085][ T5168] usb 2-1: Manufacturer: syz
[  219.600609][ T5168] usb 2-1: SerialNumber: syz
[  219.644479][ T5168] usb 2-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  219.701039][  T785] usb 2-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  219.736252][ T5164] usb 3-1: Using ep0 maxpacket: 8
[  219.747464][ T5164] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  219.762825][ T5164] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2
[  219.785905][ T5164] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[  219.835984][ T5164] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[  219.905937][ T5164] usb 3-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  219.945247][ T5164] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  219.971965][ T5164] hub 3-1:1.0: bad descriptor, ignoring hub
[  219.989096][ T5164] hub 3-1:1.0: probe with driver hub failed with error -5
[  220.003670][ T5164] cdc_wdm 3-1:1.0: skipping garbage
[  220.011443][ T5164] cdc_wdm 3-1:1.0: skipping garbage
[  220.031128][ T5164] cdc_wdm 3-1:1.0: cdc-wdm1: USB WDM device
[  220.107692][ T5164] cdc_wdm 3-1:1.0: Unknown control protocol
[  220.217388][ T7859] binder: 7855:7859 ioctl c0306201 0 returned -14
[  220.310069][   T25] usb 3-1: USB disconnect, device number 24
[  220.351033][ T7856] binder: BINDER_SET_CONTEXT_MGR already set
[  220.420378][ T7856] binder: 7855:7856 ioctl 4018620d 20000040 returned -16
[  220.538199][ T5098] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  220.697129][ T1281] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  220.710864][ T5098] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  220.859819][   T25] usb 3-1: new high-speed USB device number 25 using dummy_hcd
[  220.966731][  T785] ath9k_htc 2-1:1.0: ath9k_htc: Target is unresponsive
[  221.048052][ T5097] Bluetooth: hci2: Ignoring connect complete event for invalid link type
[  221.135870][   T25] usb 3-1: Using ep0 maxpacket: 8
[  221.155904][   T25] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  221.155962][   T25] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2
[  221.156016][   T25] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[  221.156047][   T25] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[  221.156127][   T25] usb 3-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  221.156156][   T25] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  221.201697][   T25] hub 3-1:1.0: bad descriptor, ignoring hub
[  221.201732][   T25] hub 3-1:1.0: probe with driver hub failed with error -5
[  221.202348][   T25] cdc_wdm 3-1:1.0: skipping garbage
[  221.202365][   T25] cdc_wdm 3-1:1.0: skipping garbage
[  221.254160][   T25] cdc_wdm 3-1:1.0: cdc-wdm1: USB WDM device
[  221.254185][   T25] cdc_wdm 3-1:1.0: Unknown control protocol
[  221.331684][ T7878] netlink: 'syz.4.724': attribute type 1 has an invalid length.
[  221.566021][   T29] audit: type=1326 audit(1720483481.733:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7881 comm="syz.3.726" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4b02175bd9 code=0x7ffc0000
[  221.566119][   T29] audit: type=1326 audit(1720483481.733:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7881 comm="syz.3.726" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4b02175bd9 code=0x7ffc0000
[  221.566170][   T29] audit: type=1326 audit(1720483481.743:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7881 comm="syz.3.726" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f4b02175bd9 code=0x7ffc0000
[  221.566246][   T29] audit: type=1326 audit(1720483481.743:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7881 comm="syz.3.726" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4b02175bd9 code=0x7ffc0000
[  222.072679][ T5097] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0
[  222.072812][ T5097] Bluetooth: hci1: Injecting HCI hardware error event
[  222.077051][ T5111] Bluetooth: hci1: hardware error 0x00
[  222.245572][ T5164] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  222.608553][ T7888] FAULT_INJECTION: forcing a failure.
