last executing test programs:

9m42.979961538s ago: executing program 4 (id=5):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB="4400000010003b1500"/20, @ANYRES32=0x0, @ANYBLOB="000000000000000024001280090001007866726d000000001400028004000300"], 0x44}}, 0x0)

9m42.67209699s ago: executing program 4 (id=11):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, 0x0)
sendmsg$NL80211_CMD_JOIN_IBSS(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000002240)={0x74, r1, 0x101, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_PRIVACY={0x4}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ibss_ssid}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_KEYS={0x40, 0x51, 0x0, 0x1, [{0x3c, 0x0, 0x0, 0x1, [@NL80211_KEY_DEFAULT={0x4}, @NL80211_KEY_CIPHER={0x8, 0x3, 0xfac05}, @NL80211_KEY_DEFAULT_MGMT={0x4}, @NL80211_KEY_IDX={0x5, 0x2, 0x1}, @NL80211_KEY_DEFAULT_TYPES={0xc, 0x8, 0x0, 0x1, [@NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}]}, @NL80211_KEY_DATA_WEP104={0x11, 0x1, "a3446ceb1c5a6525e8f56e2add"}]}]}]}, 0x74}, 0x1, 0x0, 0x0, 0x4010}, 0x0)

9m42.459901466s ago: executing program 4 (id=14):
syz_mount_image$exfat(&(0x7f0000000040), &(0x7f0000000000)='./file1\x00', 0x8000, &(0x7f0000000480)={[{@discard}, {@allow_utime={'allow_utime', 0x3d, 0x5}}, {@time_offset={'time_offset', 0x3d, 0x9}}, {@utf8}, {@dmask={'dmask', 0x3d, 0x4002}}, {@namecase}, {@umask={'umask', 0x3d, 0x7}}, {@iocharset={'iocharset', 0x3d, 'default'}}, {@keep_last_dots}, {@sys_tz}]}, 0x5, 0x1548, &(0x7f0000001900)="$eJzs3AuYTdX7OPD3XWvtMSSdJrkMa613c5LLMkmSS5JckiRJktwSkib5SkJiyC1pSEJyGZLLEJLLxKRxv98vCU2SJklCckvW/1H8fftVv++lvl/P85v38zz7sd6z9rv22vOeM2fvdZz5psvQmo1rVWtIRPCn4C//JAFALAAMBIBrACAAgHJx5eIu9OeUmPTnDsL+Wg+lXukZsCuJ65+9cf2zN65/9sb1z964/tkb1z974/pnb1x/xrKzzdMLXstb9t14/T874/f//0OySo/9Ym3p67sCxPyzKVz/7I3r/39W8M/sxPXP3rj+2VXslZ4A+yvN/vfS+PWfHeT4wx6uf/bG9WcsO/t5HTgnXPF16Cu1QSR7fwZypZ9/jDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcayh9P+MgUAl9pXel6MMcYYY4wxxhj76/gcV3oGjDHGGGOMMcYY+89DECBBQQAxkANiISfkAgEAV0MeuAYicC3EwXWQF66HfJAfCkBBiIdCUBg0GLBAEEIRKApRuAGKwY1QHEpASSgFDkpDAtwEZeBmKAu3QDm4FcrDbVABKkIlqAy3QxW4A6rCnVAN7oLqUANqQi24G2rDPVAH7oW6cB/Ug/uhPjwADeBBaAgPQSN4GBrDI9AEHoWm0AyaQwto+W/lvwA94EXoCb0gCXpDH3gJ+kI/6A8DYCC8DIPgFRgMr0IyDIGh8BoMg9dhOLwBI2AkjII3YTS8BWNgLIyD8ZACE2AivA2T4B2YDFNgKkyDVJgOM+BdmAmzYDa8B3PgfZgL82A+LIA0+AAWwiJIhw9hMXwEGbAElsIyWA4rYCWsgtWwBtbCuh/7wgbYCJtgM2yBrbANtsMO2Akfwy74BHbDntfnAUAmfPZH+bD+d/NPXcqHvfApZEJXBAQUKFChwhiMwViMxVyYC3NjbsyDeTCCEYzDOMyLeTEf5sMCWADjMR4LY2E0aJCQsAgWwShGsRgWw+JYHEtiSXToMAETsAzejGWxLJbDclgey2MFrIgVsTJWxipYBatiVayG1bA6VseaWBPvxruxN9bBOlgX62I9rHdpeQobYkNshI2wMTbGJtgEm2JTbI7NsSW2xFbYCltja2yLbbEdtsP22B4TMRE7YAfsiB2xE3bCztgZu2AX7IrdsFvWCzkAX8QXsRdWF72xD/bBvpicoz8OwAH4Mg7CV/AVfBWTcQgOxdfwNXwdh+NJHIEjcRSOwiriLRyDY5HEeEzBFJyIE3ESTsLJOAWn4DRMxek4A2fgTJyFs/A9nIPv4/s4D+fhAkzDNFyIizAd03ExnsIMXIJLcRkuxxW4HFfhalyFa3EdrsUNuAE34SbcgltwG27DHbgDP0YFgJ/gHtyDyZiJmbgP9+F+3I8H8ABmYRYexIN4CA/hYTyMR/AIHsVjeByP4Qk8gSfxFJ7G03gWz+I5fC7+q0Yfl1iTDOICJZSIETEiVsSKXCKXyC1yizwij4iIiIgTcSKvyCvyiXyigCgg4kW8KCwKCyOMIBHGAICIiqgoJoqJ4qK4KClKCiecSBAJoowoI8qKsqKcuFWUF7eJCqKiaOMqi8qiimjrqoo7RTVRTVQXNURNUUvUErVFbVFH1BF1RV1RT9QT9cUDooHojf3xIXGhMo3FEGwihmJT0UzIi7/BWonh2Fq0EW3FE2IkjsD2opVLFE+LDmIMdhR/E2PxWdFZjMcu4nnRVXQT3cULoodo7XqKXmIy9hZ9xDTsK/qJ/mKAmIk1xHs4J2dN8apIFkPEUPGaWICvi+HiDTFCjBSjxJtitHhLjBFjxTgxXqSICWKieFtMEu+IyWKKmCqmiVQxXcwQ74qZYpaYLd4Tc8T7Yq6YJ+aLBSJNfCAWikUiXXwoFouPRIZYIpaKZWK5WCFWilVitVgj1op1Yr3YIDaKTWKz2CK2im1iu9ghdoqPxS7xidgt9oi94lORKT4T+8TnYr/4QhwQX4os8ZU4KL4Wh8Q34rD4VhwR34mj4pg4Lr4XJ8QP4qQ4JU6LM+Ks+FGcEz+J88ILkCiFlFLJQMbIHDJW5pS55FUytwwu/nSvlXHyOplXXi/zyfyygCwo42UhWVhqaaSVJENZRBaVUXmDLCZvlMVlCVlSlpJOlpYJ8iZZRt4sy8pbZDl5qywvb5MVZEVZSVaWt8sq8g4JkV+OUV3WkDVlLXm3TIJ7ZB15r6wr75P15P2yvnxANpAPyobyIdlIPiwby0dkE/mobCqbyeayhWwpH5Ot5OOytWwj28onZDv5pGwvn5KJ8mnZQfqLT5FnZWf5nOwin5ddZTfZXf4kz0sve8peEnqD7CNfkn1lP9lfDpAD5ctykHxFDpavymQ5RA6Vr8lh8nU5XL4hR8iRcpR8U46Wb8kxcqwcJ8fLFDlBTpRvy0nyHTlZTpFT5TSZKqfL/hdHmi3lP8x/+3fyB/989E1ys9wit8ptcrvcIXfKj+UuuUvulrvlXrlXZspMuU/uk/vlfnlAHpBZMkselAflIXlIHpaH5RF5RB6Vx+QZ+b08IX+QJ+UpeUqekWflWXnu4s8AFCqhpFIqUDEqh4pVOVUudZXKra5WedQ1KqKuVXHqOpVXXa/yqfyqgCqo4lUhVVhpZZRVpEJVRBVVUXUDXnzCqJKqlHKqtEpQN/0r+aqYulEVVyV+lX9pfkl/ML+WqqVqpVqp1qq1aqvaqnaqnWqv2qtElag6qA6qo+qoOqlOqrPqrLqoLqqr6qq6q+6qh+qheqqeKkklqT7qJdVX9VP91QA1UL2sBqlBarAarJJVshqqhqphapgaroarEWqEGqVGqdFqtBqjxqhxapxKUSlqopqoJqlJarKarKaqqSpVpaoZaoaaqWaq2Wq2mqPmqLlqrpqv5qs0laYWqoUqXaWrxWqxylBL1BK1TC1TK9QKtUqtUmvUGrVOrVMb1AaVoTarzWqr2qq2q+1qp9qpdqldarfarfaqvSpTZap9ap/ar/arA+qAylJZ6qA6qA6pQ+qwOqyOqCPqqDqqjqvj6oQ6oU6qk+q0Oq3OqrPqnDqnzqvzFy77AhGIQAUqiAligtggNsgV5ApyB7mDPEGeIBJEgrggLsgbXB/kC/IHBYKCQXxQKCgc6MAENhAXix4NbgiKBTcGxYMSQcmgVOCC0kFCzMXO4JagXHBrUD64LagQVAwqBZWD24MqwR1B1eDOoFpwV1A9qBHUDGoFdwe1g3uCOsG9Qd3gvqBecH9QP3ggaBA8GDQMHgoaBQ8HjYNHgibBo0HToFnQPGgRtAxuDsr+ZeN7fzL/466n7qWTdG/dR7+k++p+ur8eoAfql/Ug/YoerF/VyXqIHqpf08P063q4fkOP0CP1KP2mHq3f0mP0WD1Oj9cpeoKeqN/Wk/Q7erKeoqfqaTpVT9cz9Lt6pp6lZ+v39Bz9vp6r5+n5eoFO0x/ohXqRTtcf6sX6I52hl+ileplerlfolXqVXq3X6LV6nV6vN+iNepPerLforXqb3q536J36Y71Lf6J36z16r/5UZ+rP9D79ud6vv9AH9Jc6S3+lD+qv9SH9jT6sv9VH9Hf6qD6mj+vv9Qn9gz6pT+nT+ow+q3/U5/RP+rz2Fy7uL7y9G2WUiTExJtbEmlwml8ltcps8Jo+JmIiJM3Emr8lr8pl8poApYOJNvClsCpsLyJApYoqYqImaYqaYKW6Km5KmpHHGmQSTYMqYMqasKWvKmXKmvClvKpgKppKpZG43t5s7zB3mTnOnucvcZWqYGqaWqWVqm9qmjqlj6pq6pp6pZ+qb+qaBaWAamoamkWlkGpvGpolpYpqapqa5aW5ampamlWllWpvWpq1pa9qZdqa9aW8STaLpYDqYjqaj6WQ6mc6ms+liupiupqvpbrqbHqaH6Wl6miSTZPqYPqav6Wv6m/5moBloBplBZrAZbJJNshlqhpphZpgZboabEWakGXXhQtW8ZcaYsWacGW9STIqZaCaaSWaSmWwmm6lmqkk1qWaGmWFmmplmtplt5pg5Zq6Za+ab+SbNpJmFZqFJN+lmsVlsMkyGWWqWmuVmuVlpVprVZrVZa9aa9bDebDQbzWaz2Ww1W812s93sNDvNLrPL7Da7zV6z12SaTLPP7DP7zX5zwBwwWSbLHDQHzSFzyBw2h80Rc8QcNUfNcXPcnDAnzElz0pw2p81Zk//i+6U3sTanzWWvsrnt1TaPvcb+z7iALWjjbSFb2Gqbz+b/VWystcVtCVvSlrLOlrYJ9qbfxBVsRVvJVra32yr2Dlv1N3Fte4+tY++1de19tpa9+1dxPXu/rW8fsQ0QAWwz28i2sI3tI7aJfdQ2tc1sc9vCtrNP2vb2KZton7Yd7DO/iRfaRXa1XWPX2nV2t91jT9sz9pD9xp61P9qetpcdaF+2g+wrdrB91SbbIb+JR9k37Wj7lh1jx9pxdvxv4ql2mk210+0M+66daWf9Jk6zH9g5Nt3OtfPsfLvg5/jCnNLth3ax/chm2ACW2mV2uV1hV9pV/3+uy+wGu9FusrvsJ3ar3Wa32x1256ULYbvH7rWf2kz7mT1ov7b77Rf2gD1ss+xXP8cXzu+w/dYesd/Zo/aYPW6/tyfsD+pS9oVz/97+ZM9bb4GQgCQpCiiGclAs5aRcdBXlpqspD11DEbqW4ug6ykvXUz7KTwWoIMVTISpMmgxZIgqpCBWlKN1Al6ZXkkqRo9KUQDdRGbqZytItVI5upfJ0G1WgilSJKtPtVIXuoKp0J1Wju6g61aCaVIvuptp0D9Whe6ku3Uf16H6qTw9QA3qQGtJD1Igepsb0CDWhR6kpNaPm1IJa0mPUih6n1tSG2tIT1I6epPb0FCXS09SBnqGO9DfqRM9SZ3qOutDz1JW6UXd6gXrQi9STelES9aY+9BL1pX7UnwbQQHqZBtErNJhepWQaQkPpNRpGr9NweoNG0EgaRW/SaHqLxtBYGkfjKYUm0ER6mybROzSZptBUmkapNJ1m0Ls0k2bRbHqP5tD7NJfm0XxaQGn0AS2kRZROH9Ji+ogyaAktpWW0nFbQSlpFq2kNraV1tJ420EbaRJtpC22lbbSddtBO+ph20Se0m/bQXvqUMukz2kef0376gg7Ql5RFX9FB+poO0Td0mL71veg7OkrH6Dh9TyfoBzpJp+g0naGz9COdo5/oPHmCEEMRylCFQRgT5ghjw5xhrvCqMHd4dZgnvCaMhNeGceF1Yd7w+jBfmD8sEBYM48NCYeFQhya0IYVhWCQsGkbDG8Ji4Y1h8bBEWDIsFbqwdJgQ3hSWCW8Oy4a3hOXCW8Py4W1hhbBi+Mh9lcPbwyrhHWHV8M6wWnhXWD2sEdYMa4V3h7XDe8I64b1h3fC+sGx4f1g/fCBsED4YNgwfChuFD4eNw0fCJuGjYdOwWdg8bBG2DB8LW4WPh63DNmHb8ImwXfhk2D58KkwMnw47hM/83H//oj/uTwp7h33Cl8KXQu/vlfOjC6Jp0Q+iC6OLounRD6OLox9FM6JLokujy6LLoyuiK6Oroquja6Jro+ui66Mbohujm6Le18oBDp1w0ikXuBiXw8W6nC6Xu8rldle7PO4aF3HXujh3ncvrrnf5XH5XwBV08a6QK+y0M846cqEr4oq6qLvBFXM3uuKuhCvpSjnnSrsE18K1dC1dK/e4a+3auLbuCfeEe9I96Z5yT7mnXQf3jOvo/uY6uWddZ/ece84977q6bq67e8H1cBPy/PKaTHJ9XB/X1/V1/V1/N9ANdIPcIDfYDXbJLtkNdUPdMDfMDXfD3Qg3wo1yo9xoN9qNcWPcODfOpbgUN9FNdJPcJDfZTXZT3VSX6lLdDDfDzXQzXZVZvxxlrpvr5rv5Ls2luYXuwjVjulvsFrsMl+GWuqVuuVvuVrqVbrVb7da6tW69W+82uo1us9vstrqtbrvb7na6nW6X2+V2+2t+GdRlun1un9vv9rsD7kuX5b5yB93X7pD7xh1237oj7jt31B1zx9337oT7wZ10p9xpd8addT+6c+4nd955lxKZEJkYeTsyKfJOZHJkSmRqZFokNTI9MiPybmRmZFZkduS9yJzI+5G5kXmR+ZEFkbTIB5GFkUWR9MiHkcWRjyIZkSWRpZFlkeWRFRHvC20NfRFf1Ef9Db6Yv9EX9yV8SV/KO1/aJ/ibfBl/sy/rb/Hl/K2+vL/NV/AVfSX/qG/qm/nmvoVv6R/zrfzjvrVv49v6J3w7/6Rv75/yif5p38E/4zv6v/lO/lnf2T/nu/jnfVffzXf3L/ge/kXf0/fySb637+Nf8n19P9/fD/AD/ct+kH/FD/av+mQ/xA/1r/lh/nU/3L/hR/iRflTMm370pVtkGO9T/AQ/0b/tJ/l3/GQ/xU/103yqn+5n+Hf9TD/Lz/bv+Tn+fT/Xz/Pz/QKf5j/wC/0in+4/9Iv9Rz7DL7m0qOxX+lV+tV/j1/p1fr3f4Df6TX6z3+K3+m1+u9/hd/qP/S7/id/t9/i9/lOf6T/z+/znfr//wh/wX/os/5U/6L/2h/w3/rD/1h/x3/mj/pg/7r/3J/wP/qQ/5U/7M/6s/9Gf8z/58/ydNcYYY4yxf8qEy03x655flvN7/06O+Lud+wDA1dsKZv19/4UryvX5fmn3E/HtIgDwdK8uD13aqldPSkq6uG+GhKDoPIBLnwRd8POy8cV4CbSFJyER2kCZ351/P9HtLP2D8aO3AuT6u5xYuBxfHv9zAEz6nfEfe2LUwvLh6bj/Zfx5AMWLXs7JCZfjJdD25/WVNlD2D+afv9U/mH/OL1IAWv9dTm64HF+efwI8Ds9A4q/2ZIwxxhhjjDHGftFPVOp06f7z0v/4/L3783h1OScHXI7/0f05Y4wxxhhjjDHGrrxnu3V/6rFL39x7LDGxTaefH/lnGlX/lZ3/9UYT+E+NzI3fbXgPcOkRBQB/ckCACw353zyLLf+VYyVffLX8z67lZ3wA3Ytd/NLjX3fQ2D9fi3+ncaV+IzHGGGOMMcb+Uy5f9P/6cXWlJsQYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjGVD/40/J3alz5ExxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhi70v5fAAAA//8XnvpB")
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}})

9m40.376021033s ago: executing program 4 (id=18):
syz_mount_image$vfat(&(0x7f0000000100), &(0x7f00000002c0)='./bus\x00', 0x1800840, &(0x7f0000000180)=ANY=[@ANYBLOB="6e6f6e756d7461696c3d302c756e695f786c6174653d302c73686f72746e616d653d6c6f7765722c73686f72746e616d653d6c6f7765722c73686f72746e616d653d77696e39352c6e6f6e756d7461696c3d302c757466383d302c756e695f786c6174653d312c696f636861727365743d69736f383835392d31342c636f6465706167653d3935302c696f636861727365743d6d616363656e746575726f2c757466383d302c73686f72746e616d653d6c6f7765722c00eb35cd69a309a1cd59f889d47f6ece19f2f93c7c42fee6d42a74a07aedee8d38362cec0a8a369a2bd5754fa3f8c0626979e68e9ae4cf36"], 0x1, 0x367, &(0x7f0000000840)="$eJzs3U9oHFUYAPBvO0k2KdTkIBQFYfQmaOgfPOgppaRQ3IvKUvXkYlOVbCxkcTE9dBsv4lHwqCcv4kEPHnoWQRFvHrxaQariQXsrWH2yu7PZ2ewmpsK2Fn+/w/Lle++b995mkp1Msi8vrcT6+dm4cOPG9Zifr8TMyumVuFmJpchi4EqMm5uQAwDuDTdTit9T3wFLKlOeEgAwZb3X/1eOlDJvfblf/+TVHwDuecXP/wv79Znfq+HiVKYEAEzZ2P3/R0aa50Z/1T9T+qsAAOBe9dwLLz59qhbxbJ7PR2y83a636/HUsP3UhXgtmrEWx2IxbkX0LxS6D5Xe45mztdVjeZ534qelqHcr2vWIjU673r9SOJX16qtxPBZjqagvrjZSStmZz2qrx/OeiLjS6Y0fG5V2fTYOF+N/fzjW4kTkcf9YfcTZ2uqJvDhAfWNQ34nYHt636M5/ORbj25fjYjTj/MK5SGlwWVNbvXw8z0+n2kh9u16N8zvPwp53QAAAAAAAAAAAAAAAAAAAAAAA4F9Zzncs7ex/k4b79ywvT2jv7Y/Try/2B9ru7w+UqilS+u3Nx+vvZDGyP9Du/Xna9Zk4dHeXDgAAAAAAAAAAAAAAAAAAAP8Zra25aDSba5utrUvr5aCz2do6FBHdzOtff/LFQoz3+Ydgphij1JQXqUvrjZQNOqdspE8RZN3BB5mPr+7MuNynurOKidOo7t3UbB55+Mf3h5mHssGR/xr2yWLyArNd0ygHG/f1p3Q7T9Slk0VwYnKfwTKb11JKk4/zZ0pp/MhRiZi5/U/cSJDvzqRu8NX1Vx842Tr6RC/zeep79LHFc9fe+/CX9UazO3Jvyh/NbbZupfVG8fHkk23vICudP5XoB5XymTCzX/n2aKaRfffr8w+++83BRk/lzBsT+mT95Xy62dqqFF8pvaZK/7Tp5nZVLTTPZhG7jjM74eSfQnD0g5XG1cs//HzQqtI3CRt1AAAAAAAAAAAAAAAAAADAHVF6r3iheLPv7H5VTz4z/ZkBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJ0z/P//pWB7LHOQ4I9OjDdV1zZbEXN3e5kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPzP/R0AAP//pSBp3g==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x147040, 0x0)
syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x5, 0x11, r0, 0x80000000)
madvise(&(0x7f00007fe000/0x800000)=nil, 0x800000, 0x19)
r1 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="100000002d000b02d25a806f8c6394f9101a04000a", 0x15}], 0x1}, 0x0)
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)="d80000001c0081044e81f782db44b9040a1d08030e000000e8fea4a1180015000600142603600e1208000f1000810401a80016000a0001", 0x37}], 0x1, 0x0, 0x0, 0x7400}, 0x10)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)=@in6={0xa, 0x0, 0x0, @mcast1}, 0x80, 0x0, 0x0, 0x0, 0x5c8}, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd6317ce620300fe"], 0xfe1b)
r2 = socket$kcm(0x10, 0x2, 0x0)
write$cgroup_subtree(r2, &(0x7f0000000000)=ANY=[@ANYBLOB="563f00001800599c6d0eab070004000523"], 0xfe33)
ioctl$vim2m_VIDIOC_STREAMOFF(r0, 0x40045612, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[@ANYBLOB="563f000019"], 0xfe33)
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x3880480, &(0x7f0000000280), 0x45, 0x786, &(0x7f00000007c0)="$eJzs3d9rW2UfAPDvSX93e9/2hRd0XhUELYyldtZNwYuJFyI4GOi1W0mzMps2o0nHWgpuiOCNoOKFoDe79se889Yft/pfeCEbU7vhxAupnDRZszXpkq1J5vb5wGme5zwnfZ5vnnOe8yTnkATwyJpI/2QiDkTEB0nEWHV9EhEDlVR/xLGt7W5urOfSJYnNzdd/Syrb3NhYz0Xdc1L7qpnHI+L7dyMOZnbWW1pdW5gtFPLL1fxUefHsVGl17dCZxdn5/Hx+6cj0zMzho88dPbJ3sf7x09r+qx++8vRXx/5657HL7/+QxLHYXy2rj2OvTMRE9TUZSF/C27y815X1WLJ7cYM9gAdB2jF9W0d5HIix6KukmhjpZssAgE55OyI2m+lrWgIA/Kslzc//AMBDqfY5wI2N9Vxt6e0nEt117aWIGN6Kv3Z9c6ukv3rNbrhyHXT0RnLblZEkIsb3oP6JiPjsmze/SJfo0HVIgEYuXIyIU+MTO8f/ZMc9C+16poVtJu7IG/+ge75N5z/PN5r/ZW7Nf6LB/GeowbF7L+5+/Geu7EE1TaXzvxfr7m27WRd/1XhfNfefypxvIDl9ppBPx7b/RsRkDAyl+eld6pi8/vf1ZmX187/fP3rr87T+9HF7i8yV/qHbnzM3W569n5jrXbsY8UR/o/iTW/2fNJn/nmixjldfeO/TZmVp/Gm8tWVn/J21eSniqYb9v31HW7Lr/YlTld1hqrZTNPD1z5+MNqu/vv/TJa2/9l6gG9L+H909/vGk/n7NUvt1/Hhp7LtmZXePv/H+P5i8UUkPVtedny2Xl6cjBpPXdq4/vP3cWr62fRr/5JONj//d9v/0PeGpFuPvv/rrl/cef2el8c+11f/tJy7fXOhrVn9r/T9TSU1W17Qy/rXawPt57QAAAAAAAAAAAAAAAAAAAAAAAACgVZmI2B9JJnsrnclks1u/4f3/GM0UiqXywdPFlaW5qPxW9ngMZGpfdTlW932o09Xvw6/lD9+RfzYi/hcRHw+NVPLZXLEw1+vgAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKBqX5Pf/0/9MtTr1gEAHTPc1+sWAADdNtzf6xYAAN023NbWIx1rBwDQPe2d/wGAh4HzPwA8epz/AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6LATx4+ny+afG+u5ND93bnVloXju0Fy+tJBdXMllc8Xls9n5YnG+kM/miotN/9GFrYdCsXh2JpZWzk+V86XyVGl17eRicWWpfPLM4ux8/mR+oGuRAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDrSqtrC7OFQn5ZQkKi7URc2DqOHpT27F0iBrdHiZGejU8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD7p/AgAA//+mAybn")
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000001c0)='ext4_ext_remove_space\x00', r3}, 0x10)
r4 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
setsockopt$CAIFSO_REQ_PARAM(r4, 0x116, 0x80, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)

9m39.26524206s ago: executing program 4 (id=19):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4001, 0xd000000, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='cdg\x00', 0x4)
r1 = socket(0x10, 0x3, 0x6)
r2 = socket(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000040)={'team0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=@newqdisc={0x2c, 0x24, 0xf0b, 0x70bd26, 0x0, {0x0, 0x0, 0x0, r3, {0x0, 0xffff}, {0xffff, 0xffff}}, [@TCA_RATE={0x6}]}, 0x2c}}, 0x20000000)
r4 = openat$mice(0xffffffffffffff9c, &(0x7f00000002c0), 0x2)
readv(r4, &(0x7f0000001780)=[{&(0x7f0000000200)=""/167, 0xa7}], 0x1)
write$RDMA_USER_CM_CMD_JOIN_MCAST(r4, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000400)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
userfaultfd(0xc0001)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.throttle.io_service_bytes_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r6, &(0x7f0000000100), 0xfffffd9d)
ioctl$F2FS_IOC_GARBAGE_COLLECT_RANGE(r6, 0x4018f50b, &(0x7f0000000140)={0x1001, 0x3, 0xcd0})
setsockopt$SO_ATTACH_FILTER(r5, 0x1, 0x1a, &(0x7f00000003c0)={0x0, 0x0}, 0x10)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000040)={'team_slave_1\x00', &(0x7f0000000240)=@ethtool_perm_addr={0x20, 0xdf, "30957148c2a2366a6fc3c93c13cce1b4b4b53a585a36de41715ee69be27b144568c4a2c40f3c8839a40354a8fc7090bd8e9833316240920dcc1619f9cfd95feb136263ce7933b4e8eb5ba844e46ec16c436f08a5db6333c89a0c928a0dce42d79034da44a71f5716b20967f10cd1a267800bdf950e2192871d14b5237584265906f2223505a8244821e29bb5aac5a3485e15ca48e02ed6d96b21878e7586d90ebf8230a35dfb9f6dba68bcfd4999cdf05e4a5c287ee27f8de384d533e8d86d83c333cabcde5c7ecb6da1858c0de85cdf3d0db0cf7ddd7b33f752a16b5c718b"}})
sendfile(r0, r6, 0x0, 0x8000002b)

9m38.690170029s ago: executing program 32 (id=19):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4001, 0xd000000, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='cdg\x00', 0x4)
r1 = socket(0x10, 0x3, 0x6)
r2 = socket(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000040)={'team0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=@newqdisc={0x2c, 0x24, 0xf0b, 0x70bd26, 0x0, {0x0, 0x0, 0x0, r3, {0x0, 0xffff}, {0xffff, 0xffff}}, [@TCA_RATE={0x6}]}, 0x2c}}, 0x20000000)
r4 = openat$mice(0xffffffffffffff9c, &(0x7f00000002c0), 0x2)
readv(r4, &(0x7f0000001780)=[{&(0x7f0000000200)=""/167, 0xa7}], 0x1)
write$RDMA_USER_CM_CMD_JOIN_MCAST(r4, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000400)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
userfaultfd(0xc0001)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.throttle.io_service_bytes_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r6, &(0x7f0000000100), 0xfffffd9d)
ioctl$F2FS_IOC_GARBAGE_COLLECT_RANGE(r6, 0x4018f50b, &(0x7f0000000140)={0x1001, 0x3, 0xcd0})
setsockopt$SO_ATTACH_FILTER(r5, 0x1, 0x1a, &(0x7f00000003c0)={0x0, 0x0}, 0x10)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000040)={'team_slave_1\x00', &(0x7f0000000240)=@ethtool_perm_addr={0x20, 0xdf, "30957148c2a2366a6fc3c93c13cce1b4b4b53a585a36de41715ee69be27b144568c4a2c40f3c8839a40354a8fc7090bd8e9833316240920dcc1619f9cfd95feb136263ce7933b4e8eb5ba844e46ec16c436f08a5db6333c89a0c928a0dce42d79034da44a71f5716b20967f10cd1a267800bdf950e2192871d14b5237584265906f2223505a8244821e29bb5aac5a3485e15ca48e02ed6d96b21878e7586d90ebf8230a35dfb9f6dba68bcfd4999cdf05e4a5c287ee27f8de384d533e8d86d83c333cabcde5c7ecb6da1858c0de85cdf3d0db0cf7ddd7b33f752a16b5c718b"}})
sendfile(r0, r6, 0x0, 0x8000002b)

9m2.233906728s ago: executing program 5 (id=97):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x5}, 0x0)
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r2, &(0x7f0000000300)=ANY=[@ANYBLOB="b0000000000000001659ec0889419429aa5db97288b0f8a87ea8e66d9a8b"], 0xb0)
write$FUSE_DIRENTPLUS(r2, &(0x7f0000000140)=ANY=[@ANYBLOB="10"], 0x10)
write$FUSE_NOTIFY_RETRIEVE(r2, 0x0, 0x0)
write$FUSE_DIRENTPLUS(r2, &(0x7f00000002c0)=ANY=[@ANYBLOB="b0"], 0xb0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount$9p_fd(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2, @ANYBLOB=',posixacl'])

8m58.644374142s ago: executing program 5 (id=106):
socket$netlink(0x10, 0x3, 0x0)
ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r0=>0xffffffffffffffff}, './file0\x00'})
r1 = getpid()
syz_pidfd_open(r1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x73656000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, 0x0, 0x0, 0x2, 0x0)
socket$igmp(0x2, 0x3, 0x2)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000000000"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x94)
r5 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$VIDIOC_REQBUFS(r5, 0xc0145608, &(0x7f0000000140)={0x3, 0xa, 0x2})
r6 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$VIDIOC_REQBUFS(r6, 0xc0585609, &(0x7f0000000040)={0x0, 0xa, 0x0, 0x0, 0x20})
open(&(0x7f0000000140)='./file0\x00', 0x33f, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=ANY=[@ANYBLOB="28f67b00020301040000000000000000000004000800500100010000020900020000010001020000"], 0x28}, 0x1, 0x0, 0x0, 0x240c0850}, 0x8000)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, &(0x7f0000000040)=r0, 0x4)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000280)="5c00000012006bab9e3fe3d86e6c1d000014a10dfe000000000004b68675f8001d000a00a0e69ee517d34460bc24eab556a705251e6182949a36c23d3b48dfd8cdbf9367b4fa51f60a64c9f4080003000601000004000200110000", 0x5b}, {&(0x7f0000000680)='\'', 0x1}], 0x2, 0x0, 0x0, 0x1f00c00e}, 0x0)
syz_open_dev$usbfs(0x0, 0x1ff, 0xa401)