[  222.608553][ T7888] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  222.608617][ T7888] CPU: 1 PID: 7888 Comm: syz.3.728 Not tainted 6.10.0-rc7-syzkaller #0
[  222.608642][ T7888] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  222.608657][ T7888] Call Trace:
[  222.608667][ T7888]  <TASK>
[  222.608678][ T7888]  dump_stack_lvl+0x241/0x360
[  222.608732][ T7888]  ? __pfx_dump_stack_lvl+0x10/0x10
[  222.608780][ T7888]  ? __pfx__printk+0x10/0x10
[  222.608812][ T7888]  ? __pfx_lock_release+0x10/0x10
[  222.608844][ T7888]  should_fail_ex+0x3b0/0x4e0
[  222.608878][ T7888]  _copy_from_user+0x2f/0xe0
[  222.608903][ T7888]  copy_msghdr_from_user+0xae/0x680
[  222.608936][ T7888]  ? __pfx___might_resched+0x10/0x10
[  222.608966][ T7888]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  222.609007][ T7888]  ? __might_fault+0xaa/0x120
[  222.609043][ T7888]  do_recvmmsg+0x40f/0xae0
[  222.609076][ T7888]  ? __pfx_lock_release+0x10/0x10
[  222.609102][ T7888]  ? __pfx_do_recvmmsg+0x10/0x10
[  222.609148][ T7888]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  222.609175][ T7888]  ? ksys_write+0x23e/0x2c0
[  222.609200][ T7888]  ? __pfx_lock_release+0x10/0x10
[  222.609230][ T7888]  ? vfs_write+0x7c4/0xc90
[  222.609260][ T7888]  ? __mutex_unlock_slowpath+0x21d/0x750
[  222.609301][ T7888]  ? __fget_files+0x3f6/0x470
[  222.609343][ T7888]  __x64_sys_recvmmsg+0x199/0x250
[  222.609375][ T7888]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  222.609404][ T7888]  ? do_syscall_64+0x100/0x230
[  222.609437][ T7888]  ? do_syscall_64+0xb6/0x230
[  222.609469][ T7888]  do_syscall_64+0xf3/0x230
[  222.609498][ T7888]  ? clear_bhb_loop+0x35/0x90
[  222.609521][ T7888]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  222.609550][ T7888] RIP: 0033:0x7f4b02175bd9
[  222.609568][ T7888] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  222.609586][ T7888] RSP: 002b:00007f4b02eb4048 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  222.609611][ T7888] RAX: ffffffffffffffda RBX: 00007f4b02303f60 RCX: 00007f4b02175bd9
[  222.609627][ T7888] RDX: 0000000000000a0d RSI: 00000000200066c0 RDI: 0000000000000003
[  222.609641][ T7888] RBP: 00007f4b02eb40a0 R08: 0000000000000000 R09: 0000000000000000
[  222.609655][ T7888] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  222.609668][ T7888] R13: 000000000000000b R14: 00007f4b02303f60 R15: 00007f4b0242fa78
[  222.609699][ T7888]  </TASK>
[  222.726236][   T25] usb 3-1: USB disconnect, device number 25
[  222.888010][ T7892] netlink: 199356 bytes leftover after parsing attributes in process `syz.3.730'.
[  222.888246][ T7892] netlink: 4 bytes leftover after parsing attributes in process `syz.3.730'.
[  223.327616][   T25] usb 4-1: new high-speed USB device number 18 using dummy_hcd
[  223.505922][   T25] usb 4-1: Using ep0 maxpacket: 8
[  223.511437][   T25] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  223.511520][   T25] usb 4-1: New USB device found, idVendor=046d, idProduct=c295, bcdDevice= 0.00
[  223.511548][   T25] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  223.521069][   T25] usb 4-1: config 0 descriptor??