8m56.935874583s ago: executing program 5 (id=111):
syz_usb_connect(0x0, 0x81, 0x0, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
syz_mount_image$xfs(&(0x7f0000000500), &(0x7f0000009640)='./file0\x00', 0x208800, &(0x7f00000006c0)={[{@nogrpid}, {@prjquota}, {@ikeep}, {@inode32}]}, 0x4, 0x9606, &(0x7f0000012cc0)="$eJzs2gm8pnPhuP/nDGOXMVRSaiqiRdYsUc0MZigkS7QjS8pSUqESSgoVEe3Zt2xlCWVrJdlbKCFUskRabMP8X8ecYYyLb/36/l++dV3X63XO8zz3c9/3+Tyf972cw2wyaYOJg8Ecg2mNG8zceddOnjLm6nXvOGrz+Y9d5tR7DnjsiouOH3mcMPI4cTAYjBp5e2jasrGD004fNZj14eWPNveccw3NOxgsO/JyZD+DFac9zHvF9PWmztTMAx169Ns+074ebr7hHzH85PAD9jpiMBiMmWH7ocFgaPfHfVBpm0yYPOlRq0fchq1Gjzyf8Wu2aV/zXjwYzHvmgI+PGdcdego+0vDP3P0l545e9yn42f9xbTJh8loz+Q+fi7OMLFtx+Byf+Rw0NvNxfttim648MoUPH2+DwfAl7jHnyn9Em0yYtPbgia/zg6NWuXCfqdOum7MPpt0o5hwMBnONXF/neapd6t9rwsTlHr5nT389wj79WN6djosT3n7yQ8M36cFgsMBgMHbN6feCqqqq+s9owsTlVoP7/xxPdv8/5ZSFz+z+X1VV9Z/bWhMmLjd8r5/p/j/Pk93/d1z4oj2n/bf/8StO2+qhp/ZDVFVV1b/UpLXw/j/mye7/K6522drd/6uqqv5zW3+dh+//88x0/1/wye7/bzl5lUVG1pv+e8ODM+xyaIb/n/DADMtnmWH5/TMsHz3DfmZcf7YZlt87w/LZh9+D9ccNBmOn/3vBKY8uHjtu+L2R5ffNsHz8o/9OZ9HVZ1g+YYblk2ZYPnFkrMPLJ8+wfPIM66/5JFNdVVX1f6b1l5u02mCGf2c/snih6e/T/f+Cs65b8qkab1VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVf1n9tAdZ587GAyGBoPBqMFgymDk+YyPg6lTp04dfn3K+Zdf/pQN9P9GQ+ddO3nKmKvXveOozec/dplT7zng0Vn6j+0//xPUv9Ow/xzHjxsMtt/oqR5KPQV1/rvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+4h+44+9yRY2DUYDBlMPJ89+mPZ+3/5reOrLryxqfedfCjWy46fpuRZ+ddO3nKNk/B2J+ChoY/65ir173jqM3nP3aZU+854L/g7PnP/wT17/Sw/zZDg8HI+T1m+Fxed8L6Gy4xGAwOvuvUjVcYPPLeSsPvrTJ2lsEsD2+6xMPf11iUd7z7mtMexw9/W/CRfZzy8P7XmnrYLEMzDWKGXnXejUe9a5N7lp/5cfEn/hyjpj854voz7p46derUxywcaY4n2Hj6/qd/lpnP85GxLzE89qV22u69S71/l12X3Ga7zbbecustt19muZWWX2HZZVZY+RVLbbXNtlsuPe37E8zZuIe/r/bPzNk8M8/ZHRNmnLOZP9sTzdm4J5+zh/c4ZdehDafP2az/4pyt9uRzNm6bkR+06PjRg00fnpqhwWDR1UcPdh5+sczsg8Gia4ysu9DwuquOHTUY7P/oBx1+Nvsjx+DQ7sPrbDJpg4mPjuzxn/Bx1+nHrLjo+JHHCSOPE6cNcdzg0UNx7OC000cNz8VjpnnuOecamncwWHbk5ch+BiuPvHvo9PWmztTMAx169Ns+074ebr7hnQw/effSZ18zfC7OtP3/H/0/Xf8f57XS0CMTNTTyNbLONK8Jk9d69Gc9PA3DczfLyLIVh01mnrP/zR433nGzDsY8yXgnrTVxueHFM83/9E3w+LpzsQs/PO3YGr/itK0e+n9GofHO8yTjXWsCjneeJxvv8R+59PRpu/pfG+9M17q1H/4+/p+51g2e/Fo3C+1gy0sWmfla97onHuJjzuPpczT7TCs90bVu50OW3X14/+Of/Fq39vDYRz/mWjdqMFh0tenXuuEL36TRg/2HXyw7/GLy6MGxwy+We/jFnIPzh1+8/J07bLvF8II1p8/J0sP7HT926GH3C1e8dfGpB06duvrIWMaPfexYR46PcTPezyeMnTaZ07edvt/hVafv95ZnTntv0sh+J/wL+52+LY33rvmmvTd5ZL8TZ9rv6CfZ7/RtH3c+LDH0yIXrCa43k2a63oz8jTP9xz3ma7ZpX/NePBjMeyb5zrTu/3jNpPN3jicZ74SJy602PL6Zzt9HDkc6fy+dfPXwvWLewWCwwGAwds3pY/8XG3qi8c765OOdCOOd9cnGe+Vx263zvzDewQzjfcxxtsn6046VNUeOs8n/wvE7fduZr2OjH3532mV/zX/mOjbucdexPWYZNdNkz9AT/c62Baw/7flCj/6ee+1Jx0yf+9Ez7fd/+p1ths8yBNexMTP9PT9qzRsGQzTnux+/6mVDBz35nI8ePPZvi+lzPn3bJ5vzyf/MnD/nyef8n/09eYkXTnt/9Ezjn3HO19vv2ftOn/PZZtrv/zTnk5/83vH4OR8/GE1zvvT90+btya6nTzTn07edPufDH3GVsbMO1hi+Z43M+aR/Zs4X+t85zueC9ac93/KRReccdeobp8/5zHP8P835pH91zsc9cpwv+vB7Lxg1mG22wc6b7bTTjstM+z795bLTvvO16N5rp83zk91Ln8ho+rZPdl6s/s8YjfmnjIb+J6OFZ30io0dPrSN32PEZ/6/XotX/VaMBX4uuPmbavD3Z70VPNOfTt6X74IIzbD/z36Hrr/Pw793zzHQfnL4J3gfPOWvtvafvcmSzB2ca5vT76gMzLJ9lhuX3z7B89Az7mXH92WZYfu8My4c/wmwzrD+dddzw37wjy6c8uvrY4V+exo0sv2+G5eMf3XbR1WdYPmGG5ZNmWD7x0UNj0ckzLJ88w/prDv7Fpv836W1mvsjXP1v//ddd/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+4h+44+9yRY2DUYDBlMO350MjjYPeh9W5/zfDjYDAYveKJU9d7qsf7FDd03rWTp4y5et07jtp8/mOXOfWeA/4Lzp7//E9Q/04P+28zNBiMnN9jthkMButOWH/DJQaDwXpTT1xx1OCR9xYafm/VsaMGg/2HHrOD2R9ZZ2j34XU2mbTBxMFgjpE1xj3uhz7uPHrMiouOH3mcMPI4cdr1adzg0eN17OC000cNZn14+aPNPedcQ/MOBsuOvBzZz2DFaQ/zXjF9vakzNfNAhx79ts+0r4ebb/hHDD/ZeevJzx2eq5m2/z/T9Gv1NqP+x1U7/93l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u/jX/jpb/thJ1l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5i3vojrPPHTkGRg0GUwbTng/tPvI4GDr5tBePHCKjd7nq6MOe6vE+xQ2dd+3kKWOuXveOozaf/9hlTr3ngP+Cs+c//xPUv9PD/tsMDQYj5/eYbQaDwboT1t9wicFgcNjRV+0yavDIewsNv7fq2FGDwf5Dj9nB7I+sM7T78DqbTNpg4mAwx8ga4x73Qx93Hj1mxUXHjzxOGHmcOO36NG7w6PE6dnDa6aMGsz68/NHmnnOuoXkHg2VHXo7sZ7DitId5r5i+3tSZmnmgQ49+22fa18PNN/wjhp/sNc+1Jw/P1Uzb/59p+rV6m1H/46qd/+7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5S/uoTvOPnfkGBg1GEwZTHs+auRxaPebb9ptw+HH4dfzr7n3tU/1eJ/ihs67dvKUMVeve8dRm89/7DKn3nPAf8HZ85//Cerfadh/juPHDQbbb/RUD6Wegjr/3eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvLX9xDd5x97sjTUY8uHbV7xwU2dN61k6eMuXrdO47afP5jlzn1ngOe6gH9uz2B/x75Yxb/PfPHLP4fzx+z+H8if8ziv1f+mMX/k/ljFv+988cs/p/KH7P4fzp/zOK/T/6YxX/f/DGL/375Yxb/z+SPWfw/mz9m8f9c/pjFf//8MYv/AfljFv/P549Z/A/MH7P4H5Q/ZvH/Qv6Yxf/g/DGL/yH5Yxb/L+aPWfy/lD9m8f9y/pjF/yv5Yxb/r+aPWfy/lj9m8f96/pjF/xv5Yxb/Q/PHLP6H5Y9Z/A/PH7P4H5E/ZvE/Mn/M4n9U/pjF/+j8MYv/MfljFv9j88cs/sflj1n8j88fs/h/M3/M4n9C/pjF/8T8MYv/SfljFv+T88cs/qfkj1n8v5U/ZvH/dv6Yxf/U/DGL/2n5Yxb/0/PHLP5n5I9Z/L+TP2bxPzN/zOJ/Vv6Yxf/s/DGL/3fzxyz+38sfs/ifkz9m8T83f8zif17+mMX//Pwxi/8F+WMW/+/nj1n8f5A/ZvH/Yf6Yxf9H+WMW/x/nj1n8f5I/ZvG/MH/M4n9R/pjF/6f5Yxb/i/PHLP4/yx+z+F+SP2bxvzR/zOJ/Wf6Yxf/y/DGL/xX5Yxb/K/PHLP5X5Y9Z/H+eP2bx/0X+mMX/l/ljFv9f5Y9Z/K/OH7P4X5M/ZvH/df6Yxf83+WMW/2vzxyz+v80fs/hflz9m8b8+f8zif0P+mMX/d/ljFv8b88cs/jflj1n8b84fs/j/Pn/M4v+H/DGL/x/zxyz+t+SPWfz/lD9m8b81f8zif1v+mMX/9vwxi/8d+WMW/z/nj1n878wfs/jflT9m8f9L/pjF/+78MYv/X/PHLP5/yx+z+P89f8zi/4/8MYv/PfljFv9788cs/vflj1n8788fs/g/kD9m8Z+SP2bxfzB/zOL/UP6YxX9q/pjEf5ZB/pjFfyh/zOI/Kn/M4j9L/pjFf9b8MYv/6Pwxi/9s+WMW/9nzxyz+c+SPWfznzB+z+M+VP2bxnzt/zOI/T/6YxX/e/DGL/9Pyxyz+8+WPWfzH5I9Z/OfPH7P4j80fs/gvkD9m8V8wf8zi//T8MYv/M/LHLP7PzB+z+C+UP2bxf1b+mMV/4fwxi/+z88cs/s/JH7P4L5I/ZvF/bv6Yxf95+WMW/3H5Yxb/5+ePWfxfkP/jmnXk0eD/wvwxy/m/aP6YxX+x/DGL/4vyxyz+i+ePWfyXyB+z+L84f8zi/5L8MYv/S/PHLP4vyx+z+C+ZP2bxf3n+mMV/qfwxi//S+WMW/2Xyxyz+y+aPWfyXyx+z+C+fP2bxf0X+mMV/hfwxi/+K+WMW/5Xyxyz+K+ePWfxfmT9m8V8lf8ziv2r+mMX/VfljFv9X549Z/F+TP2bxH58/ZvGfkD9m8Z+YP2bxXy1/zOK/ev6YxX+N/DGL/6T8MYv/ZJX/LP/0mhb/NVX+/3wW/7Xyxyz+r80fs/i/Ln/M4r92/pjFf538MYv/uvljFv/X549Z/NfLH7P4vyF/zOK/fv6YxX+D/DGL/4b5Yxb/jfLHLP5vzB+z+G+cP2bx3yR/zOL/pvwxi/+b88cs/m/JH7P4vzV/zOL/tvwxi//b88cs/u/IH7P4b5o/ZvHfLH/M4r95/pjF/535Yxb/LfLHLP5b5o9Z/LfKH7P4b50/ZvF/V/6YxX+b/DGL/7vzxyz+78kfs/hvmz9m8d8uf8ziv33+mMV/h/wxi/9788cs/u/LH7P475g/ZvF/f/6YxX+n/DGL/wfyxyz+H8wfs/h/KH/M4r9z/pjFf5f8MYv/rvljFv8P549Z/D+SP2bx/2j+mMV/t/wxi//H8scs/rvnj1n898gfs/jvmT9m8f94/pjF/xP5Yxb/vfLHLP6fzB+z+O+dP2bx/1T+mMX/0/ljFv998scs/vvmj1n898sfs/h/Jn/M4v/Z/DGL/+fyxyz+++ePWfwPyB+z+H8+f8zif2D+mMX/oPwxi/8X8scs/gfnj1n8D8kfs/h/MX/M4v+l/DGL/5fzxyz+X8kfs/h/NX/M4v+1/DGL/9fzxyz+38gfs/gfmj9m8T8sf8zif3j+mMX/iPwxi/+R+WMW/6Pyxyz+R+ePWfyPyR+z+B+bP2bxPy5/zOJ/fP6Yxf+b+WMW/xPyxyz+J+aPWfxPyh+z+J+cP2bxPyV/zOL/rfwxi/+388cs/qfmj1n8T8sfs/ifnj9m8T8jf8zi/538MYv/mfljFv+z8scs/mfnj1n8v5s/ZvH/Xv6Yxf+c/DGL/7n5Yxb/8/LHLP7n549Z/C/IH7P4fz9/zOL/g/wxi/8P88cs/j/KH7P4/zh/zOL/k/wxi/+F+WMW/4vyxyz+P80fs/hfnD9m8f9Z/pjF/5L8MYv/pfljFv/L8scs/pfnj1n8r8gfs/hfmT9m8b8qf8zi//P8MYv/L/LHLP6/zB+z+P8qf8zif3X+mMX/mvwxi/+v88cs/r/JH7P4X5s/ZvH/bf6Yxf+6/DGL//X5Yxb/G/LHLP6/yx+z+N+YP2bxvyl/zOJ/c/6Yxf/3+WMW/z/kj1n8/5g/ZvG/JX/M4v+n/DGL/635Yxb/2/LHLP63549Z/O/IH7P4/zl/zOJ/Z/6Yxf+u/DGL/1/yxyz+d+ePWfz/mj9m8f9b/pjF/+/5Yxb/f+SPWfzvyR+z+N+bP2bxvy9/zOJ/f/6Yxf+B/DGL/5T8MYv/g/ljFv+H8scs/lPzxyT+sw7yxyz+Q/ljFv9R+WMW/1nyxyz+s+aPWfxH549Z/GfLH7P4z54/ZvGfI3/M4j9n/pjFf678MYv/3PljFv958scs/vPmj1n8n5Y/ZvGfL3/M4j8mf8ziP3/+mMV/bP6YxX+B/DGL/4L5Yxb/p+ePWfyfkT9m8X9m/pjFf6H8MYv/s/LHLP4L549Z/J+dP2bxf07+mMV/kfwxi/9z88cs/s/LH7P4j8sfs/g/P3/M4v+C/DGL/wvzxyz+i+aPWfwXyx+z+L8of8ziv3j+mMV/ifwxi/+L88cs/i/JH7P4vzR/zOL/svwxi/+S+WMW/5fnj1n8l8ofs/gvnT9m8V8mf8ziv2z+mMV/ufwxi//y+WMW/1fkj1n8V8gfs/ivmD9m8V8pf8ziv3L+mMX/lfljFv9V8scs/qvmj1n8X5U/ZvF/df6Yxf81+WMW//H5Yxb/CfljFv+J+WMW/9Xyxyz+q+ePWfzXyB+z+E/KH7P4T84fs/ivmT9m8V8rf8zi/9r8MYv/6/LHLP5r549Z/NfJH7P4r5s/ZvF/ff6YxX+9/DGL/xsGl+cPWfzX7/zHLP4b5I9Z/DfMH7P4b5Q/ZvF/Y/6YxX/j/DGL/yb5Yxb/N+WPWfzfnD9m8X9L/pjF/635Yxb/t+WPWfzfnj9m8X9H/pjFf9P8MYv/ZvljFv/N88cs/u/MH7P4b5E/ZvHfMn/M4r9V/pjFf+v8MYv/u/LHLP7b5I9Z/N+dP2bxf0/+mMV/2/wxi/92+WMW/+3zxyz+O+SPWfzfmz9m8X9f/pjFf8f8MYv/+/PHLP475Y9Z/D+QP2bx/2D+mMX/Q/ljFv+d88cs/rvkj1n8d80fs/h/OH/M4v+R/DGL/0fzxyz+u+WPWfw/lj9m8d89f8ziv0f+mMV/z/wxi//H88cs/p/IH7P475U/ZvH/ZP6YxX/v/DGL/6fyxyz+n84fs/jvkz9m8d83f8ziv1/+mMX/M/ljFv/P5o9Z/D+XP2bx3z9/zOJ/QP6Yxf/z+WMW/wPzxyz+B+WPWfy/kD9m8T84f8zif0j+mMX/i/ljFv8v5Y9Z/L+cP2bx/0r+mMX/q/ljFv+v5Y9Z/L+eP2bx/0b+mMX/0Pwxi/9h+WMW/8Pzxyz+R+SPWfyPzB+z+B+VP2bxPzp/zOJ/TP6Yxf/Y/DGL/3H5Yxb/4/PHLP7fzB+z+J+QP2bxPzF/zOJ/Uv6Yxf/k/DGL/yn5Yxb/b+WPWfy/nT9m8T81f8zif1r+mMX/9Pwxi/8Z+WMW/+/kj1n8z8wfs/iflT9m8T87f8zi/938MYv/9/LHLP7n5I9Z/M/NH7P4n5c/ZvE/P3/M4n9B/pjF//v5Yxb/H+SPWfx/mD9m8f9R/pjF/8f5Yxb/n+SPWfwvzB+z+F+UP2bx/2n+mMX/4vwxi//P8scs/pfkj1n8L80fs/hflj9m8b88f8zif0X+mMX/yvwxi/9V+WMW/5/nj1n8f5E/ZvH/Zf6Yxf9X+WMW/6vzxyz+1+SPWfx/nT9m8f9N/pjF/9r8MYv/b/PHLP7X5Y9Z/K/PH7P435A/ZvH/Xf6Yxf/G/DGL/035Yxb/m/PHLP6/zx+z+P8hf8zi/8f8MYv/LfljFv8/5Y9Z/G/NH7P435Y/ZvG/PX/M4n9H/pjF/8/5Yxb/O/PHLP535Y9Z/P+SP2bxvzt/zOL/1/wxi//f8scs/n/PH7P4/yN/zOJ/T/6Yxf/e/DGL/335Yxb/+/PHLP4P5I9Z/Kfkj1n8H8wfs/g/lD9m8Z+aPybxHz3IH7P4D+WPWfxH5Y9Z/GfJH7P4z5o/ZvEfnT9m8Z8tf8ziP3v+mMV/jvwxi/+c+WMW/7nyxyz+c+ePWfznyR+z+M+bP2bxf1r+mMV/vvwxi/+Y/DGL//z5Yxb/sfljFv8F8scs/gvmj1n8n54/ZvF/Rv6Yxf+Z+WMW/4Xyxyz+z8ofs/gvnD9m8X92/pjF/zn5Yxb/RfLHLP7PzR+z+D8vf8ziPy5/zOL//Pwxi/8L8scs/i/MH7P4L5o/ZvFfLH/M4v+i/DGL/+L5Yxb/JfLHLP4vzh+z+L8kf8zi/9L8MYv/y/LHLP5L5o9Z/F+eP2bxXyp/zOK/dP6YxX+Z/DGL/7L5Yxb/5fLHLP7L549Z/F+RP2bxXyF/zOK/Yv6YxX+l/DGL/8r5Yxb/V+aPWfxXyR+z+K+aP2bxf1X+mMX/1fljFv/X5I9Z/Mfnj1n8J+SPWfwn5o9Z/FfLH7P4r54/ZvFfI3/M4j8pf8ziPzl/zOK/Zv6YxX+t/DGL/2vzxyz+r8sfs/ivnT9m8V8nf8ziv27+mMX/9fljFv/18scs/m/IH7P4r58/ZvHfIH/M4r9h/pjFf6P8MYv/G/PHLP4b549Z/DfJH7P4vyl/zOL/5vwxi/9b8scs/m/NH7P4vy1/zOL/9vwxi/878scs/pvmj1n8N8sfs/hvnj9m8X9n/pjFf4v8MYv/lvljFv+t8scs/lvnj1n835U/ZvHfJn/M4v/u/DGL/3vyxyz+2+aPWfy3yx+z+G+fP2bx3yF/zOL/3vwxi//78scs/jvmj1n8358/ZvHfKX/M4v+B/DGL/wfzxyz+H8ofs/jvnD9m8d8lf8ziv2v+mMX/w/ljFv+P5I9Z/D+aP2bx3y1/zOL/sfwxi//u+WMW/z3yxyz+e+aPWfw/nj9m8f9E/pjFf6/8MYv/J/PHLP57549Z/D+VP2bx/3T+mMV/n/wxi/+++WMW//3yxyz+n8kfs/h/Nn/M4v+5/DGL//75Yxb/A/LHLP6fzx+z+B+YP2bxPyh/zOL/hfwxi//B+WMW/0Pyxyz+X8wfs/h/KX/M4v/l/DGL/1fyxyz+X80fs/h/LX/M4v/1/DGL/zfyxyz+h+aPWfwPyx+z+B+eP2bxPyJ/zOJ/ZP6Yxf+o/DGL/9H5Yxb/Y/LHLP7H5o9Z/I/LH7P4H58/ZvH/Zv6Yxf+E/DGL/4n5Yxb/k/LHLP4n549Z/E/JH7P4fyt/zOL/7fwxi/+p+WMW/9Pyxyz+p+ePWfzPyB+z+H8nf8zif2b+mMX/rPwxi//Z+WMW/+/mj1n8v5c/ZvE/J3/M4n9u/pjF/7z8MYv/+fljFv8L8scs/t/PH7P4/yB/zOL/w/wxi/+P8scs/j/OH7P4/yR/zOJ/Yf6Yxf+i/DGL/0/zxyz+F+ePWfx/lj9m8b8kf8zif2n+mMX/svwxi//l+WMW/yvyxyz+V+aPWfyvyh+z+P88f8zi/4v8MYv/L/PHLP6/yh+z+F+dP2bxvyZ/zOL/6/wxi/9v8scs/tfmj1n8f5s/ZvG/Ln/M4n99/pjF/4b8MYv/7/LHLP435o9Z/G/KH7P435w/ZvH/ff6Yxf8P+WMW/z/mj1n8b8kfs/j/KX/M4n9r/pjF/7b8MYv/7fljFv878scs/n/OH7P435k/ZvG/K3/M4v+X/DGL/935Yxb/v+aPWfz/lj9m8f97/pjF/x/5Yxb/e/LHLP735o9Z/O/LH7P4358/ZvF/IH/M4j8lf8zi/2D+mMX/ofwxi//U/DGJ/2yD/DGL/1D+mMV/VP6YxX+W/DGL/6z5Yxb/0fljFv/Z8scs/rPnj1n858gfs/jPmT9m8Z8rf8ziP3f+mMV/nvwxi/+8+WMW/6flj1n858sfs/iPyR+z+M+fP2bxH5s/ZvFfIH/M4r9g/pjF/+n5Yxb/Z+SPWfyfmT9m8V8of8zi/6z8MYv/wvljFv9n549Z/J+TP2bxXyR/zOL/3Pwxi//z8scs/uPyxyz+z88fs/i/IH/M4v/C/DGL/6L5Yxb/xfLHLP4vyh+z+C+eP2bxXyJ/zOL/4vwxi/9L8scs/i/NH7P4vyx/zOK/ZP6Yxf/l+WMW/6Xyxyz+S+ePWfyXyR+z+C+bP2bxXy5/zOK/fP6Yxf8V+WMW/xXyxyz+K+aPWfxXyh+z+K+cP2bxf2X+mMV/lfwxi/+q+WMW/1flj1n8X50/ZvF/Tf6YxX98/pjFf0L+mMV/Yv6YxX+1/DGL/+r5Yxb/NfLHLP6T8scs/pPzxyz+a+aPWfzXyh+z+L82f8zi/7r8MYv/2vljFv918scs/uvmj1n8X58/ZvFfL3/M4v+G/DGL//r5Yxb/DfLHLP4b5o9Z/DfKH7P4vzF/zOK/cf6YxX+T/DGL/5vyxyz+b84fs/i/JX/M4v/W/DGL/9vyxyz+b88fs/i/I3/M4r9p/pjFf7P8MYv/5vljFv935o9Z/LfIH7P4b5k/ZvHfKn/M4r91/pjF/135Yxb/bfLHLP7vzh+z+L8nf8ziv23+mMV/u/wxi//2+WMW/x3yxyz+780fs/i/L3/M4r9j/pjF//35Yxb/nfLHLP4fyB+z+H8wf8zi/6H8MYv/zvljFv9d8scs/rvmj1n8P5w/ZvH/SP6Yxf+j+WMW/93yxyz+H8sfs/jvnj9m8d8jf8ziv2f+mMX/4/ljFv9P5I9Z/PfKH7P4fzJ/zOK/d/6Yxf9T+WMW/0/nj1n898kfs/jvmz9m8d8vf8zi/5n8MYv/Z/PHLP6fyx+z+O+fP2bxPyB/zOL/+fwxi/+B+WMW/4Pyxyz+X8gfs/gfnD9m8T8kf8zi/8X8MYv/l/LHLP5fzh+z+H8lf8zi/9X8MYv/1/LHLP5fzx+z+H8jf8zif2j+mMX/sPwxi//h+WMW/yPyxyz+R+aPWfyPyh+z+B+dP2bxPyZ/zOJ/bP6Yxf+4/DGL//H5Yxb/b+aPWfxPyB+z+J+YP2bxPyl/zOJ/cv6Yxf+U/DGL/7fyxyz+384fs/ifmj9m8T8tf8zif3r+mMX/jPwxi/938scs/mfmj1n8z8ofs/ifnT9m8f9u/pjF/3v5Yxb/c/LHLP7n5o9Z/M/LH7P4n58/ZvG/IH/M4v/9/DGL/w/yxyz+P8wfs/j/KH/M4v/j/DGL/0/yxyz+F+aPWfwvyh+z+P80f8zif3H+mMX/Z/ljFv9L8scs/pfmj1n8L8sfs/hfnj9m8b8if8zif2X+mMX/qvwxi//P88cs/r/IH7P4/zJ/zOL/q/wxi//V+WMW/2vyxyz+v84fs/j/Jn/M4n9t/pjF/7f5Yxb/6/LHLP7X549Z/G/IH7P4/y5/zOJ/Y/6Yxf+m/DGL/835Yxb/3+ePWfz/kD9m8f9j/pjF/5b8MYv/n/LHLP635o9Z/G/LH7P4354/ZvG/I3/M4v/n/DGL/535Yxb/u/LHLP5/yR+z+N+dP2bx/2v+mMX/b/ljFv+/549Z/P+RP2bxvyd/zOJ/b/6Yxf++/DGL//35Yxb/B/LHLP5T8scs/g/mj1n8H8ofs/hPzR+T+M8+yB+z+A/lj1n8R+WPWfxnyR+z+M+aP2bxH50/ZvGfLX/M4j97/pjFf478MYv/nPljFv+58scs/nPnj1n858kfs/jPmz9m8X9a/pjFf778MYv/mPwxi//8+WMW/7H5Yxb/BfLHLP4L5o9Z/J+eP2bxf0b+mMX/mfljFv+F8scs/s/KH7P4L5w/ZvF/dv6Yxf85+WMW/0Xyxyz+z80fs/g/L3/M4j8uf8zi//z8MYv/C/LHLP4vzB+z+C+aP2bxXyx/zOL/ovwxi//i+WMW/yXyxyz+L84fs/i/JH/M4v/S/DGL/8vyxyz+S+aPWfxfnj9m8V8qf8ziv3T+mMV/mfwxi/+y+WMW/+Xyxyz+y+ePWfxfkT9m8V8hf8ziv2L+mMV/pfwxi//K+WMW/1fmj1n8V8kfs/ivmj9m8X9V/pjF/9X5Yxb/1+SPWfzH549Z/Cfkj1n8J+aPWfxXyx+z+K+eP2bxXyN/zOI/KX/M4j85f8ziv2b+mMV/rfwxi/9r88cs/q/LH7P4r50/ZvFfJ3/M4r9u/pjF//X5Yxb/9fLHLP5vyB+z+K+fP2bx3yB/zOK/Yf6YxX+j/DGL/xvzxyz+G+ePWfw3yR+z+L8pf8zi/+b8MYv/W/LHLP5vzR+z+L8tf8zi//b8MYv/O/LHLP6b5o9Z/DfLH7P4b54/ZvF/Z/6YxX+L/DGL/5b5Yxb/rfLHLP5b549Z/N+VP2bx3yZ/zOL/7vwxi/978scs/tvmj1n8t8sfs/hvnz9m8d8hf8zi/978MYv/+/LHLP475o9Z/N+fP2bx3yl/zOL/gfwxi/8H88cs/h/KH7P475w/ZvHfJX/M4r9r/pjF/8P5Yxb/j+SPWfw/mj9m8d8tf8zi/7H8MYv/7vljFv898scs/nvmj1n8P54/ZvH/RP6YxX+v/DGL/yfzxyz+e+ePWfw/lT9m8f90/pjFf5/8MYv/vvljFv/98scs/p/JH7P4fzZ/zOL/ufwxi//++WMW/wPyxyz+n88fs/gfmD9m8T8of8zi/4X8MYv/wfljFv9D8scs/l/MH7P4fyl/zOL/5fwxi/9X8scs/l/NH7P4fy1/zOL/9fwxi/838scs/ofmj1n8D8sfs/gfnj9m8T8if8zif2T+mMX/qPwxi//R+WMW/2Pyxyz+x+aPWfyPyx+z+B+fP2bx/2b+mMX/hPwxi/+J+WMW/5Pyxyz+J+ePWfxPyR+z+H8rf8zi/+38MYv/qfljFv/T8scs/qfnj1n8z8gfs/h/J3/M4n9m/pjF/6z8MYv/2fljFv/v5o9Z/L+XP2bxPyd/zOJ/bv6Yxf+8/DGL//n5Yxb/C/LHLP7fzx+z+P8gf8zi/8P8MYv/j/LHLP4/zh+z+P8kf8zif2H+mMX/ovwxi/9P88cs/hfnj1n8f5Y/ZvG/JH/M4n9p/pjF/7L8MYv/5fljFv8r8scs/lfmj1n8r8ofs/j/PH/M4v+L/DGL/y/zxyz+v8ofs/hfnT9m8b8mf8zi/+v8MYv/b/LHLP7X5o9Z/H+bP2bxvy5/zOJ/ff6Yxf+G/DGL/+/yxyz+N+aPWfxvyh+z+N+cP2bx/33+mMX/D/ljFv8/5o9Z/G/JH7P4/yl/zOJ/a/6Yxf+2/DGL/+35Yxb/O/LHLP5/zh+z+N+ZP2bxvyt/zOL/l/wxi//d+WMW/7/mj1n8/5Y/ZvH/e/6Yxf8f+WMW/3vyxyz+9+aPWfzvyx+z+N+fP2bxfyB/zOI/JX/M4v9g/pjF/6H8MYv/1Pwxif8cg/wxi/9Q/pjFf1T+mMV/lvwxi/+s+WMW/9H5Yxb/2fLHLP6z549Z/OfIH7P4z5k/ZvGfK3/M4j93/pjFf578MYv/vPljFv+n5Y9Z/OfLH7P4j8kfs/jPnz9m8R+bP2bxXyB/zOK/YP6Yxf/p+WMW/2fkj1n8n5k/ZvFfKH/M4v+s/DGL/8L5Yxb/Z+ePWfyfkz9m8V8kf8zi/9z8MYv/8/LHLP7j8scs/s/PH7P4vyB/zOL/wvwxi/+i+WMW/8Xyxyz+L8ofs/gvnj9m8V8if8zi/+L8MYv/S/LHLP4vzR+z+L8sf8ziv2T+mMX/5fljFv+l8scs/kvnj1n8l8kfs/gvmz9m8V8uf8ziv3z+mMX/FfljFv8V8scs/ivmj1n8V8ofs/ivnD9m8X9l/pjFf5X8MYv/qvljFv9X5Y9Z/F+dP2bxf03+mMV/fP6YxX9C/pjFf2L+mMV/tfwxi//q+WMW/zXyxyz+k/LHLP6T88cs/mvmj1n818ofs/i/Nn/M4v+6/DGL/9r5Yxb/dfLHLP7r5o9Z/F+fP2bxXy9/zOL/hvwxi//6+WMW/w3yxyz+G+aPWfw3yh+z+L8xf8ziv3H+mMV/k/wxi/+b8scs/m/OH7P4vyV/zOL/1vwxi//b8scs/m/PH7P4vyN/zOK/af6YxX+z/DGL/+b5Yxb/d+aPWfy3yB+z+G+ZP2bx3yp/zOK/df6Yxf9d+WMW/23yxyz+784fs/i/J3/M4r9t/pjFf7v8MYv/9vljFv8d8scs/u/NH7P4vy9/zOK/Y/6Yxf/9+WMW/53yxyz+H8gfs/h/MH/M4v+h/DGL/875Yxb/XfLHLP675o9Z/D+cP2bx/0j+mMX/o/ljFv/d8scs/h/LH7P4754/ZvHfI3/M4r9n/pjF/+P5Yxb/T+SPWfz3yh+z+H8yf8ziv3f+mMX/U/ljFv9P549Z/PfJH7P475s/ZvHfL3/M4v+Z/DGL/2fzxyz+n8sfs/jvnz9m8T8gf8zi//n8MYv/gfljFv+D8scs/l/IH7P4H5w/ZvE/JH/M4v/F/DGL/5fyxyz+X84fs/h/JX/M4v/V/DGL/9fyxyz+X88fs/h/I3/M4n9o/pjF/7D8MYv/4fljFv8j8scs/kfmj1n8j8ofs/gfnT9m8T8mf8zif2z+mMX/uPwxi//x+WMW/2/mj1n8T8gfs/ifmD9m8T8pf8zif3L+mMX/lPwxi/+38scs/t/OH7P4n5o/ZvE/LX/M4n96/pjF/4z8MYv/d/LHLP5n5o9Z/M/KH7P4n50/ZvH/bv6Yxf97+WMW/3Pyxyz+5+aPWfzPyx+z+J+fP2bxvyB/zOL//fwxi/8P8scs/j/MH7P4/yh/zOL/4/wxi/9P8scs/hfmj1n8L8ofs/j/NH/M4n9x/pjF/2f5Yxb/S/LHLP6X5o9Z/C/LH7P4X54/ZvG/In/M4n9l/pjF/6r8MYv/z/PHLP6/yB+z+P8yf8zi/6v8MYv/1fljFv9r8scs/r/OH7P4/yZ/zOJ/bf6Yxf+3+WMW/+vyxyz+1+ePWfxvyB+z+P8uf8zif2P+mMX/pvwxi//N+WMW/9/nj1n8/5A/ZvH/Y/6Yxf+W/DGL/5/yxyz+t+aPWfxvyx+z+N+eP2bxvyN/zOL/5/wxi/+d+WMW/7vyxyz+f8kfs/jfnT9m8f9r/pjF/2/5Yxb/v+ePWfz/kT9m8b8nf8zif2/+mMX/vvwxi//9+WMW/wfyxyz+U/LHLP4P5o9Z/B/KH7P4T80fk/jPOcgfs/gP5Y9Z/Eflj1n8Z8kfs/jPmj9m8R+dP2bxny1/zOI/e/6YxX+O/DGL/5z5Yxb/ufLHLP5z549Z/OfJH7P4z5s/ZvF/Wv6YxX++/DGL/5j8MYv//PljFv+x+WMW/wXyxyz+C+aPWfyfnj9m8X9G/pjF/5n5Yxb/hfLHLP7Pyh+z+C+cP2bxf3b+mMX/OfljFv9F8scs/s/NH7P4Py9/zOI/Ln/M4v/8/DGL/wvyxyz+L8wfs/gvmj9m8V8sf8zi/6L8MYv/4vljFv8l8scs/i/OH7P4vyR/zOL/0vwxi//L8scs/kvmj1n8X54/ZvFfKn/M4r90/pjFf5n8MYv/svljFv/l8scs/svnj1n8X5E/ZvFfIX/M4r9i/pjFf6X8MYv/yvljFv9X5o9Z/FfJH7P4r5o/ZvF/Vf6Yxf/V+WMW/9fkj1n8x+ePWfwn5I9Z/Cfmj1n8V8sfs/ivnj9m8V8jf8ziPyl/zOI/OX/M4r9m/pjFf638MYv/a/PHLP6vyx+z+K+dP2bxXyd/zOK/bv6Yxf/1+WMW//Xyxyz+b8gfs/ivnz9m8d8gf8ziv2H+mMV/o/wxi/8b88cs/hvnj1n8N8kfs/i/KX/M4v/m/DGL/1vyxyz+b80fs/i/LX/M4v/2/DGL/zvyxyz+m+aPWfw3yx+z+G+eP2bxf2f+mMV/i/wxi/+W+WMW/63yxyz+W+ePWfzflT9m8d8mf8zi/+78MYv/e/LHLP7b5o9Z/LfLH7P4b58/ZvHfIX/M4v/e/DGL//vyxyz+O+aPWfzfnz9m8d8pf8zi/4H8MYv/B/PHLP4fyh+z+O+cP2bx3yV/zOK/a/6Yxf/D+WMW/4/kj1n8P5o/ZvHfLX/M4v+x/DGL/+75Yxb/PfLHLP575o9Z/D+eP2bx/0T+mMV/r/wxi/8n88cs/nvnj1n8P5U/ZvH/dP6YxX+f/DGL/775Yxb//fLHLP6fyR+z+H82f8zi/7n8MYv//vljFv8D8scs/p/PH7P4H5g/ZvE/KH/M4v+F/DGL/8H5Yxb/Q/LHLP5fzB+z+H8pf8zi/+X8MYv/V/LHLP5fzR+z+H8tf8zi//X8MYv/N/LHLP6H5o9Z/A/LH7P4H54/ZvE/In/M4n9k/pjF/6j8MYv/0fljFv9j8scs/sfmj1n8j8sfs/gfnz9m8f9m/pjF/4T8MYv/ifljFv+T8scs/ifnj1n8T8kfs/h/K3/M4v/t/DGL/6n5Yxb/0/LHLP6n549Z/M/IH7P4fyd/zOJ/Zv6Yxf+s/DGL/9n5Yxb/7+aPWfy/lz9m8T8nf8zif27+mMX/vPwxi//5+WMW/wvyxyz+388fs/j/IH/M4v/D/DGL/4/yxyz+P84fs/j/JH/M4n9h/pjF/6L8MYv/T/PHLP4X549Z/H+WP2bxvyR/zOJ/af6Yxf+y/DGL/+X5Yxb/K/LHLP5X5o9Z/K/KH7P4/zx/zOL/i/wxi/8v88cs/r/KH7P4X50/ZvG/Jn/M4v/r/DGL/2/yxyz+1+aPWfx/mz/2WP/RT/Vw/v2ewP+6/DHL+X99/pjF/4b8MYv/7/LHLP435o9Z/G/KH7P435w/ZvH/ff6Yxf8P+WMW/z/mj1n8b8kfs/j/KX/M4n9r/pjF/7b8MYv/7fljFv878scs/n/OH7P435k/ZvG/K3/M4v+X/DGL/935Yxb/v+aPWfz/lj9m8f97/pjF/x/5Yxb/e/LHLP735o9Z/O/LH7P4358/ZvF/IH/M4j8lf8zi/2D+mMX/ofwxi//U/DGJ/1yD/DGL/1D+mMV/VP6YxX+W/DGL/6z5Yxb/0fljFv/Z8scs/rPnj1n858gfs/jPmT9m8Z8rf+y/33+OR97K//H99/s/3Fzz5I9Z/OfNH7P4Py1/zOI/X/6YxX9M/pjFf/78MYv/2Pwxi/8C+WMW/wXzxyz+T88fs/g/I3/M4v/M/DGL/0L5Yxb/Z+WPWfwXzh+z+D87f8zi/5z8MYv/IvljFv/n5o9Z/J+XP2bxH5c/ZvF/fv6Yxf8F+WMW/xfmj1n8F80fs/gvlj9m8X9R/pjFf/H8MYv/EvljFv8X549Z/F+SP2bxf2n+mMX/ZfljFv8l88cs/i/PH7P4L5U/ZvFfOn/M4r9M/pjFf9n8MYv/cvljFv/l88cs/q/IH7P4r5A/ZvFfMX/M4r9S/pjFf+X8MYv/K/PHLP6r5I9Z/FfNH7P4vyp/zOL/6vwxi/9r8scs/uPzxyz+E/LHLP4T88cs/qvlj1n8V88fs/ivkT9m8Z+UP2bxn5w/ZvFfM3/M4r9W/pjF/7X5Yxb/1+WPWfzXzh+z+K+TP2bxXzd/zOL/+vwxi/96+WMW/zfkj1n8188fs/hvkD9m8d8wf8ziv1H+mMX/jfljFv+N88cs/pvkj1n835Q/ZvF/c/6Yxf8t+WMW/7fmj1n835Y/ZvF/e/6Yxf8d+WMW/03zxyz+m+WPWfw3zx+z+L8zf8ziv0X+mMV/y/wxi/9W+WMW/63zxyz+78ofs/hvkz9m8X93/pjF/z35Yxb/bfPHLP7b5Y9Z/LfPH7P475A/ZvF/b/6Yxf99+WMW/x3zxyz+788fs/jvlD9m8f9A/pjF/4P5Yxb/D+WPWfx3zh+z+O+SP2bx3zV/zOL/4fwxi/9H8scs/h/NH7P475Y/ZvH/WP6YxX/3/DGL/x75Yxb/PfPHLP4fzx+z+H8if8ziv1f+mMX/k/ljFv+988cs/p/KH7P4fzp/zOK/T/6YxX/f/DGL/375Yxb/z+SPWfw/mz9m8f9c/pjFf//8MYv/AfljFv/P549Z/A/MH7P4H5Q/ZvH/Qv6Yxf/g/DGL/yH5Yxb/L+aPWfy/lD9m8f9y/pjF/yv5Yxb/r+aPWfy/lj9m8f96/pjF/xv5Yxb/Q/PHLP6H5Y9Z/A/PH7P4H5E/ZvE/Mn/M4n9U/pjF/+j8MYv/MfljFv9j88cs/sflj1n8j88fs/h/M3/M4n9C/pjF/8T8MYv/SfljFv+T88cs/qfkj1n8v5U/ZvH/dv6Yxf/U/DGL/2n5Yxb/0/PHLP5n5I9Z/L+TP2bxPzN/zOJ/Vv6Yxf/s/DGL/3fzxyz+38sfs/ifkz9m8T83f8zif17+mMX//Pwxi/8F+WMW/+/nj1n8f5A/ZvH/Yf6Yxf9H+WMW/x/nj1n8f5I/ZvG/MH/M4n9R/pjF/6f5Yxb/i/PHLP4/yx+z+F+SP2bxvzR/zOJ/Wf6Yxf/y/DGL/xX5Yxb/K/PHLP5X5Y9Z/H+eP2bx/0X+mMX/l/ljFv9f5Y9Z/K/OH7P4X5M/ZvH/df6Yxf83+WMW/2vzxyz+v80fs/hflz9m8b8+f8zif0P+mMX/d/ljFv8b88cs/jflj1n8b84fs/j/Pn/M4v+H/DGL/x/zxyz+t+SPWfz/lD9m8b81f8zif1v+mMX/9vwxi/8d+WMW/z/nj1n878wfs/jflT9m8f9L/pjF/+78MYv/X/PHLP5/yx+z+P89f8zi/4/8MYv/PfljFv9788cs/vflj1n8788fs/g/kD9m8Z+SP2bxfzB/zOL/UP6YxX9q/pjEf+5B/pjFfyh/zOI/Kn/M4j9L/pjFf9b8MYv/6Pwxi/9s+WMW/9nzxyz+c+SPWfznzB+z+M+VP2bxnzt/zOI/T/6YxX/e/DGL/9Pyxyz+8+WPWfzH5I9Z/OfPH7P4j80fs/gvkD9m8V8wf8zi//T8MYv/M/LHLP7PzB+z+C+UP2bxf1b+mMV/4fwxi/+z88cs/s/JH7P4L5I/ZvF/bv6Yxf95+WMW/3H5Yxb/5+ePWfxfkD9m8X9h/pjFf9H8MYv/YvljFv8X5Y9Z/BfPH7P4L5E/ZvF/cf6Yxf8l+WMW/5fmj1n8X5Y/ZvFfMn/M4v/y/DGL/1L5Yxb/pfPHLP7L5I9Z/JfNH7P4L5c/ZvFfPn/M4v+K/DGL/wr5Yxb/FfPHLP4r5Y9Z/FfOH7P4vzJ/zOK/Sv6YxX/V/DGL/6vyxyz+r84fs/i/Jn/M4j8+f8ziPyF/zOI/MX/M4r9a/pjFf/X8MYv/GvljFv9J+WMW/8n5Yxb/NfPHLP5r5Y9Z/F+bP2bxf13+mMV/7fwxi/86+WMW/3Xzxyz+r88fs/ivlz9m8X9D/pjFf/38MYv/BvljFv8N88cs/hvlj1n835g/ZvHfOH/M4r9J/pjF/035Yxb/N+ePWfzfkj9m8X9r/pjF/235Yxb/t+ePWfzfkT9m8d80f8ziv1n+mMV/8/wxi/8788cs/lvkj1n8t8wfs/hvlT9m8d86f8zi/678MYv/NvljFv93549Z/N+TP2bx3zZ/zOK/Xf6YxX/7/DGL/w75Yxb/9+aPWfzflz9m8d8xf8zi//78MYv/TvljFv8P5I9Z/D+YP2bx/1D+mMV/5/wxi/8u+WMW/13zxyz+H84fs/h/JH/M4v/R/DGL/275Yxb/j+WPWfx3zx+z+O+RP2bx3zN/zOL/8fwxi/8n8scs/nvlj1n8P5k/ZvHfO3/M4v+p/DGL/6fzxyz+++SPWfz3zR+z+O+XP2bx/0z+mMX/s/ljFv/P5Y9Z/PfPH7P4H5A/ZvH/fP6Yxf/A/DGL/0H5Yxb/L+SPWfwPzh+z+B+SP2bx/2L+mMX/S/ljFv8v549Z/L+SP2bx/2r+mMX/a/ljFv+v549Z/L+RP2bxPzR/zOJ/WP6Yxf/w/DGL/xH5Yxb/I/PHLP5H5Y9Z/I/OH7P4H5M/ZvE/Nn/M4n9c/pjF//j8MYv/N/PHLP4n5I9Z/E/MH7P4n5Q/ZvE/OX/M4n9K/pjF/1v5Yxb/b+ePWfxPzR+z+J+WP2bxPz1/zOJ/Rv6Yxf87+WMW/zPzxyz+Z+WPWfzPzh+z+H83f8zi/738MYv/OfljFv9z88cs/uflj1n8z88fs/hfkD9m8f9+/pjF/wf5Yxb/H+aPWfx/lD9m8f9x/pjF/yf5Yxb/C/PHLP4X5Y9Z/H+aP2bxvzh/zOL/s/wxi/8l+WMW/0vzxyz+l+WPWfwvzx+z+F+RP2bxvzJ/zOJ/Vf6Yxf/n+WMW/1/kj1n8f5k/ZvH/Vf6Yxf/q/DGL/zX5Yxb/X+ePWfx/kz9m8b82f8zi/9v8MYv/dfljFv/r88cs/jfkj1n8f5c/ZvG/MX/M4n9T/pjF/+b8MYv/7/PHLP5/yB+z+P8xf8zif0v+mMX/T/ljFv9b88cs/rflj1n8b88fs/jfkT9m8f9z/pjF/878MYv/XfljFv+/5I9Z/O/OH7P4/zV/zOL/t/wxi//f88cs/v/IH7P435M/ZvG/N3/M4n9f/pjF//78MYv/A/ljFv8p+WMW/wfzxyz+D+WPWfyn5o9J/OcZ5I9Z/Ifyxyz+o/LHLP6z5I9Z/GfNH7P4j84fs/jPlj9m8Z89f8ziP0f+mMV/zvwxi/9c+WMW/7nzxyz+8+SPWfznzR+z+D8tf8ziP1/+mMV/TP6YxX/+/DGL/9j8MYv/AvljFv8F88cs/k/PH7P4PyN/zOL/zPwxi/9C+WMW/2flj1n8F84fs/g/O3/M4v+c/DGL/yL5Yxb/5+aPWfyflz9m8R+XP2bxf37+mMX/BfljFv8X5o9Z/BfNH7P4L5Y/ZvF/Uf6YxX/x/DGL/xL5Yxb/F+ePWfxfkj9m8X9p/pjF/2X5Yxb/JfPHLP4vzx+z+C+VP2bxXzp/zOK/TP6YxX/Z/DGL/3L5Yxb/5fPHLP6vyB+z+K+QP2bxXzF/zOK/Uv6YxX/l/DGL/yvzxyz+q+SPWfxXzR+z+L8qf8zi/+r8MYv/a/LHLP7j88cs/hPyxyz+E/PHLP6r5Y9Z/FfPH7P4r5E/ZvGflD9m8Z+cP2bxXzN/zOK/Vv6Yxf+1+WMW/9flj1n8184fs/ivkz9m8V83f8zi//r8MYv/evljFv835I9Z/NfPH7P4b5A/ZvHfMH/M4r9R/pjF/435Yxb/jfPHLP6b5I9Z/N+UP2bxf3P+mMX/LfljFv+35o9Z/N+WP2bxf3v+mMX/HfljFv9N88cs/pvlj1n8N88fs/i/M3/M4r9F/pjFf8v8MYv/VvljFv+t88cs/u/KH7P4b5M/ZvF/d/6Yxf89+WMW/23zxyz+2+WPWfy3zx+z+O+QP/aI/1Yn/1f7vzd/zHL+vy9/zOK/Y/6Yxf/9+WMW/53yxyz+H8gfs/h/MH/M4v+h/DGL/875Yxb/XfLHLP675o9Z/D+cP2bx/0j+mMX/o/ljFv/d8scs/h/LH7P4754/ZvHfI3/M4r9n/pjF/+P5Yxb/T+SPWfz3yh+z+H8yf8ziv3f+mMX/U/ljFv9P549Z/PfJH7P475s/ZvHfL3/M4v+Z/DGL/2fzxyz+n8sfs/jvnz9m8T8gf8zi//n8MYv/gfljFv+D8scs/l/IH7P4H5w/ZvE/JH/M4v/F/DGL/5fyxyz+X84fs/h/JX/M4v/V/DGL/9fyxyz+X88fs/h/I3/M4n9o/pjF/7D8MYv/4fljFv8j8scs/kfmj1n8j8ofs/gfnT9m8T8mf8zif2z+mMX/uPwxi//x+WMW/2/mj1n8T8gfs/ifmD9m8T8pf8zif3L+mMX/lPwxi/+38scs/t/OH7P4n5o/ZvE/LX/M4n96/pjF/4z8MYv/d/LHLP5n5o9Z/M/KH7P4n50/ZvH/bv6Yxf97+WMW/3Pyxyz+5+aPWfzPyx+z+J+fP2bxvyB/zOL//fwxi/8P8scs/j/MH7P4/yh/zOL/4/wxi/9P8scs/hfmj1n8L8ofs/j/NH/M4n9x/pjF/2f5Yxb/S/LHLP6X5o9Z/C/LH7P4X54/ZvG/In/M4n9l/pjF/6r8MYv/z/PHLP6/yB+z+P8yf8zi/6v8MYv/1fljFv9r8scs/r/OH7P4/yZ/zOJ/bf6Yxf+3+WMW/+vyxyz+1+ePWfxvyB+z+P8uf8zif2P+mMX/pvwxi//N+WMW/9/nj1n8/5A/ZvH/Y/6Yxf+W/DGL/5/yxyz+t+aPWfxvyx+z+N+eP2bxvyN/zOL/5/wxi/+d+WMW/7vyxyz+f8kfs/jfnT9m8f9r/pjF/2/5Yxb/v+ePWfz/kT9m8b8nf8zif2/+mMX/vvwxi//9+WMW/wfyxyz+U/LHLP4P5o9Z/B/KH7P4T80fk/jPO8gfs/gP5Y9Z/Eflj1n8Z8kfs/jPmj9m8R+dP2bxny1/zOI/e/6YxX+O/DGL/5z5Yxb/ufLHLP5z549Z/OfJH7P4z5s/ZvF/Wv6YxX++/DGL/5j8MYv//PljFv+x+WMW/wXyxyz+C+aPWfyfnj9m8X9G/pjF/5n5Yxb/hfLHLP7Pyh+z+C+cP2bxf3b+mMX/OfljFv9F8scs/s/NH7P4Py9/zOI/Ln/M4v/8/DGL/wvyxyz+L8wfs/gvmj9m8V8sf8zi/6L8MYv/4vljFv8l8scs/i/OH7P4vyR/zOL/0vwxi//L8scs/kvmj1n8X54/ZvFfKn/M4r90/pjFf5n8MYv/svljFv/l8scs/svnj1n8X5E/ZvFfIX/M4r9i/pjFf6X8MYv/yvljFv9X5o9Z/FfJH7P4r5o/ZvF/Vf6Yxf/V+WMW/9fkj1n8x+ePWfwn5I9Z/Cfmj1n8V8sfs/ivnj9m8V8jf8ziPyl/zOI/OX/M4r9m/pjFf638MYv/a/PHLP6vyx+z+K+dP2bxXyd/zOK/bv6Yxf/1+WMW//Xyxyz+b8gfs/ivnz9m8d8gf8ziv2H+mMV/o/wxi/8b88cs/hvnj1n8N8kfs/i/KX/M4v/m/DGL/1vyxyz+b80fs/i/LX/M4v/2/DGL/zvyxyz+m+aPWfw3yx+z+G+eP2bxf2f+mMV/i/wxi/+W+WMW/63yxyz+W+ePWfzflT9m8d8mf8zi/+78MYv/e/LHLP7b5o9Z/LfLH7P4b58/ZvHfIX/M4v/e/DGL//vyxyz+O+aPWfzfnz9m8d8pf8zi/4H8MYv/B/PHLP4fyh+z+O+cP2bx3yV/zOK/a/6Yxf/D+WMW/4/kj1n8P5o/ZvHfLX/M4v+x/DGL/+75Yxb/PfLHLP575o9Z/D+eP2bx/0T+mMV/r/wxi/8n88cs/nvnj1n8P5U/ZvH/dP6YxX+f/DGL/775Yxb//fLHLP6fyR+z+H82f8zi/7n8MYv//vljFv8D8scs/p/PH7P4H5g/ZvE/KH/M4v+F/DGL/8H5Yxb/Q/LHLP5fzB+z+H8pf8zi/+X8MYv/V/LHLP5fzR+z+H8tf8zi//X8MYv/N/LHLP6H5o9Z/A/LH7P4H54/ZvE/In/M4n9k/pjF/6j8MYv/0fljFv9j8scs/sfmj1n8j8sfs/gfnz9m8f9m/pjF/4T8MYv/ifljFv+T8scs/ifnj1n8T8kfs/h/K3/M4v/t/DGL/6n5Yxb/0/LHLP6n549Z/M/IH7P4fyd/zOJ/Zv6Yxf+s/DGL/9n5Yxb/7+aPWfy/lz9m8T8nf8zif27+mMX/vPwxi//5+WMW/wvyxyz+388fs/j/IH/M4v/D/DGL/4/yxyz+P84fs/j/JH/M4n9h/pjF/6L8MYv/T/PHLP4X549Z/H+WP2bxvyR/zOJ/af6Yxf+y/DGL/+X5Yxb/K/LHLP5X5o9Z/K/KH7P4/zx/zOL/i/wxi/8v88cs/r/KH7P4X50/ZvG/Jn/M4v/r/DGL/2/yxyz+1+aPWfx/mz9m8b8uf8zif33+mMX/hvwxi//v8scs/jfmj1n8b8ofs/jfnD9m8f99/pjF/w/5Yxb/P+aPWfxvyR+z+P8pf8zif2v+mMX/tvwxi//t+WMW/zvyxyz+f84fs/jfmT9m8b8rf8zi/5f8MYv/3fljFv+/5o9Z/P+WP2bx/3v+mMX/H/ljFv978scs/vfmj1n878sfs/jfnz9m8X8gf8ziPyV/zOL/YP6Yxf+h/DGL/9T8MYn/0wb5Yxb/ofwxi/+o/DGL/yz5Yxb/WfPHLP6j88cs/rPlj1n8Z88fs/jPkT9m8Z8zf8ziP1f+mMV/7vwxi/88+WMW/3nzxyz+T8sfs/jPlz9m8R+TP2bxnz9/zOI/Nn/M4r9A/pjFf8H8MYv/0/PHLP7PyB+z+D8zf8ziv1D+mMX/WfljFv+F88cs/s/OH7P4Pyd/zOK/SP6Yxf+5+WMW/+flj1n8x+WPWfyfnz9m8X9B/pjF/4X5Yxb/RfPHLP6L5Y9Z/F+UP2bxXzx/zOK/RP6Yxf/F+WMW/5fkj1n8X5o/ZvF/Wf6YxX/J/DGL/8vzxyz+S+WPWfyXzh+z+C+TP2bxXzZ/zOK/XP6YxX/5/DGL/yvyxyz+K+SPWfxXzB+z+K+UP2bxXzl/zOL/yvwxi/8q+WMW/1Xzxyz+r8ofs/i/On/M4v+a/DGL//j8MYv/hPwxi//E/DGL/2r5Yxb/1UX+c/wL61r81xD5/ytZ/Cflj1n8J+ePWfzXzB+z+K+VP2bxf23+mMX/dfljFv+188cs/uvkj1n8180fs/i/Pn/M4r9e/pjF/w35Yxb/9fPHLP4b5I9Z/DfMH7P4b5Q/ZvF/Y/6YxX/j/DGL/yb5Yxb/N+WPWfzfnD9m8X9L/pjF/635Yxb/t+WPWfzfnj9m8X9H/pjFf9P8MYv/ZvljFv/N88cs/u/MH7P4b5E/ZvHfMn/M4r9V/pjFf+v8MYv/u/LHLP7b5I9Z/N+dP2bxf0/+mMV/2/wxi/92+WMW/+3zxyz+O+SPWfzfmz9m8X9f/pjFf8f8MYv/+/PHLP475Y9Z/D+QP2bx/2D+mMX/Q/ljFv+d88cs/rvkj1n8d80fs/h/OH/M4v+R/DGL/0fzxyz+u+WPWfw/lj9m8d89f8ziv0f+mMV/z/wxi//H88cs/p/IH7P475U/ZvH/ZP6YxX/v/DGL/6fyxyz+n84fs/jvkz9m8d83f8ziv1/+mMX/M/ljFv/P5o9Z/D+XP2bx3z9/zOJ/QP6Yxf/z+WMW/wPzxyz+B+WPWfy/kD9m8T84f8zif0j+mMX/i/ljFv8v5Y9Z/L+cP2bx/0r+mMX/q/ljFv+v5Y9Z/L+eP2bx/0b+mMX/0Pwxi/9h+WMW/8Pzxyz+R+SPWfyPzB+z+B+VP2bxPzp/zOJ/TP6Yxf/Y/DGL/3H5Yxb/4/PHLP7fzB+z+J+QP2bxPzF/zOJ/Uv6Yxf/k/DGL/yn5Yxb/b+WPWfy/nT9m8T81f8zif1r+mMX/9Pwxi/8Z+WMW/+/kj1n8z8wfs/iflT9m8T87f8zi/938MYv/9/LHLP7n5I9Z/M/NH7P4n5c/ZvE/P3/M4n9B/pjF//v5Yxb/H+SPWfx/mD9m8f9R/pjF/8f5Yxb/n+SPWfwvzB+z+F+UP2bx/2n+mMX/4vwxi//P8scs/pfkj1n8L80fs/hflj9m8b88f8zif0X+mMX/yvwxi/9V+WMW/5/nj1n8f5E/ZvH/Zf6Yxf9X+WMW/6vzxyz+1+SPWfx/nT9m8f9N/pjF/9r8MYv/b/PHLP7X5Y9Z/K/PH7P435A/ZvH/Xf6Yxf/G/DGL/035Yxb/m/PHLP6/zx+z+P8hf8zi/8f8MYv/LfljFv8/5Y9Z/G/NH7P435Y/ZvG/PX/M4n9H/pjF/8/5Yxb/O/PHLP535Y9Z/P+SP2bxvzt/zOL/1/wxi//f8scs/n/PH7P4/yN/zOJ/T/6Yxf/e/DGL/335Yxb/+/PHLP4P5I9Z/Kfkj1n8H8wfs/g/lD9m8Z+aPybxn2+QP2bxH8ofs/iPyh+z+M+SP2bxnzX/xzTLyKPFf3T+mMV/tvwxi//s+WMW/znyxyz+c+aPWfznyh+z+M+dP2bxnyd/zOI/b/6Yxf9p+WMW//nyxyz+Y/LHLP7z549Z/Mfmj1n8F8gfs/gvmD9m8X96/pjF/xn5Yxb/Z+aPWfwXyh+z+D8rf8ziv3D+mMX/2fljFv/n5I9Z/BfJH7P4Pzd/zOL/vPwxi/+4/DGL//Pzxyz+L8gfs/i/MH/M4r9o/pjFf7H8MYv/i/LHLP6L549Z/JfIH7P4vzh/zOL/kvwxi/9L88cs/i/LH7P4L5k/ZvF/ef6YxX+p/DGL/9L5Yxb/ZfLHLP7L5o9Z/JfLH7P4L58/ZvF/Rf6YxX+F/DGL/4r5Yxb/lfLHLP4r549Z/F+ZP2bxXyV/zOK/av6Yxf9V+WMW/1fnj1n8X5M/ZvEfnz9m8Z+QP2bxn5g/ZvFfLX/M4r96/pjFf438MYv/pPwxi//k/DGL/5r5Yxb/tfLHLP6vzR+z+L8uf8ziv3b+mMV/nfwxi/+6+WMW/9fnj1n818sfs/i/IX/M4r9+/pjFf4P8MYv/hvljFv+N8scs/m/MH7P4b5w/ZvHfJH/M4v+m/DGL/5vzxyz+b8kfs/i/NX/M4v+2/DGL/9vzxyz+78gfs/hvmj9m8d8sf8ziv3n+mMX/nfljFv8t8scs/lvmj1n8t8ofs/hvnT9m8X9X/pjFf5v8MYv/u/PHLP7vyR+z+G+bP2bx3y5/zOK/ff6YxX+H/DGL/3vzxyz+78sfs/jvmD9m8X9//pjFf6f8MYv/B/LHLP4fzB+z+H8of8ziv3P+mMV/l/wxi/+u+WMW/w/nj1n8P5I/ZvH/aP6YxX+3/DGL/8fyxyz+u+ePWfz3yB+z+O+ZP2bx///Yo6cEUAgACIDZeNm2bdu2bdv1kW3btm3btm3zAnuCduYKc6D/qOX/IP9Ry//B/qOW/0P8Ry3/h/qPWv4P8x+1/B/uP2r5P8J/1PJ/pP+o5f8o/1HL/9H+o5b/Y/xHLf/H+o9a/o/zH7X8H+8/avk/wX/U8n+i/6jl/yT/Ucv/yf6jlv9T/Ect/6f6j1r+T/Mftfyf7j9q+T/Df9Tyf6b/qOX/LP9Ry//Z/qOW/3P8Ry3/5/qPWv7P8x+1/J/vP2r5v8B/1PJ/of+o5f8i/1HL/8X+o5b/S/xHLf+X+o9a/i/zH7X8X+4/avm/wn/U8n+l/6jl/yr/Ucv/1f6jlv9r/Ect/9f6j1r+r/Mftfxf7z9q+b/Bf9Tyf6P/qOX/Jv9Ry//N/qOW/1v8Ry3/t/qPWv5v8x+1/N/uP2r5v8N/1PJ/p/+o5f8u/1HL/93+o5b/e/xHLf/3+o9a/u/zH7X83+8/avl/wH/U8v+g/6jl/yH/Ucv/w/6jlv9H/Ect/4/6j1r+H/Mftfw/7j9q+X/Cf9Ty/6T/qOX/Kf9Ry//T/qOW/2f8Ry3/z/qPWv6f8x+1/D/vP2r5f8F/1PL/ov+o5f8l/1HL/8v+o5b/V/xHLf+v+o9a/l/zH7X8v+4/avl/w3/U8v+m/6jl/y3/Ucv/2/6jlv93/Ect/+/6j1r+3/Mftfy/7z9q+f/Af9Ty/6H/qOX/I/9Ry//H/qOW/0/8Ry3/n/qPWv4/8x+1/H/uP2r5/8J/1PL/pf+o5f8r/1HL/9f+o5b/b/xHLf/f+o9a/r/zH7X8f+8/avn/wX/U8v+j/6jl/yf/Ucv/z/6jlv9f/Ect/7/6j1r+f/Mftfz/7j9q+f/Df9Ty/6f/qOX/L/9Ry//f/qOW/3/8Ry3///qPSv4HDOQ/avkf2H/U8j+I/6jlf1D/Ucv/YP6jlv/B/Uct/0P4j1r+h/QftfwP5T9q+R/af9TyP4z/qOV/WP9Ry/9w/qOW/+H9Ry3/I/iPWv5H9B+1/A/wH7X8j+Q/avkf2X/U8j+K/6jlf1T/Ucv/aP6jlv/R/Uct/2P4j1r+x/QftfyP5T9q+R/bf9TyP47/qOV/XP9Ry/94/qOW//H9Ry3/E/iPWv4n9B+1/E/kP2r5n9h/1PI/if+o5X9S/1HL/2T+o5b/yf1HLf9T+I9a/qf0H7X8T+U/avmf2n/U8j+N/6jlf1r/Ucv/dP6jlv/p/Uct/zP4j1r+Z/QftfzP5D9q+Z/Zf9TyP4v/qOV/Vv9Ry/9s/qOW/9n9Ry3/c/iPWv7n9B+1/M/lP2r5n9t/1PI/j/+o5X9e/1HL/3z+o5b/+f1HLf8L+I9a/hf0H7X8L+Q/avlf2H/U8r+I/6jlf1H/Ucv/Yv6jlv/F/Uct/0v4j1r+l/Qftfwv5T9q+V/af9Tyv4z/qOV/Wf9Ry/9y/qOW/+X9Ry3/K/iPWv5X9B+1/K/kP2r5X9l/1PK/iv+o5X9V/1HL/2r+o5b/1f1HLf9r+I9a/tf0H7X8r+U/avlf23/U8r+O/6jlf13/Ucv/ev6jlv/1/Uct/xv4j1r+N/Qftfxv5D9q+d/Yf9Tyv4n/qOV/U/9Ry/9m/qOW/839Ry3/W/iPWv639B+1/G/lP2r539p/1PK/jf+o5X9b/1HL/3b+o5b/7f1HLf87+I9a/nf0H7X87+Q/avnf2X/U8r+L/6jlf1f/Ucv/bv6jlv/d/Uct/3v4j1r+9/Qftfzv5T9q+d/bf9Tyv4//qOV/X/9Ry/9+/qOW//39Ry3/B/iP/nf/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAf+zbbWydZeHH8bvbOsb+/JMRF1yGJptcKCTCbPeQ8YKwydhWB914HgMc3dqNjXabXYddAffwYhIhPEgyyRIlypahhJnQSAwEK4ho0EVNNPgAiEIUjRMh6Ja4WHPa09Ieu8Zz1etalM/nRc+577Pfva3Jd/e9wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/ns1NC48Mr5m2KnxQw8+eLil73XO0ZU3H/htz4UDr+WPl41wyXFDD3p7e3vnPDd7R/nwlKIoSj/bzvLxpMpx6fo767/Q2X8UFvS8tOT4lJ83Hjmw5vRH6rqP3l/bd7a2uGndhtaWj40rinBxbdFZOqirKYqwuLa4r3RQXzpYUls8UjqY3XdwavHt0sH5aze3NpdOLI3+nsH/iobGncX4YcUWw/40GNr/zvpv3TnwOsolB642oSj3f0XX99+q+GzACfofuH5YWNl/1b9B4ISq6/+FBQOvo1zyX+7/k59a9cpIn524/4Hrh4/rH9IZ4fl/WKOVz/0Vz/8zRrjk4P6qmq7jpf4vve3ZmeVTE/6d5/93rx8urux/3LDn/9Jz/KKB5/9TiiJcMsZvB7ynNDTuOjLa/X/0/idMr9jUDO3/jPbN+0v9P77ke0+UT9VW2f+iUe7/45ZW/FqB6jQ0frm34v5fRf/FR0a45GD/bz/x64dL/T/2+wfOHPJZNf1fUtn/rI62LbO2bu86b0Nb0/qW9S2b6mbPnzOvvm7eBXNn9T0S9H8d43cF3hvGdv8vJldsaoqiZXB/TfeBp0v9z33wwTnlU5Oq7H/xqPf/Ge7/MKIPjSsmTiw6mzo62uv6vw4c1vd/7f9hI/Rfxd//zzqn/MNqy681RTFtcH/XmXevKPX/zqFnd5dPTayy/yWj9r9g8OcFIozx/t9csRnW/8FDL/U9/y+79+AZ5VPV/v1/6aj9v+r+D2PR0FjxP/z8h5X631VcFtlpaPDf/yCdHP0/9s4NPXHr8An9Qzo5+v/d546eG7cOy/QP6eTof8LGB56PW4dL9Q/p5Oh/+dT5K+LW4TL9Qzo5+l/76rl/jluHRv1DOjn6P+dLuzvj1mG5/iGdHP0/1D5nW9w6rNA/pJOj/5+e9tBrcetwuf4hnRz9Hzt2z41x63CF/iGdHP137zn7B3HrcKX+IZ0c/V++bmGIW4er9A/p5Oh/+rQ/Ph63DlfrH9LJ0f+8P/39tLh1uEb/kE6O/u/4/Ip9cetwrf4hnRz9j7/+lRfj1mGl/iGdHP0vPXvbwrh1uE7/kE6O/pt/0twbtw6r9A/p5Oh/1td/tCFuHa7XP6STo//Dyx/dE7cON+gf0snR/566YkrcOtyof0gnR/9f++7ph+LW4ZP6h3Ry9P+bp56cH7cOq/UP6eTo/7kP3P6NuHW4Sf+QTo7+713z4llx69Ckf0gnR/8P733+i3HrsEb/kE6O/t94o+3/4tZhrf4hnRz9T5506utx69Csf0gnR/8Lb/1Ke9w6tOgf0snRf9vu7h/GrcM6/UM6Ofr/8PFpq+LWYb3+IZ0c/a+cu/f9cetws/4hnRz9v2/Zhbvi1mGD/iGdHP1f1PPRi+LWYaP+IZ0c/Xc889mvxq3DLfqHdHL0v3fma4vj1qFV/5BOjv5fXr30x3Hr0KZ/SCdH/289et2muHXYpH9IJ0f/T/7s7WNx67BZ/5BOjv7//4JFf41bhy36h3Ry9L94yZtr49bhU/qHdHL0v7H7Hy/HrUO7/iGdHP3PPHz1srh12Kp/SCdH/985r25/3Dp06B/SydH/nVfuq49bh236h3Ry9L//4F13x63DrfqHdHL0/+YvZkyPW4dP6x/SydH//VMOXRu3Dp36h3Ry9P/LTbXPxK3Ddv1DOjn6/9u+qTvi1qFL/5BOjv6ffr3nD3HrcJv+IZ0c/a+e8KuJcetwu/4hnRz9T+3acl/cOtyhf0gnR//z72k6P24dPqN/SCdH/1v/8sI349Zhh/4hna3bu25pam1taffGG2+8GXxzsv9kAlJ7N/qT/SsBAAAAAAAAAAAAAABOJMc/JzrZv0cAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+yQ4cCAAAAAAA+b82QlVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVRV24FgAAAAAQJi/dRC9GwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBXAAAA//+O1eBI")
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x68942, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000280)={0x12, 0x3, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1e}, 0x94)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r3, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0)
preadv(r3, 0x0, 0x0, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

8m50.824598962s ago: executing program 5 (id=119):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socket$kcm(0x10, 0x2, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='status\x00')
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000400)={{r4, <r5=>0xffffffffffffffff}, &(0x7f0000000000), &(0x7f00000003c0)='%pK    \x00'}, 0x20)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000000c0)={r5, <r6=>0xffffffffffffffff}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x16, 0x10, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000ffff0b867b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r6, @ANYBLOB="0000000000000000b70500000800000085000000a500000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

8m47.112919647s ago: executing program 5 (id=127):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x60, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r0, 0x400455c8, 0x1)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)
syz_usb_connect(0x0, 0xfffffffffffffeea, 0x0, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$FS_IOC_GETFLAGS(0xffffffffffffffff, 0x80086601, &(0x7f0000001040))
eventfd(0x80000001)
syz_io_uring_setup(0x6ec7, 0x0, 0x0, 0x0)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(0xffffffffffffffff, 0x10e, 0x1, 0x0, 0x0)
r1 = syz_usb_connect(0x2, 0x2d, 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, 0x0)
syz_usb_ep_write$ath9k_ep1(r1, 0x82, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r1, 0x0, 0x0)
ioctl$DRM_IOCTL_ADD_CTX(0xffffffffffffffff, 0xc0086420, 0x0)
syz_open_dev$dri(0x0, 0x1ff, 0x80800)
socket$netlink(0x10, 0x3, 0x0)
ioctl$VHOST_RESET_OWNER(0xffffffffffffffff, 0xaf02, 0x0)
munmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000)

8m43.984058315s ago: executing program 5 (id=139):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000040)={0x2, &(0x7f0000000080)=[{0x6, 0x40, 0x0, 0x7fffffff}, {0x6, 0xff, 0xf, 0xfffff000}]})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r1, 0x40082104, 0x0)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0x7}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
r2 = socket(0x29, 0x800, 0x0)
connect$inet(r2, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x218, 0x0)
recvmmsg(r3, &(0x7f00000002c0)=[{{&(0x7f0000000180)=@generic, 0x80, &(0x7f0000000200)=[{&(0x7f0000000380)=""/154, 0x9a}, {&(0x7f0000000540)=""/140, 0x8c}, {&(0x7f0000000900)=""/4110, 0x100e}, {&(0x7f0000000600)=""/168, 0xa8}], 0x4}, 0xb9a2}], 0x1, 0x1412d99e9d7f1c8c, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0)
syz_usb_connect(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100008010bd40820514009dbb0000000109022400011b00000009040000022a3e74000905"], 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000240), 0xc2882, 0x0)
setsockopt$SO_RDS_TRANSPORT(r2, 0x114, 0x8, &(0x7f00000008c0)=0x2, 0x4)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f00006dbffc), 0x4)
write$vga_arbiter(0xffffffffffffffff, &(0x7f0000000500)=ANY=[@ANYBLOB="74617267657420503a383a31662e3100323c157e71e0af3709555ad966bf0ce8bc75f49ff42cbb85b77cd47e42ce9cbf"], 0x14)
bind$inet(r2, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
r5 = syz_usb_connect(0x0, 0x3f, 0x0, 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
syz_usb_disconnect(r5)
sendmsg$xdp(r2, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0006}]})
close_range(r6, 0xffffffffffffffff, 0x0)
syz_open_dev$sndctrl(0x0, 0x0, 0x0)

8m28.953024913s ago: executing program 33 (id=139):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000040)={0x2, &(0x7f0000000080)=[{0x6, 0x40, 0x0, 0x7fffffff}, {0x6, 0xff, 0xf, 0xfffff000}]})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r1, 0x40082104, 0x0)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0x7}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
r2 = socket(0x29, 0x800, 0x0)
connect$inet(r2, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x218, 0x0)
recvmmsg(r3, &(0x7f00000002c0)=[{{&(0x7f0000000180)=@generic, 0x80, &(0x7f0000000200)=[{&(0x7f0000000380)=""/154, 0x9a}, {&(0x7f0000000540)=""/140, 0x8c}, {&(0x7f0000000900)=""/4110, 0x100e}, {&(0x7f0000000600)=""/168, 0xa8}], 0x4}, 0xb9a2}], 0x1, 0x1412d99e9d7f1c8c, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0)
syz_usb_connect(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100008010bd40820514009dbb0000000109022400011b00000009040000022a3e74000905"], 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000240), 0xc2882, 0x0)
setsockopt$SO_RDS_TRANSPORT(r2, 0x114, 0x8, &(0x7f00000008c0)=0x2, 0x4)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f00006dbffc), 0x4)
write$vga_arbiter(0xffffffffffffffff, &(0x7f0000000500)=ANY=[@ANYBLOB="74617267657420503a383a31662e3100323c157e71e0af3709555ad966bf0ce8bc75f49ff42cbb85b77cd47e42ce9cbf"], 0x14)
bind$inet(r2, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
r5 = syz_usb_connect(0x0, 0x3f, 0x0, 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
syz_usb_disconnect(r5)
sendmsg$xdp(r2, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0006}]})
close_range(r6, 0xffffffffffffffff, 0x0)
syz_open_dev$sndctrl(0x0, 0x0, 0x0)

17.356364864s ago: executing program 3 (id=1894):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, 0x0, 0x0)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
ioctl$SIOCRSSL2CALL(0xffffffffffffffff, 0x89e2, &(0x7f0000000140)=@null)
prctl$PR_SET_IO_FLUSHER(0x43, 0x1)
prctl$PR_SET_IO_FLUSHER(0x43, 0x0)

13.003034086s ago: executing program 3 (id=1915):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='contention_begin\x00', r0, 0x0, 0xd}, 0x18)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f00000001c0), 0x80280, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x400, 0x0, 0x32}, 0x9c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f0000000200)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x0, 0x0, 0x0, 0x8a}, 0x9c)
setsockopt$inet6_buf(0xffffffffffffffff, 0x29, 0x20, 0x0, 0x0)
bind$inet6(r2, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r2, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
shutdown(r2, 0x2)

12.12665958s ago: executing program 3 (id=1919):
socket$netlink(0x10, 0x3, 0x0)
r0 = socket$kcm(0x10, 0x2, 0x4)
ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r1=>r0}, './file0\x00'})
r2 = getpid()
syz_pidfd_open(r2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x73656000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$igmp(0x2, 0x3, 0x2)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000000000"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x94)
r6 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$VIDIOC_REQBUFS(r6, 0xc0145608, &(0x7f0000000140)={0x3, 0xa, 0x2})
r7 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$VIDIOC_REQBUFS(r7, 0xc0585609, &(0x7f0000000040)={0x0, 0xa, 0x0, 0x0, 0x20})
open(&(0x7f0000000140)='./file0\x00', 0x33f, 0x0)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r8, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=ANY=[@ANYBLOB="28f67b00020301040000000000000000000004000800500100010000020900020000010001020000"], 0x28}, 0x1, 0x0, 0x0, 0x240c0850}, 0x8000)
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000040)=r1, 0x4)
sendmsg$inet(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000280)="5c00000012006bab9e3fe3d86e6c1d000014a10dfe000000000004b68675f8001d000a00a0e69ee517d34460bc24eab556a705251e6182949a36c23d3b48dfd8cdbf9367b4fa51f60a64c9f408000300", 0x50}, {&(0x7f0000000680)='\'', 0x1}], 0x2, 0x0, 0x0, 0x1f00c00e}, 0x0)
syz_open_dev$usbfs(0x0, 0x1ff, 0xa401)

11.058049119s ago: executing program 3 (id=1922):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$igmp(0x2, 0x3, 0x2)
r3 = syz_open_dev$vim2m(&(0x7f0000000000), 0x1000, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r3, 0xc0d05605, &(0x7f0000000040)={0x1, @pix={0xc2, 0x80000001, 0x35315258, 0x3, 0xff, 0x8, 0x2, 0x6, 0x0, 0x0, 0x1}})
mkdirat(0xffffffffffffff9c, 0x0, 0x110)
r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x6)
ioctl$sock_bt_hci(r4, 0x800448d2, &(0x7f0000000040))
mount$9p_virtio(0x0, 0x0, &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d61"])
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))
r5 = socket$kcm(0x2d, 0x2, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r5, 0x89e2, &(0x7f0000000340)={<r6=>r5})
ioctl$sock_kcm_SIOCKCMCLONE(r5, 0x89e2, &(0x7f0000000040)={r6})
mlockall(0x7)

8.276501094s ago: executing program 3 (id=1926):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000003c0)='io_uring_cqring_wait\x00', r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_io_uring_setup(0x6148, &(0x7f0000000340)={0x0, 0x13ea, 0x2, 0x2, 0x3c6}, &(0x7f0000000040), &(0x7f0000000140))
io_uring_enter(r3, 0x2241, 0x1b86, 0x1, 0x0, 0x0)

7.816322861s ago: executing program 6 (id=1927):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000008000000010001000900000001"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000ac0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b708000002001e007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000d00)='sched_switch\x00', r5}, 0x10)
r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000300)='net/igmp6\x00')
bpf$TOKEN_CREATE(0x24, &(0x7f0000000000)={0x0, r0}, 0x8)
preadv(r6, &(0x7f0000002400)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1, 0x39c5, 0x0)

6.660321053s ago: executing program 6 (id=1929):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x20000, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000001200)={0x0, 0xffffff1e, 0xffffffff, 0x4, 0x16, "001bf100eeff0000a2c2000100000000002000"})
socket$nl_route(0x10, 0x3, 0x0)
socket$can_raw(0x1d, 0x3, 0x1)
sendmsg$NL80211_CMD_DEL_PMKSA(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x40}, 0x400c1)
r1 = socket$l2tp(0x2, 0x2, 0x73)
bind$inet(r1, &(0x7f0000000000)={0x2, 0x0, @multicast1}, 0x10)
syz_emit_ethernet(0x0, 0x0, 0x0)
ioctl$sock_SIOCINQ(r1, 0x541b, 0x0)

6.46654113s ago: executing program 6 (id=1930):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff})
r1 = syz_io_uring_setup(0x1104, &(0x7f0000000300)={0x0, 0x0, 0x80, 0x0, 0x8000021e}, &(0x7f00000001c0)=<r2=>0x0, &(0x7f0000000040)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x200, 0x0, 0x1})
io_uring_enter(r1, 0x47fa, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f00000001c0)=@IORING_OP_RECVMSG={0xa, 0x20, 0x2, r0, 0x0, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0, 0x0, 0x1})

6.267291625s ago: executing program 2 (id=1932):
socket$netlink(0x10, 0x3, 0x0)
r0 = socket$kcm(0x10, 0x2, 0x4)
ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r1=>r0}, './file0\x00'})
r2 = getpid()
syz_pidfd_open(r2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x73656000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$igmp(0x2, 0x3, 0x2)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000000000"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x94)
r6 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$VIDIOC_REQBUFS(r6, 0xc0145608, &(0x7f0000000140)={0x3, 0xa, 0x2})
r7 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$VIDIOC_REQBUFS(r7, 0xc0585609, &(0x7f0000000040)={0x0, 0xa, 0x0, 0x0, 0x20})
open(&(0x7f0000000140)='./file0\x00', 0x33f, 0x0)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r8, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=ANY=[@ANYBLOB="28f67b00020301040000000000000000000004000800500100010000020900020000010001020000"], 0x28}, 0x1, 0x0, 0x0, 0x240c0850}, 0x8000)
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000040)=r1, 0x4)
sendmsg$inet(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000280)="5c00000012006bab9e3fe3d86e6c1d000014a10dfe000000000004b68675f8001d000a00a0e69ee517d34460bc24eab556a705251e6182949a36c23d3b48dfd8cdbf9367b4fa51f60a64c9f408000300", 0x50}, {&(0x7f0000000680)='\'', 0x1}], 0x2, 0x0, 0x0, 0x1f00c00e}, 0x0)
syz_open_dev$usbfs(0x0, 0x1ff, 0xa401)

6.223473864s ago: executing program 0 (id=1933):
sendto$packet(0xffffffffffffffff, &(0x7f00000000c0)="3f031c000302140006001e0089e9", 0xe, 0x0, &(0x7f0000000540)={0xc9, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, 0x14)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x4e1f, 0x2, @ipv4={'\x00', '\xff\xff', @local}, 0x1}, 0x1c)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000b40)={0x18, 0x14, &(0x7f0000000d00)=ANY=[], &(0x7f00000000c0)='syzkaller\x00', 0x8, 0x7f, &(0x7f0000000300)=""/127, 0x41100, 0x1, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x94)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000800), r0)
r2 = accept4(r1, 0x0, 0x0, 0x800)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000006c0)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a1c000000120a0101000000000000000005000005080003400000000964000000090a03000000000000000000030000090900010001007a300000000008000440"], 0xcc}, 0x1, 0x0, 0x0, 0x20014840}, 0xc010)
sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="500000000301010100000000000000000a0000030c0019800800020017000000300002802c0001"], 0x50}, 0x1, 0x0, 0x0, 0x4}, 0x4000800)
sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0x4d}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085", 0xcb}], 0x3, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r3, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r4, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}, 0x1, 0x0, 0x0, 0x4851}, 0x0)

5.76683877s ago: executing program 0 (id=1935):
socket$netlink(0x10, 0x3, 0x0)
ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r0=>0xffffffffffffffff}, './file0\x00'})
r1 = getpid()
syz_pidfd_open(r1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x73656000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$igmp(0x2, 0x3, 0x2)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000000000"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x94)
r5 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$VIDIOC_REQBUFS(r5, 0xc0145608, &(0x7f0000000140)={0x3, 0xa, 0x2})
r6 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$VIDIOC_REQBUFS(r6, 0xc0585609, &(0x7f0000000040)={0x0, 0xa, 0x0, 0x0, 0x20})
open(&(0x7f0000000140)='./file0\x00', 0x33f, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=ANY=[@ANYBLOB="28f67b00020301040000000000000000000004000800500100010000020900020000010001020000"], 0x28}, 0x1, 0x0, 0x0, 0x240c0850}, 0x8000)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, &(0x7f0000000040)=r0, 0x4)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000280)="5c00000012006bab9e3fe3d86e6c1d000014a10dfe000000000004b68675f8001d000a00a0e69ee517d34460bc24eab556a705251e6182949a36c23d3b48dfd8cdbf9367b4", 0x45}, {&(0x7f0000000680)='\'', 0x1}], 0x2, 0x0, 0x0, 0x1f00c00e}, 0x0)
syz_open_dev$usbfs(0x0, 0x1ff, 0xa401)