[  223.541944][   T25] usbhid 4-1:0.0: couldn't find an input interrupt endpoint
[  223.745139][ T7897] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  223.748404][ T7897] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  223.757288][ T5097] Bluetooth: hci0: Invalid handle: 0x756f > 0x0eff
[  225.816692][ T2836] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  231.589698][ T2796] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  231.590525][   T25] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  232.193593][ T5097] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  232.195553][ T5097] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  232.198632][ T5097] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  232.200265][ T5097] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  232.201218][ T5097] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  232.206299][ T5097] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  232.502622][ T5168] usb 2-1: USB disconnect, device number 18
[  232.551090][ T5151] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  232.626428][ T5098] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  232.640354][   T45] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  232.703171][ T5097] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  232.713199][ T5097] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  232.742535][ T5097] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  232.753356][ T5097] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  232.820308][ T5097] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[  232.830944][ T5097] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  232.830984][ T5193] usb 4-1: USB disconnect, device number 18
[  232.913389][ T5150] usb 5-1: USB disconnect, device number 8
[  232.940067][ T5150] iowarrior 5-1:0.0: I/O-Warror #0 now disconnected
[  233.026590][   T53] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  233.038903][  T785] ath9k_htc: Failed to initialize the device
[  233.045640][   T53] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  233.054198][   T53] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  233.063180][   T53] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  233.071585][   T53] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[  233.079535][   T53] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  233.118546][ T5168] usb 2-1: ath9k_htc: USB layer deinitialized
[  233.736330][   T25] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  233.751599][ T5097] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  233.761224][ T5097] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  233.773652][ T5097] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  233.789807][ T1094] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  233.801794][ T5097] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  233.813945][ T5097] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  233.824382][ T5097] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  233.971186][ T1094] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  233.995270][ T7929] FAULT_INJECTION: forcing a failure.
[  233.995270][ T7929] name failslab, interval 1, probability 0, space 0, times 0
[  234.010248][ T7929] CPU: 1 PID: 7929 Comm: syz.2.739 Not tainted 6.10.0-rc7-syzkaller #0
[  234.018530][ T7929] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  234.028617][ T7929] Call Trace:
[  234.031947][ T7929]  <TASK>
[  234.034931][ T7929]  dump_stack_lvl+0x241/0x360
[  234.039662][ T7929]  ? __pfx_dump_stack_lvl+0x10/0x10
[  234.044913][ T7929]  ? __pfx__printk+0x10/0x10
[  234.049547][ T7929]  ? __pfx___might_resched+0x10/0x10
[  234.054884][ T7929]  should_fail_ex+0x3b0/0x4e0
[  234.059618][ T7929]  ? mas_alloc_nodes+0x26c/0x840
[  234.064594][ T7929]  should_failslab+0x9/0x20
[  234.069143][ T7929]  kmem_cache_alloc_noprof+0x6c/0x2a0
[  234.074572][ T7929]  mas_alloc_nodes+0x26c/0x840
[  234.079472][ T7929]  mas_preallocate+0xfca/0x1730
[  234.084211][ T7909] chnl_net:caif_netlink_parms(): no params data found
[  234.084362][ T7929]  ? __pfx_mas_preallocate+0x10/0x10
[  234.096425][ T7929]  ? vma_merge_new_vma+0xc7/0xe0
[  234.101423][ T7929]  mmap_region+0x132c/0x2090
[  234.106080][ T7929]  ? __pfx_mmap_region+0x10/0x10
[  234.111060][ T7929]  ? thp_get_unmapped_area_vmflags+0x269/0x380
[  234.117248][ T7929]  ? cap_mmap_addr+0x163/0x2c0
[  234.122056][ T7929]  ? __get_unmapped_area+0x2f0/0x360
[  234.127391][ T7929]  do_mmap+0x8ad/0xfa0
[  234.131519][ T7929]  ? __pfx_do_mmap+0x10/0x10
[  234.136156][ T7929]  ? __pfx_ima_file_mmap+0x10/0x10
[  234.141335][ T7929]  vm_mmap_pgoff+0x1dd/0x3d0
[  234.145968][ T7929]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  234.151106][ T7929]  ? __fget_files+0x29/0x470
[  234.155744][ T7929]  ? __fget_files+0x3f6/0x470
[  234.160482][ T7929]  ksys_mmap_pgoff+0x4f1/0x720
[  234.165286][ T7929]  ? __x64_sys_mmap+0x7f/0x140
[  234.170091][ T7929]  do_syscall_64+0xf3/0x230
[  234.174628][ T7929]  ? clear_bhb_loop+0x35/0x90
[  234.179353][ T7929]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  234.185287][ T7929] RIP: 0033:0x7f1a03d75bd9
[  234.189730][ T7929] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  234.209360][ T7929] RSP: 002b:00007f1a04a7a048 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  234.217804][ T7929] RAX: ffffffffffffffda RBX: 00007f1a03f03f60 RCX: 00007f1a03d75bd9
[  234.225800][ T7929] RDX: 000000000200000f RSI: 0000000000004000 RDI: 0000000020ff9000
[  234.233803][ T7929] RBP: 00007f1a04a7a0a0 R08: 0000000000000006 R09: 0000000000000000
[  234.241810][ T7929] R10: 0000000000000012 R11: 0000000000000246 R12: 0000000000000001
[  234.249796][ T7929] R13: 000000000000000b R14: 00007f1a03f03f60 R15: 00007f1a0402fa78
[  234.257784][ T7929]  </TASK>
[  234.264973][ T7929] ------------[ cut here ]------------
[  234.272253][ T7929] kernel BUG at mm/page_table_check.c:157!