4.771755556s ago: executing program 2 (id=1937):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000480)=@deltaction={0x70, 0x31, 0x1, 0x70bd2c, 0x25dfdbfd, {}, [@TCA_ACT_TAB={0x58, 0x1, [{0xc, 0xf, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0xfff}}, {0x10, 0x6, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'gact\x00'}}, {0xc, 0x6, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x100}}, {0x10, 0x10, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'skbmod\x00'}}, {0xc, 0x1f, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0xff}}, {0x10, 0x3, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'skbmod\x00'}}]}, @TCA_ACT_TAB={0x4}]}, 0x70}, 0x1, 0x0, 0x0, 0x40}, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[@ANYBLOB="4c0000001800010800000000000000850a600000000000000500000014000500200100000000000000000300000000001c00090008000000", @ANYRES32=r0], 0x4c}}, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r1, &(0x7f00000002c0), 0x40000000000009f, 0x0)

4.580216881s ago: executing program 2 (id=1938):
r0 = syz_usb_connect(0x0, 0x0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f0000000400)={0x1c, &(0x7f0000000000)={0x8248851b466bc885, 0x16, 0x34, "da441b5bdf3ea6788130c980baeed286fdf13c14c3433b3d1804da36ca614fc1236555e975d282d0e4f1b40d37fab8f478f7ced0"}, 0x0, 0x0})
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, &(0x7f0000000540)={0x34, &(0x7f0000000240)={0x40, 0x38}, 0x0, 0x0, &(0x7f0000000440)={0x20, 0x0, 0x2}, 0x0, 0x0})
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)

3.769328879s ago: executing program 0 (id=1939):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000008000000010001000900000001"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000ac0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b708000002001e007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000d00)='sched_switch\x00', r5}, 0x10)
r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000300)='net/igmp6\x00')
bpf$TOKEN_CREATE(0x24, &(0x7f0000000000)={0x0, r0}, 0x8)
preadv(r6, &(0x7f0000002400)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1, 0x39c5, 0x0)

3.768785862s ago: executing program 6 (id=1940):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000140)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b7030000000000838500000004000000850000000700000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x18)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000080)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha256\x00'}, 0x58)
read$alg(0xffffffffffffffff, &(0x7f0000001140)=""/4127, 0x101f)

2.631651504s ago: executing program 0 (id=1941):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000001e80)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000480000000820000095000000000000002ba7e1d30c04aa8b3382022ce2a1d97411a0f6b599e83f24a3aa81d36bb7019c13bd23212fb56f040026fbfefc4a056bdc17487902317142fac7e7be168c1886d0d4d94f2f4eb45c652fbc1626cca2a28d67893547db51ee988e6e06c8cedf7ceb9fc40400ae5e4aa74c92c6a51cbf9b0a4def23d410f6accd364158a4591c559f76c0130bfc4e90a6341865c3f5ab3e89cf6c662ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0c18ce74c4dae15cb7947c491b8bea3fd2f73902ebcfcf4982277d9800011b405bbf7b02433a9bcd715f5888b2007f000000001c000000010000000000000600000000309329170ee5b567e70f00c484d339c480f70006a10f58fa64533500000000000000000000000031000000000000001208e75a89faffbfb11b7dc6ea31001e846c12423a169f87463ad6f7c2e8ee1a39244960b318778f2a047f6d5bc24fef5d7d617de7a6520655a80d0900f4d433623c850af895abba14f6fbd7fbad1f98e26ad4deaf1a4f294b2a431ab9142f3a06d54740a4bc5e3abd378af7c9676a08ef74c48785f895b4ec8d1141d5e8744d7f09ab4df6027bf48cabecead649f96ea24d3287a7b01ab84d336f3c0f45a0642d6f2c494160cb7f46ce680eeb80157eb23f9902519ac655fa73103170cbc496d7122034b85e7e87a2db762cbb253fbd76b9117c1a11d18aa2040c5f0c289906000000000000005ffe91ff799a11d9b219c00c369a12bf8685b862d0dbdd956cbda1bae489bcef5ae59136aaadc59609f4d42617c0e6066938b521a0f2e2467a6c435ad5b800262a5da053ced5e95394e500000072737638ac44fb61310e2df511c60b3c88113996a81fb64bce5eb95ce91738640ff7ae6ed6b62086e699955926934389cdf9bcffff3ffd86fe9ce05268bf8a3958f2206cdc7095682c14f10be1075832956762b2dcc6251e7b74cb1da627e332765511c58215bf84d253e8778e6e8ffe4ea50b076446f35efffc806b340658342d2d9e1ef68c6ef3e98407d2fcefb34a0000000000000000895ddbb76122b1222e4da37177fe833e4fcaa67997e92a206ebd085bd9f90008d3fdd528efe6c1dca17f45ba5e8bd3153a0077bb43f8a63dd390d18f0239b41da1a52383a4c6768ca1bb66b8fb3c5000f6f246fd20356a60769b461b6cdf133de073b1df08ae09268b0073bb97d88d741a5546e76caf4b6b1387ff37ec13d262dae0260be74cdf7bb6d3107597430ef5bbd476bb9d69b2aef9f3cb644b4bf01ccf16d40720939daf2af469bdfb361b9c015dd026fd0fffe3c66f5c343afb78a7cfd852f3e05c089887d7df2ff4f9982030019421af6b78ff9c444a17091875cfe4eab0e7f50eb69c860b1613a6b4f5af04f9c635d8d646c89f8b85f820ce7464c731deba39f9ff7b815f7b0acba754c01ed8bf1bba0010a8c6a2b966d861f9dd547abf2e9b23e5607f00f80b58fd76e4bc46c84799aa792cdaeb6cfb858e577dacff607ba513250e13ae696cd6ed7d318190a93b9ee07927efca6b8d1f5980994690bbe002db5146439d906a0d4aef065214b15666cdca81091b69acee2c7ce0821fc19e0891f0b53469f935c5ac420100010000000000fb53faf4420638489e6a1c696d8c414a87b60000000000080000b6be15579518540000bc2d061827ae6349a045b780893771524a424335b9fc34616ee9f09141057262530b7c2f7c9b969938779736ece7b470078ac0b1b4b528000000009866e99948a9096672ec9f3800c2fc35ba6516e542624c47bdba76a816c3a3dd6c3fa87a3ec91df199a9af91a7babf2b8d0e7b77e6dfb4bbc9817847b705000000a1000000000000ab8353f3800f045b90b0eaab6d731199c9447eabbc8c740183aff5389742e47de5000000826a570d14310700cf2ae3366ebdb7f1000000000000333c00e6addbf4c71ffad6bfb5babb49109f92a5a52042c425190a6e3f1a8a3abfe6059da9c952cf35c98ce7616355493d280f2d0be99e18fd0900c769e7eb4edc1c03a33676080000007229e0237c1e34641848531712ff09e89fb062a3e66f4f3c9d7a7fc9aab1ced0ae679733830039cb61ea0691f0b4e0b33194404e643243c3841e1e7fe301f7f47a7f89512d92e83624e3de705bdfbfd0e5e381398e9d5428a00cc8a6d097d97e6ac8bd09b1a5577920a650114a522c1e2dcdc4f606fcbcee91770a9fada34d38cd7976a9228a0a0dd8661be8162e966aac26bea4c11458cd6ce22ddf7054cdd0a60ef3ec000000000000000000425cb75dc7ec92e9a5d29f9c99697d2a98ae0a9f35"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000000040)=r0, 0x4)
r2 = socket$netlink(0x10, 0x3, 0x0)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000180)='9', 0x1}], 0x1)

2.572073522s ago: executing program 6 (id=1942):
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x9, 0x2, 0x56d, 0x2}, 0x48)
sendto$packet(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000540)={0xc9, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, 0x14)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'syz_tun\x00'})
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004"], 0x48)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r2 = accept4(r1, 0x0, 0x0, 0x800)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000d40)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [], {0x14, 0x11, 0x1, 0x0, 0x0, {0xa}}}, 0x28}, 0x1, 0x0, 0x0, 0x20014840}, 0xc010)
sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r3, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r4, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

2.501367892s ago: executing program 3 (id=1943):
openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x28000, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
select(0x40, &(0x7f0000000000)={0xe, 0x92f, 0x9, 0x7, 0xd82b, 0x882b, 0x7, 0x3}, 0x0, 0x0, 0x0)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000000)=ANY=[])
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
write$sndseq(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
inotify_init()
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file1\x00', 0x13b)
mkdir(&(0x7f0000000000)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
ioprio_set$uid(0x3, 0x0, 0x0)
chdir(&(0x7f0000000140)='./bus\x00')
write$FUSE_CREATE_OPEN(0xffffffffffffffff, &(0x7f0000000180)={0xa0, 0xffffffffffffffda, 0x0, {{0x4, 0x3, 0x5, 0x6, 0x3, 0x1, {0x0, 0x9, 0x20ff, 0x5, 0x89, 0xd615, 0x9, 0x7fffffff, 0xfffffffe, 0x8000, 0x0, 0x0, 0x0, 0x3ff, 0x1}}, {0x0, 0x13}}}, 0xa0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000080), 0x7f03)

2.317467904s ago: executing program 2 (id=1944):
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
sched_getattr(r0, &(0x7f0000000200)={0x38}, 0x38, 0x0)

2.266381123s ago: executing program 1 (id=1945):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r2=>0x0})
r3 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000d80), 0xffffffffffffffff)
sendmsg$TIPC_NL_PUBL_GET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000006c0)={0xb0, r3, 0x4, 0x70bd25, 0x25dfdbfe, {}, [@TIPC_NLA_MON={0x4}, @TIPC_NLA_MEDIA={0x70, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_PROP={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x5f0}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x12}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x3}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x4}]}, @TIPC_NLA_MEDIA_PROP={0x4}, @TIPC_NLA_MEDIA_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8}]}, @TIPC_NLA_MEDIA_PROP={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x529}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x6}]}, @TIPC_NLA_MEDIA_PROP={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x13}]}]}, @TIPC_NLA_MEDIA={0x8, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_PROP={0x4}]}, @TIPC_NLA_SOCK={0x4}, @TIPC_NLA_NET={0x1c, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0xfffffffffffffffb}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x1}]}]}, 0xb0}, 0x1, 0x0, 0x0, 0x448d0}, 0x20000081)
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r1, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r2, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

2.131181544s ago: executing program 6 (id=1946):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x10)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r3, 0x84, 0x1c, &(0x7f0000000040), &(0x7f0000000080)=0x4)

1.992224945s ago: executing program 1 (id=1947):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r0)
socket$inet6_sctp(0xa, 0x1, 0x84)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
ioctl$SIOCSIFHWADDR(r0, 0x8943, &(0x7f0000002280)={'syzkaller0\x00', @random})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})

1.981498085s ago: executing program 0 (id=1948):
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c)
syz_emit_ethernet(0xbe, &(0x7f0000000000)={@local, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "7b4b143b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af", "584cbf2649a50f2dbc43efa8698dfa871c51852e4451b57d037ad3c045942824251d7d17b5191584cdd4fbe40a27424d", "bcfd56f1373669caaa2f19935e6996c7096ffe4f3a4745a8f762b964", {"9a3bfbc1f39cb307b3472eb9cdb042d2", "643fcbb2c5a57df67d544af6e8dafe09"}}}}}}}, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)=[{0x0}], 0x1}, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x7}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
recvmmsg(r0, &(0x7f00000057c0)=[{{0x0, 0x0, 0x0}, 0x3}, {{0x0, 0x56, &(0x7f0000002cc0)=[{0x0}, {&(0x7f00000017c0)=""/130, 0x94}], 0x2}, 0xa1}], 0x2, 0x0, 0x0)

1.932723525s ago: executing program 2 (id=1949):
socket$netlink(0x10, 0x3, 0x0)
ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r0=>0xffffffffffffffff}, './file0\x00'})
r1 = getpid()
syz_pidfd_open(r1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x73656000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$igmp(0x2, 0x3, 0x2)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000000000"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x94)
r5 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$VIDIOC_REQBUFS(r5, 0xc0145608, &(0x7f0000000140)={0x3, 0xa, 0x2})
r6 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$VIDIOC_REQBUFS(r6, 0xc0585609, &(0x7f0000000040)={0x0, 0xa, 0x0, 0x0, 0x20})
open(&(0x7f0000000140)='./file0\x00', 0x33f, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=ANY=[@ANYBLOB="28f67b00020301040000000000000000000004000800500100010000020900020000010001020000"], 0x28}, 0x1, 0x0, 0x0, 0x240c0850}, 0x8000)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, &(0x7f0000000040)=r0, 0x4)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000280)="5c00000012006bab9e3fe3d86e6c1d000014a10dfe000000000004b68675f8001d000a00a0e69ee517d34460bc24eab556a705251e6182949a36c23d3b48dfd8cdbf9367b4fa51f60a64c9f408000300", 0x50}, {&(0x7f0000000680)='\'', 0x1}], 0x2, 0x0, 0x0, 0x1f00c00e}, 0x0)
syz_open_dev$usbfs(0x0, 0x1ff, 0xa401)

1.824181099s ago: executing program 1 (id=1950):
fsopen(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setregid(0xee00, 0xee00)
keyctl$session_to_parent(0x12)
mount$cgroup(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f00000001c0), 0x2010042, &(0x7f0000000000)={[{@subsystem='hugetlb'}, {@subsystem='memory'}, {@subsystem='cpuacct'}]})
mount(0x0, &(0x7f00000001c0)='./file0\x00', 0x0, 0x40078, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
mlockall(0x7)

821.198061ms ago: executing program 1 (id=1951):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x20000, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000001200)={0x0, 0xffffff1e, 0xffffffff, 0x4, 0x16, "001bf100eeff0000a2c2000100000000002000"})
socket$nl_route(0x10, 0x3, 0x0)
socket$can_raw(0x1d, 0x3, 0x1)
sendmsg$NL80211_CMD_DEL_PMKSA(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x40}, 0x400c1)
r1 = socket$l2tp(0x2, 0x2, 0x73)
bind$inet(r1, &(0x7f0000000000)={0x2, 0x0, @multicast1}, 0x10)
syz_emit_ethernet(0x0, 0x0, 0x0)
ioctl$sock_SIOCINQ(r1, 0x541b, 0x0)

161.427095ms ago: executing program 2 (id=1952):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000008000000010001000900000001"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000ac0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b708000002001e007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000d00)='sched_switch\x00', r5}, 0x10)
r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000300)='net/igmp6\x00')
bpf$TOKEN_CREATE(0x24, &(0x7f0000000000)={0x0, r0}, 0x8)
preadv(r6, &(0x7f0000002400)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1, 0x39c5, 0x0)

151.627535ms ago: executing program 1 (id=1953):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000140)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b7030000000000838500000004000000850000000700000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x18)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000080)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha256\x00'}, 0x58)
read$alg(0xffffffffffffffff, &(0x7f0000001140)=""/4127, 0x101f)

145.52206ms ago: executing program 0 (id=1954):
r0 = syz_usb_connect(0x0, 0x0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f0000000400)={0x1c, &(0x7f0000000000)={0x8248851b466bc885, 0x16, 0x34, "da441b5bdf3ea6788130c980baeed286fdf13c14c3433b3d1804da36ca614fc1236555e975d282d0e4f1b40d37fab8f478f7ced0"}, 0x0, 0x0})
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, &(0x7f0000000540)={0x34, &(0x7f0000000240)={0x40, 0x38}, 0x0, 0x0, &(0x7f0000000440)={0x20, 0x0, 0x2}, 0x0, 0x0})
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)

0s ago: executing program 1 (id=1955):
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f00000003c0), 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xfec8d000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000400)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000001000000850000000e000000850000000500000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
setpgid(0x0, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000600)=@bridge_getneigh={0x20, 0x1e, 0xb7b6511a36acb75d}, 0x20}}, 0x0)
ioctl$sock_inet_SIOCSIFADDR(0xffffffffffffffff, 0x8916, 0x0)
ioctl$sock_inet_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f0000000080)={'batadv_slave_1\x00', {0x2, 0x4e21, @empty}})
r4 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='\x00', 0x89101)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1, 0xc, 0x0, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r5, 0x2000000, 0x0, 0x0, 0x0, 0x0, 0x3800, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0xc, 0x4, &(0x7f0000000240)=@framed={{}, [@ldst={0x1, 0x2, 0x4, 0x0, 0x1, 0xaa}]}, &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x20000000}, 0x94)
ioctl$TIOCGSID(r4, 0x5429, &(0x7f0000000000))
ioctl$TIOCGPGRP(r4, 0x540f, &(0x7f0000000040))

kernel console output (not intermixed with test programs):