[  234.279128][ T7929] Oops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN PTI
[  234.286098][ T7929] CPU: 0 PID: 7929 Comm: syz.2.739 Not tainted 6.10.0-rc7-syzkaller #0
[  234.294368][ T7929] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  234.304439][ T7929] RIP: 0010:__page_table_check_zero+0x274/0x350
[  234.310688][ T7929] Code: c1 0f 8c 39 fe ff ff 48 89 df e8 97 41 f4 ff e9 2c fe ff ff e8 9d 8c 8e ff 90 0f 0b e8 95 8c 8e ff 90 0f 0b e8 8d 8c 8e ff 90 <0f> 0b f3 0f 1e fa 4c 89 f6 48 81 e6 ff 0f 00 00 31 ff e8 55 91 8e
[  234.330295][ T7929] RSP: 0018:ffffc90012bef938 EFLAGS: 00010293
[  234.336370][ T7929] RAX: ffffffff82079b23 RBX: dffffc0000000000 RCX: ffff888029441e00
[  234.344357][ T7929] RDX: 0000000000000000 RSI: 0000000000000004 RDI: ffff88801866358c
[  234.352336][ T7929] RBP: ffff88801866358c R08: ffff88801866358f R09: 1ffff110030cc6b1
[  234.360316][ T7929] R10: dffffc0000000000 R11: ffffed10030cc6b2 R12: ffff888018663540
[  234.368288][ T7929] R13: 1ffffffff2901988 R14: 0000000000000002 R15: 0000000000000000
[  234.376265][ T7929] FS:  00007f1a04a7a6c0(0000) GS:ffff8880b9400000(0000) knlGS:0000000000000000
[  234.385208][ T7929] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  234.391786][ T7929] CR2: 00007efd408ce1b8 CR3: 0000000020f44000 CR4: 00000000003506f0
[  234.399771][ T7929] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  234.407735][ T7929] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  234.415716][ T7929] Call Trace:
[  234.419026][ T7929]  <TASK>
[  234.421955][ T7929]  ? __die_body+0x88/0xe0
[  234.426320][ T7929]  ? die+0xcf/0x110
[  234.430142][ T7929]  ? do_trap+0x15a/0x3a0
[  234.434405][ T7929]  ? __page_table_check_zero+0x274/0x350
[  234.440052][ T7929]  ? do_error_trap+0x1dc/0x2c0
[  234.444819][ T7929]  ? __page_table_check_zero+0x274/0x350
[  234.450464][ T7929]  ? __pfx_do_error_trap+0x10/0x10
[  234.455680][ T7929]  ? handle_invalid_op+0x34/0x40
[  234.460638][ T7929]  ? __page_table_check_zero+0x274/0x350
[  234.466285][ T7929]  ? exc_invalid_op+0x38/0x50
[  234.470985][ T7929]  ? asm_exc_invalid_op+0x1a/0x20
[  234.476024][ T7929]  ? __page_table_check_zero+0x273/0x350
[  234.481679][ T7929]  ? __page_table_check_zero+0x274/0x350
[  234.487336][ T7929]  ? __page_table_check_zero+0x273/0x350
[  234.492989][ T7929]  free_unref_page+0xd36/0xea0
[  234.497759][ T7929]  dec_usb_memory_use_count+0x259/0x350
[  234.503308][ T7929]  ? __pfx_usbdev_vm_close+0x10/0x10
[  234.508597][ T7929]  mmap_region+0x13b4/0x2090
[  234.513202][ T7929]  ? __pfx_mmap_region+0x10/0x10
[  234.518158][ T7929]  ? thp_get_unmapped_area_vmflags+0x269/0x380
[  234.524325][ T7929]  ? cap_mmap_addr+0x163/0x2c0
[  234.529101][ T7929]  ? __get_unmapped_area+0x2f0/0x360
[  234.534395][ T7929]  do_mmap+0x8ad/0xfa0
[  234.537635][   T53] Bluetooth: hci5: command tx timeout
[  234.538464][ T7929]  ? __pfx_do_mmap+0x10/0x10
[  234.548443][ T7929]  ? __pfx_ima_file_mmap+0x10/0x10
[  234.553587][ T7929]  vm_mmap_pgoff+0x1dd/0x3d0
[  234.558195][ T7929]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  234.563327][ T7929]  ? __fget_files+0x29/0x470
[  234.567929][ T7929]  ? __fget_files+0x3f6/0x470
[  234.572614][ T7929]  ksys_mmap_pgoff+0x4f1/0x720
[  234.577397][ T7929]  ? __x64_sys_mmap+0x7f/0x140
[  234.582198][ T7929]  do_syscall_64+0xf3/0x230
[  234.586731][ T7929]  ? clear_bhb_loop+0x35/0x90
[  234.591425][ T7929]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  234.597332][ T7929] RIP: 0033:0x7f1a03d75bd9
[  234.601759][ T7929] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  234.621372][ T7929] RSP: 002b:00007f1a04a7a048 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  234.629801][ T7929] RAX: ffffffffffffffda RBX: 00007f1a03f03f60 RCX: 00007f1a03d75bd9
[  234.637788][ T7929] RDX: 000000000200000f RSI: 0000000000004000 RDI: 0000000020ff9000
[  234.645770][ T7929] RBP: 00007f1a04a7a0a0 R08: 0000000000000006 R09: 0000000000000000
[  234.653746][ T7929] R10: 0000000000000012 R11: 0000000000000246 R12: 0000000000000001
[  234.661732][ T7929] R13: 000000000000000b R14: 00007f1a03f03f60 R15: 00007f1a0402fa78
[  234.669704][ T7929]  </TASK>
SYZFAIL: failed to recv rpc
fd=3 want=4 sent=0 n=0 (errno 9: Bad file descriptor)
[  234.672709][ T7929] Modules linked in:
[  234.682577][ T7929] ---[ end trace 0000000000000000 ]---
[  234.689663][ T7929] RIP: 0010:__page_table_check_zero+0x274/0x350
[  234.721809][ T7929] Code: c1 0f 8c 39 fe ff ff 48 89 df e8 97 41 f4 ff e9 2c fe ff ff e8 9d 8c 8e ff 90 0f 0b e8 95 8c 8e ff 90 0f 0b e8 8d 8c 8e ff 90 <0f> 0b f3 0f 1e fa 4c 89 f6 48 81 e6 ff 0f 00 00 31 ff e8 55 91 8e
[  234.743574][ T7929] RSP: 0018:ffffc90012bef938 EFLAGS: 00010293
[  234.749843][ T7929] RAX: ffffffff82079b23 RBX: dffffc0000000000 RCX: ffff888029441e00
[  234.757904][ T7929] RDX: 0000000000000000 RSI: 0000000000000004 RDI: ffff88801866358c
[  234.767259][ T7929] RBP: ffff88801866358c R08: ffff88801866358f R09: 1ffff110030cc6b1
[  234.775264][ T7929] R10: dffffc0000000000 R11: ffffed10030cc6b2 R12: ffff888018663540
[  234.784169][ T7929] R13: 1ffffffff2901988 R14: 0000000000000002 R15: 0000000000000000
[  234.784248][ T5098] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  234.793955][ T7929] FS:  00007f1a04a7a6c0(0000) GS:ffff8880b9400000(0000) knlGS:0000000000000000
[  234.810250][ T7929] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  234.816894][ T7929] CR2: 00007efd408ce1b8 CR3: 0000000020f44000 CR4: 00000000003506f0
[  234.824892][ T7929] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  234.832914][ T7929] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  234.840982][ T7929] Kernel panic - not syncing: Fatal exception
[  234.847340][ T7929] Kernel Offset: disabled
[  234.851659][ T7929] Rebooting in 86400 seconds..