ode
[   93.124599][   T51] Bluetooth: hci1: command tx timeout
[   93.137895][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   93.139676][ T5863] veth1_vlan: entered promiscuous mode
[   93.155250][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   93.192886][ T5865] veth0_vlan: entered promiscuous mode
[   93.221849][ T5868] veth0_macvtap: entered promiscuous mode
[   93.246174][ T5868] veth1_macvtap: entered promiscuous mode
[   93.253675][   T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   93.270963][   T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   93.279466][ T5865] veth1_vlan: entered promiscuous mode
[   93.297968][   T51] Bluetooth: hci2: command tx timeout
[   93.312307][   T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   93.320291][   T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   93.342407][ T1324] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   93.351500][ T1324] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   93.377862][   T51] Bluetooth: hci3: command tx timeout
[   93.385787][ T5863] veth0_macvtap: entered promiscuous mode
[   93.432613][ T5853] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   93.452826][ T5868] batman_adv: batadv0: Interface activated: batadv_slave_0
[   93.463339][ T5865] veth0_macvtap: entered promiscuous mode
[   93.475107][ T5863] veth1_macvtap: entered promiscuous mode
[   93.494420][ T5865] veth1_macvtap: entered promiscuous mode
[   93.518015][ T5868] batman_adv: batadv0: Interface activated: batadv_slave_1
[   93.535121][   T51] Bluetooth: hci4: command tx timeout
[   93.582344][ T5863] batman_adv: batadv0: Interface activated: batadv_slave_0
[   93.602703][   T13] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   93.637958][   T13] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   93.649849][ T5967] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   93.869050][ T5964] ALSA: mixer_oss: invalid OSS volume ''
[   93.898217][   T13] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   94.510130][ T5865] batman_adv: batadv0: Interface activated: batadv_slave_0
[   94.619476][ T5863] batman_adv: batadv0: Interface activated: batadv_slave_1
[   94.666379][   T13] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   94.696325][ T5865] batman_adv: batadv0: Interface activated: batadv_slave_1
[   94.748947][ T1145] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   94.761922][ T1145] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   94.806893][ T1145] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   94.821935][ T1145] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   94.868245][ T1145] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   94.886553][   T13] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   94.896733][   T13] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   94.940414][   T13] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   95.089785][ T3551] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   95.122414][ T3551] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   95.130093][   T51] Bluetooth: hci0: command tx timeout
[   95.141057][   T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   95.160886][ T5971] loop1: detected capacity change from 0 to 32768
[   95.164030][   T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   95.194515][ T5971] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.6 (5971)
[   95.214182][   T51] Bluetooth: hci1: command tx timeout
[   95.249365][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   95.264940][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   95.272869][ T5971] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[   95.304126][ T5971] BTRFS info (device loop1): using sha256 (sha256-lib) checksum algorithm
[   95.318807][ T5971] BTRFS info (device loop1): using free-space-tree
[   95.365974][   T51] Bluetooth: hci2: command tx timeout
[   95.379454][ T1145] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   95.391761][ T1145] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   95.447709][   T51] Bluetooth: hci3: command tx timeout
[   95.471566][ T5973] loop0: detected capacity change from 0 to 32768
[   95.496501][ T1145] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   95.543325][ T5973] 
[   95.543325][ T5973]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   95.543325][ T5973] 
[   95.548896][ T1145] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   95.605782][   T51] Bluetooth: hci4: command tx timeout
[   95.759051][ T5859] 
[   95.759051][ T5859]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   95.759051][ T5859] 
[   95.983809][ T5859] 
[   95.983809][ T5859]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   95.983809][ T5859] 
[   96.530146][ T5853] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[   96.580436][ T3551] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   96.616706][ T3551] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   96.743793][ T5999] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5'.
[   97.427494][ T6011] ALSA: mixer_oss: invalid OSS volume ''
[   97.462933][ T6018] loop4: detected capacity change from 0 to 256
[   97.489418][ T6018] exfat: Deprecated parameter 'utf8'
[   97.524613][ T6018] exfat: Deprecated parameter 'namecase'
[   97.744422][ T6018] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xabf88b1f, utbl_chksum : 0xe619d30d)
[   98.047231][ T6021] loop3: detected capacity change from 0 to 40427
[   98.124937][ T6021] F2FS-fs (loop3): invalid crc value
[   98.202606][ T6021] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[   98.214557][ T6021] F2FS-fs (loop3): Start checkpoint disabled!
[   98.233187][ T6021] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[   98.376078][ T6026] input: syz0 as /devices/virtual/input/input5
[   98.403726][    T0] NOHZ tick-stop error: local softirq work is pending, handler #10!!!
[   98.412932][    T0] NOHZ tick-stop error: local softirq work is pending, handler #48!!!
[   98.453397][    T0] NOHZ tick-stop error: local softirq work is pending, handler #10!!!
[   98.493071][    T0] NOHZ tick-stop error: local softirq work is pending, handler #10!!!
[   98.506715][    T0] NOHZ tick-stop error: local softirq work is pending, handler #10!!!
[   98.601868][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   98.645027][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[   98.699620][    T0] NOHZ tick-stop error: local softirq work is pending, handler #10!!!
[   98.724845][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[   98.766993][    T0] NOHZ tick-stop error: local softirq work is pending, handler #10!!!
[   99.248856][ T1324] kworker/u8:8: attempt to access beyond end of device
[   99.248856][ T1324] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   99.355339][ T1324] CPU: 1 UID: 0 PID: 1324 Comm: kworker/u8:8 Not tainted 6.16.0-rc5-next-20250711-syzkaller #0 PREEMPT(full) 
[   99.355365][ T1324] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   99.355378][ T1324] Workqueue: writeback wb_workfn (flush-7:3)
[   99.355418][ T1324] Call Trace:
[   99.355426][ T1324]  <TASK>
[   99.355434][ T1324]  dump_stack_lvl+0x189/0x250
[   99.355461][ T1324]  ? __pfx_dump_stack_lvl+0x10/0x10
[   99.355480][ T1324]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[   99.355508][ T1324]  ? __pfx_queue_work_on+0x10/0x10
[   99.355533][ T1324]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[   99.355554][ T1324]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   99.355600][ T1324]  ? f2fs_hw_is_readonly+0x39b/0x470
[   99.355627][ T1324]  f2fs_handle_critical_error+0x37c/0x540
[   99.355656][ T1324]  f2fs_write_end_io+0x495/0x810
[   99.355680][ T1324]  ? blkg_put+0x22/0x240
[   99.355721][ T1324]  __submit_merged_bio+0x27a/0x6a0
[   99.355758][ T1324]  __submit_merged_write_cond+0x255/0x530
[   99.355801][ T1324]  f2fs_write_data_pages+0x261d/0x3000
[   99.355862][ T1324]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[   99.355903][ T1324]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[   99.355967][ T1324]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[   99.356002][ T1324]  ? trace_f2fs_writepages+0x7f/0x200
[   99.356025][ T1324]  ? f2fs_write_node_pages+0x478/0x6e0
[   99.356051][ T1324]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[   99.356087][ T1324]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[   99.356112][ T1324]  do_writepages+0x32e/0x550
[   99.356144][ T1324]  ? reacquire_held_locks+0x127/0x1d0
[   99.356165][ T1324]  ? writeback_sb_inodes+0x384/0x1010
[   99.356200][ T1324]  __writeback_single_inode+0x145/0xff0
[   99.356226][ T1324]  ? do_raw_spin_unlock+0x122/0x240
[   99.356258][ T1324]  writeback_sb_inodes+0x6c7/0x1010
[   99.356311][ T1324]  ? __pfx_writeback_sb_inodes+0x10/0x10
[   99.356383][ T1324]  ? rcu_is_watching+0x15/0xb0
[   99.356416][ T1324]  wb_writeback+0x43b/0xaf0
[   99.356450][ T1324]  ? queue_io+0x2e1/0x590
[   99.356478][ T1324]  ? __pfx_wb_writeback+0x10/0x10
[   99.356512][ T1324]  ? _raw_spin_unlock_irq+0x23/0x50
[   99.356542][ T1324]  wb_workfn+0x409/0xef0
[   99.356579][ T1324]  ? __pfx_wb_workfn+0x10/0x10
[   99.356605][ T1324]  ? __lock_acquire+0xab9/0xd20
[   99.356637][ T1324]  ? process_scheduled_works+0x9ef/0x17b0
[   99.356665][ T1324]  ? _raw_spin_unlock_irq+0x23/0x50
[   99.356687][ T1324]  ? process_scheduled_works+0x9ef/0x17b0
[   99.356706][ T1324]  ? process_scheduled_works+0x9ef/0x17b0
[   99.356728][ T1324]  process_scheduled_works+0xade/0x17b0
[   99.356801][ T1324]  ? __pfx_process_scheduled_works+0x10/0x10
[   99.356850][ T1324]  worker_thread+0x8a0/0xda0
[   99.356872][ T1324]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   99.356902][ T1324]  ? __kthread_parkme+0x7b/0x200
[   99.356932][ T1324]  kthread+0x711/0x8a0
[   99.356959][ T1324]  ? __pfx_worker_thread+0x10/0x10
[   99.356979][ T1324]  ? __pfx_kthread+0x10/0x10
[   99.357004][ T1324]  ? _raw_spin_unlock_irq+0x23/0x50
[   99.357041][ T1324]  ? lockdep_hardirqs_on+0x9c/0x150
[   99.357065][ T1324]  ? __pfx_kthread+0x10/0x10
[   99.357091][ T1324]  ret_from_fork+0x3f9/0x770
[   99.357114][ T1324]  ? __pfx_ret_from_fork+0x10/0x10
[   99.357141][ T1324]  ? __switch_to_asm+0x39/0x70
[   99.357165][ T1324]  ? __switch_to_asm+0x33/0x70
[   99.357188][ T1324]  ? __pfx_kthread+0x10/0x10
[   99.357213][ T1324]  ret_from_fork_asm+0x1a/0x30
[   99.357257][ T1324]  </TASK>
[   99.358686][ T1324] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[   99.953353][ T6014] loop1: detected capacity change from 0 to 32768
[   99.989882][ T6014] bcachefs (/dev/loop1): error validating superblock: Invalid superblock section members_v2: device 0: not enough buckets (got 0, max 64)
[   99.989882][ T6014] members_v2 (size 40):
[   99.989882][ T6014] nr_devices mismatch: have 2 entries, should be 1Device:0
[   99.989882][ T6014]   Label:                       (none)
[   99.989882][ T6014]   UUID:                        07000000-0000-0000-1800-000000000000
[   99.989882][ T6014]   Size:                        0
[   99.989882][ T6014]   read errors:                 0
[   99.989882][ T6014]   write errors:                0
[   99.989882][ T6014]   checksum errors:             0
[   99.989882][ T6014]   seqread iops:                0
[   99.989882][ T6014]   seqwrite iops:               0
[   99.989882][ T6014]   randread iops:               0
[   99.989882][ T6014]   randwrite iops:              0
[   99.989882][ T6014]   Bucket size:                 0
[   99.989882][ T6014]   First bucket:                0
[   99.989882][ T6014]   Buckets:                     0
[   99.989882][ T6014]   Last mount:                  (never)
[   99.989882][ T6014]   Last superblock write:       0
[   99.989882][ T6014]   State:                       rw
[   99.989882][ T6014]   Data allowed:                (none)
[   99.989882][ T6014]   Has data:                    journal,btree,user
[   99.989882][ T6014]   Btree allocated bitmap blocksize:1
[   99.989882][ T6014]   Btree allocated bitmap:      0000000000000000000000000000000000000000000000000000000000000000
[   99.989882][ T6014]   Durabili
[   99.990046][ T6014] bcachefs: bch2_fs_get_tree() error: invalid_sb_members
[  100.153190][ T6031] =======================================================
[  100.153190][ T6031] WARNING: The mand mount option has been deprecated and
[  100.153190][ T6031]          and is ignored by this kernel. Remove the mand
[  100.153190][ T6031]          option from the mount to silence this warning.
[  100.153190][ T6031] =======================================================
[  100.227552][ T6031] new mount options do not match the existing superblock, will be ignored
[  100.657815][ T3551] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  100.773625][ T3551] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  100.891954][ T3551] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  101.013927][ T6041] tmpfs: Bad value for 'mpol'
[  101.799697][ T6038] loop1: detected capacity change from 0 to 256
[  101.870828][ T6038] exFAT-fs (loop1): error, The cluster chain has a loop
[  101.880559][ T6038] exFAT-fs (loop1): failed to count the number of clusters in root
[  101.920145][ T6038] exFAT-fs (loop1): failed to recognize exfat type
[  101.930823][ T3551] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  102.091655][ T6043] netlink: 40 bytes leftover after parsing attributes in process `syz.1.22'.
[  102.701107][ T3551] bridge_slave_1: left allmulticast mode
[  103.504095][ T3551] bridge_slave_1: left promiscuous mode
[  103.510673][ T3551] bridge0: port 2(bridge_slave_1) entered disabled state
[  103.608198][ T5858] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  103.630354][ T6054] ALSA: mixer_oss: invalid OSS volume ''
[  103.746050][ T5858] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  103.758469][ T5858] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  103.784662][ T3551] bridge_slave_0: left allmulticast mode
[  103.794189][ T5858] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  103.805074][ T5858] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  103.827555][ T3551] bridge_slave_0: left promiscuous mode
[  103.833358][ T3551] bridge0: port 1(bridge_slave_0) entered disabled state
[  103.862492][ T6042] loop0: detected capacity change from 0 to 32768
[  103.903234][ T6042] XFS (loop0): Mounting V5 Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[  104.278997][ T6071] loop1: detected capacity change from 0 to 40427
[  104.303301][ T6042] XFS (loop0): Ending clean mount
[  104.307216][ T6071] F2FS-fs (loop1): invalid crc value
[  104.382966][ T6071] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  104.394821][ T6071] F2FS-fs (loop1): Start checkpoint disabled!
[  104.604040][ T6071] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[  104.605761][ T5859] XFS (loop0): Unmounting Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[  104.981545][ T6084] input: syz0 as /devices/virtual/input/input6
[  105.934534][   T51] Bluetooth: hci3: command tx timeout
[  107.551445][ T6088] loop0: detected capacity change from 0 to 2048
[  107.595027][ T6088] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  107.608655][ T1318] kworker/u8:6: attempt to access beyond end of device
[  107.608655][ T1318] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  107.678865][ T1318] CPU: 0 UID: 0 PID: 1318 Comm: kworker/u8:6 Not tainted 6.16.0-rc5-next-20250711-syzkaller #0 PREEMPT(full) 
[  107.678893][ T1318] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  107.678905][ T1318] Workqueue: writeback wb_workfn (flush-7:1)
[  107.678932][ T1318] Call Trace:
[  107.678939][ T1318]  <TASK>
[  107.678947][ T1318]  dump_stack_lvl+0x189/0x250
[  107.678975][ T1318]  ? __pfx_dump_stack_lvl+0x10/0x10
[  107.678995][ T1318]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  107.679018][ T1318]  ? __pfx_queue_work_on+0x10/0x10
[  107.679040][ T1318]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  107.679061][ T1318]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  107.679085][ T1318]  ? f2fs_hw_is_readonly+0x39b/0x470
[  107.679110][ T1318]  f2fs_handle_critical_error+0x37c/0x540
[  107.679136][ T1318]  f2fs_write_end_io+0x495/0x810
[  107.679157][ T1318]  ? blkg_put+0x22/0x240
[  107.679194][ T1318]  __submit_merged_bio+0x27a/0x6a0
[  107.679220][ T1318]  __submit_merged_write_cond+0x255/0x530
[  107.679264][ T1318]  f2fs_write_data_pages+0x261d/0x3000
[  107.679321][ T1318]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  107.679357][ T1318]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  107.679417][ T1318]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[  107.679449][ T1318]  ? trace_f2fs_writepages+0x7f/0x200
[  107.679471][ T1318]  ? f2fs_write_node_pages+0x478/0x6e0
[  107.679495][ T1318]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[  107.679528][ T1318]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  107.679551][ T1318]  do_writepages+0x32e/0x550
[  107.679580][ T1318]  ? reacquire_held_locks+0x127/0x1d0
[  107.679599][ T1318]  ? writeback_sb_inodes+0x384/0x1010
[  107.679631][ T1318]  __writeback_single_inode+0x145/0xff0
[  107.679654][ T1318]  ? do_raw_spin_unlock+0x122/0x240
[  107.679682][ T1318]  writeback_sb_inodes+0x6c7/0x1010
[  107.679711][ T1318]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  107.679750][ T1318]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  107.679815][ T1318]  ? rcu_is_watching+0x15/0xb0
[  107.679845][ T1318]  wb_writeback+0x43b/0xaf0
[  107.679875][ T1318]  ? queue_io+0x2e1/0x590
[  107.679901][ T1318]  ? __pfx_wb_writeback+0x10/0x10
[  107.679932][ T1318]  ? _raw_spin_unlock_irq+0x23/0x50
[  107.679958][ T1318]  wb_workfn+0x409/0xef0
[  107.679992][ T1318]  ? __pfx_wb_workfn+0x10/0x10
[  107.680015][ T1318]  ? __lock_acquire+0xab9/0xd20
[  107.680044][ T1318]  ? process_scheduled_works+0x9ef/0x17b0
[  107.680069][ T1318]  ? _raw_spin_unlock_irq+0x23/0x50
[  107.680089][ T1318]  ? process_scheduled_works+0x9ef/0x17b0
[  107.680106][ T1318]  ? process_scheduled_works+0x9ef/0x17b0
[  107.680126][ T1318]  process_scheduled_works+0xade/0x17b0
[  107.680175][ T1318]  ? __pfx_process_scheduled_works+0x10/0x10
[  107.680212][ T1318]  worker_thread+0x8a0/0xda0
[  107.680264][ T1318]  kthread+0x711/0x8a0
[  107.680292][ T1318]  ? __pfx_worker_thread+0x10/0x10
[  107.680311][ T1318]  ? __pfx_kthread+0x10/0x10
[  107.680337][ T1318]  ? _raw_spin_unlock_irq+0x23/0x50
[  107.680357][ T1318]  ? lockdep_hardirqs_on+0x9c/0x150
[  107.680379][ T1318]  ? __pfx_kthread+0x10/0x10
[  107.680403][ T1318]  ret_from_fork+0x3f9/0x770
[  107.680425][ T1318]  ? __pfx_ret_from_fork+0x10/0x10
[  107.680450][ T1318]  ? __switch_to_asm+0x39/0x70
[  107.680472][ T1318]  ? __switch_to_asm+0x33/0x70
[  107.680494][ T1318]  ? __pfx_kthread+0x10/0x10
[  107.680518][ T1318]  ret_from_fork_asm+0x1a/0x30
[  107.680559][ T1318]  </TASK>
[  107.680567][ T1318] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  108.028833][   T51] Bluetooth: hci3: command tx timeout
[  108.628943][ T3551] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  108.685328][ T3551] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  108.708556][ T6092] loop1: detected capacity change from 0 to 1024
[  108.720214][ T3551] bond0 (unregistering): Released all slaves
[  108.784510][ T6079] warning: `syz.2.29' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  108.841554][ T6090] team0: No ports can be present during mode change
[  110.138161][   T51] Bluetooth: hci3: command tx timeout
[  110.468151][ T6113] loop1: detected capacity change from 0 to 128
[  110.514363][ T6113] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  110.514533][ T5914] usb 3-1: new full-speed USB device number 2 using dummy_hcd
[  110.901372][ T1318] wlan1: Trigger new scan to find an IBSS to join
[  110.908806][ T6113] netlink: 'syz.1.37': attribute type 10 has an invalid length.
[  110.936817][ T5914] usb 3-1: config 2 has an invalid descriptor of length 0, skipping remainder of the config
[  110.950641][ T6113] team0: Device ipvlan1 failed to register rx_handler
[  111.001642][ T5914] usb 3-1: New USB device found, idVendor=7a69, idProduct=0001, bcdDevice=a8.6b
[  111.037302][ T5914] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  111.086036][ T5914] usb 3-1: Product: syz
[  111.126672][ T5914] usb 3-1: Manufacturer: syz
[  111.141588][ T5914] usb 3-1: SerialNumber: syz
[  111.197658][ T6109] loop0: detected capacity change from 0 to 32768
[  111.224004][ T5914] usb 3-1: dvb_usb_v2: found a '774 Friio White ISDB-T USB2.0' in warm state
[  111.238076][ T6109] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.39 (6109)
[  111.307756][ T6109] BTRFS info (device loop0): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  111.331033][ T6109] BTRFS info (device loop0): using blake2b (blake2b-256-generic) checksum algorithm
[  111.341052][ T6109] BTRFS info (device loop0): using free-space-tree
[  111.769416][ T3551] hsr_slave_0: left promiscuous mode
[  111.818502][ T3551] hsr_slave_1: left promiscuous mode
[  111.852948][ T3551] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  111.911289][ T3551] batman_adv: batadv0: Removing interface: batadv_slave_0
[  111.991777][ T3551] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  112.031475][   T30] audit: type=1800 audit(1752269906.527:2): pid=6109 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.39" name="file1" dev="loop0" ino=260 res=0 errno=0
[  112.119379][ T3551] batman_adv: batadv0: Removing interface: batadv_slave_1
[  112.164107][   T51] Bluetooth: hci3: command tx timeout
[  112.203478][ T5914] usb 3-1: dvb_usb_v2: this USB2.0 device cannot be run on a USB1.1 port (it lacks a hardware PID filter)
[  112.263269][ T5914] usb 3-1: USB disconnect, device number 2
[  112.357650][ T3551] veth1_macvtap: left promiscuous mode
[  112.375919][ T3551] veth0_macvtap: left promiscuous mode
[  112.382683][ T3551] veth1_vlan: left promiscuous mode
[  112.388945][ T3551] veth0_vlan: left promiscuous mode
[  112.398023][ T5859] BTRFS info (device loop0): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  112.880323][ T6158] loop2: detected capacity change from 0 to 16
[  112.896682][ T6158] MTD: Attempt to mount non-MTD device "/dev/loop2"
[  113.226929][ T6162] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[  114.406826][   T36] wlan1: Trigger new scan to find an IBSS to join
[  114.503224][ T6175] Zero length message leads to an empty skb
[  114.814771][ T6181] tmpfs: Bad value for 'mpol'
[  114.838838][ T6176] loop3: detected capacity change from 0 to 4096
[  115.805695][ T6176] ntfs3(loop3): ino=1a, mi_enum_attr
[  115.826202][ T6185] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  115.838160][ T6176] ntfs3(loop3): Mark volume as dirty due to NTFS errors
[  116.022094][   T30] audit: type=1804 audit(1752269910.517:3): pid=6189 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.50" name=2F6E6577726F6F742F392F131377C5FC35D41454D5D41D29AD1A6029598146E6BE166E41AD0DBD4054033C9F33BBDA8224A2F3D772E7636E48B33CBF708372E8F1B9933EC5127743BE2206209EF02DF9CBF2F6E880D3382F66696C6530 dev="loop3" ino=33 res=1 errno=0
[  116.068201][ T3551] team0 (unregistering): Port device team_slave_1 removed
[  116.152847][ T3551] team0 (unregistering): Port device team_slave_0 removed
[  116.286612][ T6187] loop1: detected capacity change from 0 to 32768
[  116.334161][ T5935] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[  116.498213][ T5935] usb 3-1: Using ep0 maxpacket: 8
[  116.506816][ T5935] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  116.534605][ T5935] usb 3-1: config 0 has no interfaces?
[  116.545788][ T5935] usb 3-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c
[  116.555701][ T5935] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  116.563775][ T5935] usb 3-1: Product: syz
[  116.569225][ T5935] usb 3-1: Manufacturer: syz
[  116.573903][ T5935] usb 3-1: SerialNumber: syz
[  116.607961][ T6187] bcachefs (loop1): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,erasure_code,no_splitbrain_check,fsck,norecovery,nojournal_transaction_names,reconstruct_alloc,nocow
[  116.607985][ T6187]   allowing incompatible features above 0.0: (unknown version)
[  116.607997][ T6187]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  116.641764][ T5935] usb 3-1: config 0 descriptor??
[  116.703018][ T6187] bcachefs (loop1): Using encoding defined by superblock: utf8-12.1.0
[  116.721601][ T6187] bcachefs (loop1): recovering from clean shutdown, journal seq 10
[  116.732481][ T6187] bcachefs (loop1): Version upgrade required:
[  116.732481][ T6187] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete
[  116.732481][ T6187] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.28: inode_has_case_insensitive
[  116.732481][ T6187]   running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,check_rebalance_work,set_fs_needs_rebalance
[  116.809748][ T6187] bcachefs (loop1): dropping and reconstructing all alloc info
[  116.872175][ T6187] bcachefs (loop1): accounting_read... done
[  116.909331][ T6187] bcachefs (loop1): alloc_read... done
[  116.920989][ T6187] bcachefs (loop1): snapshots_read... done
[  116.954952][ T6187] bcachefs (loop1): done starting filesystem
[  117.190264][ T5853] bcachefs (loop1): shutting down
[  117.387106][ T5853] bcachefs (loop1): shutdown complete
[  117.608719][ T6191] loop2: detected capacity change from 0 to 32768
[  117.623073][ T6191] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.55 (6191)
[  117.665385][ T6191] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  117.685211][ T6191] BTRFS info (device loop2): using sha256 (sha256-lib) checksum algorithm
[  117.703313][ T6191] BTRFS info (device loop2): using free-space-tree
[  117.924296][ T1318] wlan1: Trigger new scan to find an IBSS to join
[  117.938203][ T6052] chnl_net:caif_netlink_parms(): no params data found
[  118.435495][ T6202] gfs2: not a GFS2 filesystem
[  118.438149][ T6052] bridge0: port 1(bridge_slave_0) entered blocking state
[  118.461613][ T6052] bridge0: port 1(bridge_slave_0) entered disabled state
[  118.475965][ T6052] bridge_slave_0: entered allmulticast mode
[  118.495100][ T6052] bridge_slave_0: entered promiscuous mode
[  118.503536][ T6052] bridge0: port 2(bridge_slave_1) entered blocking state
[  118.510780][ T6052] bridge0: port 2(bridge_slave_1) entered disabled state
[  118.518183][ T6052] bridge_slave_1: entered allmulticast mode
[  118.525822][ T6052] bridge_slave_1: entered promiscuous mode
[  118.610509][ T6052] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  118.648978][ T6052] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  118.813179][ T6052] team0: Port device team_slave_0 added
[  118.841308][ T6052] team0: Port device team_slave_1 added
[  119.079924][   T60] wlan1: Creating new IBSS network, BSSID 62:b8:5c:5c:a8:7a
[  119.156362][ T6052] batman_adv: batadv0: Adding interface: batadv_slave_0
[  119.192218][ T6052] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  119.231719][ T6052] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  119.257229][ T6052] batman_adv: batadv0: Adding interface: batadv_slave_1
[  119.273244][ T6052] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  119.334088][ T6052] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  119.388790][   T24] usb 3-1: USB disconnect, device number 3
[  119.418134][ T5868] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  119.796242][ T6052] hsr_slave_0: entered promiscuous mode
[  119.822907][ T6052] hsr_slave_1: entered promiscuous mode
[  119.843699][ T6052] debugfs: 'hsr0' already exists in 'hsr'
[  119.869889][ T6052] Cannot create hsr debugfs directory
[  120.192913][ T6259] loop2: detected capacity change from 0 to 128
[  120.217018][ T6259] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[  120.432492][ T6260] netlink: 'syz.2.62': attribute type 10 has an invalid length.
[  120.451988][ T6260] team0: Device ipvlan1 failed to register rx_handler
[  120.468391][ T6251] ALSA: mixer_oss: invalid OSS volume ''
[  120.783004][ T6052] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  120.850282][ T6052] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  121.204854][ T6269] loop1: detected capacity change from 0 to 1024
[  121.217721][ T6269] EXT4-fs: Ignoring removed nobh option
[  121.223368][ T6269] EXT4-fs: Ignoring removed bh option
[  121.494669][ T6269] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  121.529114][ T6052] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  121.529182][ T6267] lo speed is unknown, defaulting to 1000
[  121.568346][ T6052] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  121.610378][ T6267] lo speed is unknown, defaulting to 1000
[  121.642373][ T6267] lo speed is unknown, defaulting to 1000
[  121.652715][ T6268] lo speed is unknown, defaulting to 1000
[  121.654853][ T6267] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  121.676845][ T6267] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  121.712890][ T6267] lo speed is unknown, defaulting to 1000
[  121.753645][ T6267] lo speed is unknown, defaulting to 1000
[  121.767195][ T6267] lo speed is unknown, defaulting to 1000
[  121.774768][ T6267] lo speed is unknown, defaulting to 1000
[  121.843938][ T6267] lo speed is unknown, defaulting to 1000
[  122.232143][ T6052] 8021q: adding VLAN 0 to HW filter on device bond0
[  122.330191][ T6052] 8021q: adding VLAN 0 to HW filter on device team0
[  122.399554][ T1324] bridge0: port 1(bridge_slave_0) entered blocking state
[  122.406783][ T1324] bridge0: port 1(bridge_slave_0) entered forwarding state
[  122.603964][ T1324] bridge0: port 2(bridge_slave_1) entered blocking state
[  122.611163][ T1324] bridge0: port 2(bridge_slave_1) entered forwarding state
[  122.651621][ T5853] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  122.792193][ T6285] loop0: detected capacity change from 0 to 32768
[  123.103725][ T6285] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,journal_flush_disabled,fsck,recovery_pass_last=set_may_go_rw,reconstruct_alloc,no_data_io
[  123.103775][ T6285]   allowing incompatible features above 0.0: (unknown version)
[  123.103788][ T6285]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  123.242958][ T6282] loop2: detected capacity change from 0 to 40427
[  123.332668][ T6282] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  123.332693][ T6282] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  123.365247][ T6282] F2FS-fs (loop2): invalid crc value
[  123.592387][ T6285] bcachefs (loop0): Using encoding defined by superblock: utf8-12.1.0
[  123.653234][ T6285] bcachefs (loop0): recovering from clean shutdown, journal seq 10
[  123.662857][ T6285] bcachefs (loop0): Version upgrade required:
[  123.662857][ T6285] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete
[  123.662857][ T6285] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.28: inode_has_case_insensitive
[  123.662857][ T6285]   running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,check_rebalance_work,set_fs_needs_rebalance
[  123.999649][ T6052] 8021q: adding VLAN 0 to HW filter on device batadv0
[  124.618536][ T6282] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  124.691262][ T6282] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  124.707269][ T6285] bcachefs (loop0): dropping and reconstructing all alloc info
[  124.722999][ T6282] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  125.416917][ T6285] syz.0.65: vmalloc error: size 8388608, failed to allocated page array size 16384, mode:0xcc2(GFP_KERNEL|__GFP_HIGHMEM), nodemask=(null),cpuset=/,mems_allowed=0-1
[  125.436296][ T6285] CPU: 1 UID: 0 PID: 6285 Comm: syz.0.65 Not tainted 6.16.0-rc5-next-20250711-syzkaller #0 PREEMPT(full) 
[  125.436323][ T6285] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  125.436336][ T6285] Call Trace:
[  125.436344][ T6285]  <TASK>
[  125.436353][ T6285]  dump_stack_lvl+0x189/0x250
[  125.436396][ T6285]  ? __pfx_dump_stack_lvl+0x10/0x10
[  125.436419][ T6285]  ? __pfx__printk+0x10/0x10
[  125.436450][ T6285]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  125.436474][ T6285]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  125.436496][ T6285]  ? cpuset_print_current_mems_allowed+0x2ee/0x360
[  125.436516][ T6285]  warn_alloc+0x214/0x310
[  125.436542][ T6285]  ? __pfx_warn_alloc+0x10/0x10
[  125.436569][ T6285]  ? __get_vm_area_node+0x28f/0x300
[  125.436589][ T6285]  ? bch2_fs_journal_start+0x2b4/0x12b0
[  125.436610][ T6285]  __vmalloc_node_range_noprof+0x67e/0x12f0
[  125.436648][ T6285]  ? alloc_pages_mpol+0x3cd/0x4a0
[  125.436669][ T6285]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  125.436705][ T6285]  ? rcu_is_watching+0x15/0xb0
[  125.436722][ T6285]  ? bch2_fs_journal_start+0x2b4/0x12b0
[  125.436738][ T6285]  ? bch2_fs_journal_start+0x2b4/0x12b0
[  125.436754][ T6285]  __kvmalloc_node_noprof+0x3b8/0x5f0
[  125.436792][ T6285]  ? bch2_fs_journal_start+0x2b4/0x12b0
[  125.436813][ T6285]  bch2_fs_journal_start+0x2b4/0x12b0
[  125.436840][ T6285]  ? bch2_journal_log_msg+0xd9/0x120
[  125.436857][ T6285]  ? bch2_reconstruct_alloc+0x2a1/0x360
[  125.436878][ T6285]  ? __pfx_bch2_fs_journal_start+0x10/0x10
[  125.436895][ T6285]  ? __pfx_bch2_journal_log_msg+0x10/0x10
[  125.436913][ T6285]  ? bch2_reconstruct_alloc+0x32b/0x360
[  125.436938][ T6285]  bch2_fs_recovery+0x2298/0x3a50
[  125.436970][ T6285]  ? __pfx_bch2_fs_recovery+0x10/0x10
[  125.436999][ T6285]  ? __lock_acquire+0xab9/0xd20
[  125.437020][ T6285]  ? __lock_acquire+0xab9/0xd20
[  125.437037][ T6285]  ? __lock_acquire+0xab9/0xd20
[  125.437065][ T6285]  ? bch2_fs_start+0xa0f/0xda0
[  125.437079][ T6285]  ? up_write+0x1c4/0x420
[  125.437094][ T6285]  ? bch2_fs_start+0x5e7/0xda0
[  125.437108][ T6285]  bch2_fs_start+0xaaf/0xda0
[  125.437121][ T6285]  ? bch2_fs_start+0x5e7/0xda0
[  125.437135][ T6285]  ? __pfx_bch2_fs_start+0x10/0x10
[  125.437162][ T6285]  ? sget+0x267/0x620
[  125.437181][ T6285]  bch2_fs_get_tree+0xb39/0x1540
[  125.437219][ T6285]  ? __pfx_bch2_fs_get_tree+0x10/0x10
[  125.437251][ T6285]  ? aa_get_newest_label+0xf7/0x5d0
[  125.437270][ T6285]  ? __pfx_vfs_parse_comma_sep+0x10/0x10
[  125.437302][ T6285]  ? rcu_is_watching+0x15/0xb0
[  125.437323][ T6285]  vfs_get_tree+0x8f/0x2b0
[  125.437341][ T6285]  do_new_mount+0x2a2/0x9e0
[  125.437361][ T6285]  ? ns_capable+0x8a/0xf0
[  125.437373][ T6285]  ? __pfx_do_new_mount+0x10/0x10
[  125.437390][ T6285]  ? path_mount+0x61c/0xfe0
[  125.437406][ T6285]  ? user_path_at+0x44/0x60
[  125.437424][ T6285]  __se_sys_mount+0x317/0x410
[  125.437446][ T6285]  ? __pfx___se_sys_mount+0x10/0x10
[  125.437468][ T6285]  ? do_syscall_64+0xbe/0x3b0
[  125.437485][ T6285]  ? __x64_sys_mount+0x20/0xc0
[  125.437505][ T6285]  do_syscall_64+0xfa/0x3b0
[  125.437521][ T6285]  ? lockdep_hardirqs_on+0x9c/0x150
[  125.437537][ T6285]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  125.437549][ T6285]  ? clear_bhb_loop+0x60/0xb0
[  125.437564][ T6285]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  125.437576][ T6285] RIP: 0033:0x7f03ffd900ca
[  125.437595][ T6285] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  125.437605][ T6285] RSP: 002b:00007f0400c98e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  125.437618][ T6285] RAX: ffffffffffffffda RBX: 00007f0400c98ef0 RCX: 00007f03ffd900ca
[  125.437628][ T6285] RDX: 00002000000000c0 RSI: 0000200000000000 RDI: 00007f0400c98eb0
[  125.437637][ T6285] RBP: 00002000000000c0 R08: 00007f0400c98ef0 R09: 0000000000810000
[  125.437645][ T6285] R10: 0000000000810000 R11: 0000000000000246 R12: 0000200000000000
[  125.437653][ T6285] R13: 00007f0400c98eb0 R14: 0000000000005928 R15: 0000200000000280
[  125.437672][ T6285]  </TASK>
[  125.439255][ T6285] Mem-Info:
[  125.574350][ T6335] netlink: 4 bytes leftover after parsing attributes in process `syz.1.71'.
[  125.900008][ T6285] active_anon:14833 inactive_anon:0 isolated_anon:0
[  125.900008][ T6285]  active_file:1310 inactive_file:40027 isolated_file:0
[  125.900008][ T6285]  unevictable:768 dirty:123 writeback:0
[  125.900008][ T6285]  slab_reclaimable:10765 slab_unreclaimable:96881
[  125.900008][ T6285]  mapped:29563 shmem:10546 pagetables:1173
[  125.900008][ T6285]  sec_pagetables:0 bounce:0
[  125.900008][ T6285]  kernel_misc_reclaimable:0
[  125.900008][ T6285]  free:1324067 free_pcp:15273 free_cma:0
[  125.956264][ T6285] Node 0 active_anon:59244kB inactive_anon:0kB active_file:5240kB inactive_file:159908kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:122272kB dirty:504kB writeback:0kB shmem:40568kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:12160kB pagetables:4380kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  125.988556][ T6285] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:48kB pagetables:156kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  126.114256][ T6285] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  126.163890][ T6285] lowmem_reserve[]: 0 2497 2499 2499 2499
[  126.173150][ T6285] Node 0 DMA32 free:1398412kB boost:0kB min:34248kB low:42808kB high:51368kB reserved_highatomic:0KB free_highatomic:0KB active_anon:59820kB inactive_anon:0kB active_file:5268kB inactive_file:158348kB unevictable:1536kB writepending:516kB present:3129332kB managed:2557696kB mlocked:0kB bounce:0kB free_pcp:37408kB local_pcp:30600kB free_cma:0kB
[  126.392070][ T6285] lowmem_reserve[]: 0 0 1 1 1
[  126.429695][ T6285] Node 0 Normal free:12kB boost:0kB min:20kB low:24kB high:28kB reserved_highatomic:0KB free_highatomic:0KB active_anon:44kB inactive_anon:0kB active_file:0kB inactive_file:1572kB unevictable:0kB writepending:0kB present:1048580kB managed:1644kB mlocked:0kB bounce:0kB free_pcp:16kB local_pcp:8kB free_cma:0kB
[  126.623650][ T6052] veth0_vlan: entered promiscuous mode
[  126.691761][ T6285] lowmem_reserve[]: 0 0 0 0 0
[  126.715186][ T6052] veth1_vlan: entered promiscuous mode
[  126.774033][ T6285] Node 1 Normal free:3882092kB boost:0kB min:55632kB low:69540kB high:83448kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:22624kB local_pcp:12704kB free_cma:0kB
[  127.126348][ T6285] lowmem_reserve[]: 0 0 0 0 0
[  127.131151][ T6285] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  127.176692][ T6052] veth0_macvtap: entered promiscuous mode
[  127.211973][ T6052] veth1_macvtap: entered promiscuous mode
[  127.218152][ T6285] Node 0 DMA32: 591*4kB (UME) 209*8kB (UME) 256*16kB (UM) 190*32kB (UME) 52*64kB (UME) 25*128kB (UM) 25*256kB (UM) 29*512kB (UME) 14*1024kB (UME) 9*2048kB (UM) 326*4096kB (M) = 1410052kB
[  127.408862][ T6052] batman_adv: batadv0: Interface activated: batadv_slave_0
[  127.447248][ T6285] Node 0 Normal: 1*4kB (M) 1*8kB (M) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 12kB
[  127.576392][ T6052] batman_adv: batadv0: Interface activated: batadv_slave_1
[  127.593358][ T6285] Node 1 Normal: 185*4kB (UME) 51*8kB (UME) 47*16kB (UME) 76*32kB (UME) 22*64kB (UME) 4*128kB (UM) 3*256kB (ME) 5*512kB (UM) 2*1024kB (ME) 2*2048kB (UE) 944*4096kB (M) = 3882348kB
[  127.745594][ T3551] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  127.788424][ T6285] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  127.836798][ T3551] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  127.872487][ T6285] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  127.895039][ T3551] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  127.939805][ T6285] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  127.993046][ T3551] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  128.017841][ T6285] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  128.126012][ T6285] 46750 total pagecache pages
[  128.130763][ T6285] 0 pages in swap cache
[  128.203141][ T6285] Free swap  = 124996kB
[  128.282082][ T6363] loop2: detected capacity change from 0 to 4096
[  128.394018][ T6285] Total swap = 124996kB
[  128.398227][ T6285] 2097051 pages RAM
[  128.402044][ T6285] 0 pages HighMem/MovableOnly
[  128.408469][ T6285] 425585 pages reserved
[  128.412639][ T6285] 0 pages cma reserved
[  128.430401][ T6285] bcachefs (loop0): error reallocating journal fifo (32768 open entries)
[  128.590311][ T6285] bcachefs (loop0): error in recovery: ENOMEM_journal_pin_fifo
[  128.590525][ T6285]   emergency read only at seq 0
[  129.184264][ T6285] bcachefs (loop0): bch2_fs_start(): error starting filesystem ENOMEM_journal_pin_fifo
[  129.194502][ T6285] bcachefs (loop0): shutting down
[  129.230113][ T6285] bcachefs (loop0): shutdown complete
[  130.001613][   T60] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  130.062254][   T60] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  130.317150][ T5935] usb 2-1: new full-speed USB device number 2 using dummy_hcd
[  130.350770][ T1145] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  130.375198][ T1145] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  131.170839][ T5935] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  131.193606][ T5935] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  131.203836][ T5935] usb 2-1: New USB device found, idVendor=146b, idProduct=0902, bcdDevice= 0.00
[  131.213129][ T5935] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  131.261227][ T5935] usb 2-1: config 0 descriptor??
[  132.129168][ T5935] bigben 0003:146B:0902.0001: unexpected rdesc, please submit for review
[  132.139220][ T5935] bigben 0003:146B:0902.0001: unbalanced collection at end of report description
[  132.149463][ T5935] bigben 0003:146B:0902.0001: parse failed
[  132.155680][ T5935] bigben 0003:146B:0902.0001: probe with driver bigben failed with error -22
[  132.349291][ T5935] usb 2-1: USB disconnect, device number 2
[  133.413486][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  133.420167][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  133.546560][ T6400] loop2: detected capacity change from 0 to 32768
[  133.555484][ T6400] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.82 (6400)
[  133.580409][ T6400] BTRFS info (device loop2): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  133.590778][ T6400] BTRFS info (device loop2): using blake2b (blake2b-256-generic) checksum algorithm
[  133.600278][ T6400] BTRFS info (device loop2): using free-space-tree
[  133.692815][ T6391] loop5: detected capacity change from 0 to 32768
[  133.760312][ T6391] (syz.5.81,6391,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  133.801684][ T6391] (syz.5.81,6391,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  134.120910][ T6391] JBD2: Ignoring recovery information on journal
[  134.187165][ T6396] loop3: detected capacity change from 0 to 32768
[  134.321771][ T6391] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[  134.394695][ T6396] XFS (loop3): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  134.631621][ T6396] XFS (loop3): Ending clean mount
[  134.750085][ T5868] BTRFS info (device loop2): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  135.740547][ T6052] ocfs2: Unmounting device (7,5) on (node local)
[  136.008363][ T6285] bcachefs: bch2_fs_get_tree() error: ENOMEM_journal_pin_fifo
[  136.034161][ T5863] XFS (loop3): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  136.478909][ T6456] netlink: 4 bytes leftover after parsing attributes in process `syz.2.91'.
[  142.767971][ T6530] loop0: detected capacity change from 0 to 64
[  142.789157][ T6530] hfs: Unknown parameter 'coqepa
E5p949'
[  143.043799][   T51] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci1/hci1:201'
[  143.054782][   T51] CPU: 1 UID: 0 PID: 51 Comm: kworker/u9:0 Not tainted 6.16.0-rc5-next-20250711-syzkaller #0 PREEMPT(full) 
[  143.054810][   T51] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  143.054823][   T51] Workqueue: hci1 hci_rx_work
[  143.054851][   T51] Call Trace:
[  143.054859][   T51]  <TASK>
[  143.054868][   T51]  dump_stack_lvl+0x189/0x250
[  143.054896][   T51]  ? kernfs_path_from_node+0x2c/0x260
[  143.054919][   T51]  ? __pfx_dump_stack_lvl+0x10/0x10
[  143.054943][   T51]  ? __pfx__printk+0x10/0x10
[  143.054973][   T51]  ? kernfs_path_from_node+0x2c/0x260
[  143.054991][   T51]  ? kernfs_path_from_node+0x2c/0x260
[  143.055012][   T51]  ? kernfs_path_from_node+0x22c/0x260
[  143.055030][   T51]  ? kernfs_path_from_node+0x2c/0x260
[  143.055053][   T51]  sysfs_create_dir_ns+0x259/0x280
[  143.055097][   T51]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  143.055133][   T51]  ? do_raw_spin_unlock+0x122/0x240
[  143.055164][   T51]  kobject_add_internal+0x59f/0xb40
[  143.055204][   T51]  kobject_add+0x155/0x220
[  143.055239][   T51]  ? __pfx_kobject_add+0x10/0x10
[  143.055280][   T51]  ? _raw_spin_unlock+0x28/0x50
[  143.055316][   T51]  ? get_device_parent+0x366/0x3a0
[  143.055338][   T51]  device_add+0x408/0xb50
[  143.055360][   T51]  hci_conn_add_sysfs+0xd5/0x1e0
[  143.055383][   T51]  le_conn_complete_evt+0xc3a/0x1220
[  143.055423][   T51]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  143.055449][   T51]  ? __mutex_unlock_slowpath+0x1cd/0x700
[  143.055472][   T51]  ? __asan_memcpy+0x40/0x70
[  143.055493][   T51]  ? __pfx___mutex_lock+0x10/0x10
[  143.055521][   T51]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  143.055545][   T51]  ? skb_pull_data+0xfb/0x200
[  143.055588][   T51]  hci_le_conn_complete_evt+0x187/0x450
[  143.055624][   T51]  hci_event_packet+0x78f/0x1200
[  143.055650][   T51]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  143.055678][   T51]  ? __pfx_hci_event_packet+0x10/0x10
[  143.055702][   T51]  ? kcov_remote_start+0x4d3/0x7f0
[  143.055730][   T51]  ? lockdep_hardirqs_on+0x10/0x150
[  143.055763][   T51]  ? hci_send_to_monitor+0xe2/0x570
[  143.055796][   T51]  hci_rx_work+0x46a/0xe80
[  143.055828][   T51]  ? process_scheduled_works+0x9ef/0x17b0
[  143.055850][   T51]  process_scheduled_works+0xade/0x17b0
[  143.055903][   T51]  ? __pfx_process_scheduled_works+0x10/0x10
[  143.055943][   T51]  worker_thread+0x8a0/0xda0
[  143.055994][   T51]  kthread+0x711/0x8a0
[  143.056024][   T51]  ? __pfx_worker_thread+0x10/0x10
[  143.056044][   T51]  ? __pfx_kthread+0x10/0x10
[  143.056072][   T51]  ? _raw_spin_unlock_irq+0x23/0x50
[  143.056104][   T51]  ? lockdep_hardirqs_on+0x9c/0x150
[  143.056126][   T51]  ? __pfx_kthread+0x10/0x10
[  143.056153][   T51]  ret_from_fork+0x3f9/0x770
[  143.056177][   T51]  ? __pfx_ret_from_fork+0x10/0x10
[  143.056204][   T51]  ? __switch_to_asm+0x39/0x70
[  143.056229][   T51]  ? __switch_to_asm+0x33/0x70
[  143.056253][   T51]  ? __pfx_kthread+0x10/0x10
[  143.056279][   T51]  ret_from_fork_asm+0x1a/0x30
[  143.056324][   T51]  </TASK>
[  143.056424][   T51] kobject: kobject_add_internal failed for hci1:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  143.339354][ T6533] loop5: detected capacity change from 0 to 32768
[  143.355306][   T51] Bluetooth: hci1: failed to register connection device
[  143.369403][ T6533] XFS: ikeep mount option is deprecated.
[  143.568184][ T6533] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  143.660421][ T6533] XFS (loop5): Ending clean mount
[  143.680794][ T6533] XFS (loop5): Quotacheck needed: Please wait.
[  143.758789][ T6533] XFS (loop5): Quotacheck: Done.
[  148.562523][ T5935] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  148.735919][ T5935] usb 2-1: Using ep0 maxpacket: 32
[  148.784156][ T5935] usb 2-1: New USB device found, idVendor=174f, idProduct=6a31, bcdDevice=26.3f
[  148.811049][ T6569] netlink: 48 bytes leftover after parsing attributes in process `syz.0.117'.
[  148.844682][ T5935] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  148.861988][ T5935] usb 2-1: Product: syz
[  148.877768][ T5935] usb 2-1: Manufacturer: syz
[  148.882404][ T5935] usb 2-1: SerialNumber: syz
[  148.913890][ T6052] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  148.945061][ T5935] usb 2-1: config 0 descriptor??
[  148.963715][ T5935] gspca_main: stk1135-2.14.0 probing 174f:6a31
[  149.101740][ T1324] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  149.152062][ T6577] loop2: detected capacity change from 0 to 2048
[  149.355538][ T6577] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  149.534100][ T5935] gspca_stk1135: reg_w 0x2 err -110
[  149.607779][   T51] Bluetooth: hci1: command 0x0406 tx timeout
[  149.860518][ T5935] gspca_stk1135: serial bus timeout: status=0x00
[  149.952081][ T6579] loop0: detected capacity change from 0 to 16
[  150.192361][ T5935] gspca_stk1135: Sensor write failed
[  150.339835][ T5935] gspca_stk1135: serial bus timeout: status=0x00
[  150.606303][ T6579] erofs (device loop0): mounted with root inode @ nid 36.
[  150.694707][ T5935] gspca_stk1135: Sensor write failed
[  150.700063][ T5935] gspca_stk1135: serial bus timeout: status=0x00
[  150.754467][ T5935] gspca_stk1135: Sensor read failed
[  150.759729][ T5935] gspca_stk1135: serial bus timeout: status=0x00
[  150.806490][ T5935] gspca_stk1135: Sensor read failed
[  150.821917][ T5935] gspca_stk1135: Detected sensor type unknown (0x0)
[  150.872437][ T5935] gspca_stk1135: serial bus timeout: status=0x00
[  150.890571][ T5935] gspca_stk1135: Sensor read failed
[  150.916329][ T5935] gspca_stk1135: serial bus timeout: status=0x00
[  151.055672][ T5935] gspca_stk1135: Sensor read failed
[  151.060954][ T5935] gspca_stk1135: serial bus timeout: status=0x00
[  151.094038][ T5935] gspca_stk1135: Sensor write failed
[  151.099527][ T5935] gspca_stk1135: serial bus timeout: status=0x00
[  151.136352][ T5935] gspca_stk1135: Sensor write failed
[  151.141771][ T5935] stk1135 2-1:0.0: probe with driver stk1135 failed with error -110
[  151.284387][ T5935] usb 2-1: USB disconnect, device number 3
[  151.340649][ T6598] loop1: detected capacity change from 0 to 16
[  151.501604][ T6598] erofs (device loop1): mounted with root inode @ nid 36.
[  151.671297][ T6598] erofs (device loop1): read error -117 @ 8200 of nid 36
[  153.019226][ T6579] erofs (device loop0): corrupted dir block 72 @ nid 36
[  154.714511][ T6637] nfs: Bad value for 'source'
[  154.804230][ T5858] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  154.810491][   T51] Bluetooth: hci5: command 0x1003 tx timeout
[  155.163512][ T6647] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check.
[  155.554610][ T6658] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  155.605295][    C1] Illegal XDP return value 16128 on prog  (id 11) dev lo, expect packet loss!
[  157.696462][ T5858] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci4/hci4:201'
[  157.707864][ T5858] CPU: 0 UID: 0 PID: 5858 Comm: kworker/u9:3 Not tainted 6.16.0-rc5-next-20250711-syzkaller #0 PREEMPT(full) 
[  157.707883][ T5858] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  157.707893][ T5858] Workqueue: hci4 hci_rx_work
[  157.707911][ T5858] Call Trace:
[  157.707916][ T5858]  <TASK>
[  157.707922][ T5858]  dump_stack_lvl+0x189/0x250
[  157.707941][ T5858]  ? kernfs_path_from_node+0x2c/0x260
[  157.707957][ T5858]  ? __pfx_dump_stack_lvl+0x10/0x10
[  157.707973][ T5858]  ? __pfx__printk+0x10/0x10
[  157.707994][ T5858]  ? kernfs_path_from_node+0x2c/0x260
[  157.708006][ T5858]  ? kernfs_path_from_node+0x2c/0x260
[  157.708020][ T5858]  ? kernfs_path_from_node+0x22c/0x260
[  157.708032][ T5858]  ? kernfs_path_from_node+0x2c/0x260
[  157.708047][ T5858]  sysfs_create_dir_ns+0x259/0x280
[  157.708070][ T5858]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  157.708093][ T5858]  ? do_raw_spin_unlock+0x122/0x240
[  157.708115][ T5858]  kobject_add_internal+0x59f/0xb40
[  157.708141][ T5858]  kobject_add+0x155/0x220
[  157.708165][ T5858]  ? __pfx_kobject_add+0x10/0x10
[  157.708184][ T5858]  ? _raw_spin_unlock+0x28/0x50
[  157.708203][ T5858]  ? get_device_parent+0x366/0x3a0
[  157.708219][ T5858]  device_add+0x408/0xb50
[  157.708235][ T5858]  hci_conn_add_sysfs+0xd5/0x1e0
[  157.708251][ T5858]  le_conn_complete_evt+0xc3a/0x1220
[  157.708279][ T5858]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  157.708299][ T5858]  ? __mutex_unlock_slowpath+0x1cd/0x700
[  157.708316][ T5858]  ? __asan_memcpy+0x40/0x70
[  157.708332][ T5858]  ? __pfx___mutex_lock+0x10/0x10
[  157.708351][ T5858]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  157.708368][ T5858]  ? skb_pull_data+0xfb/0x200
[  157.708387][ T5858]  hci_le_conn_complete_evt+0x187/0x450
[  157.708410][ T5858]  hci_event_packet+0x78f/0x1200
[  157.708430][ T5858]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  157.708450][ T5858]  ? __pfx_hci_event_packet+0x10/0x10
[  157.708466][ T5858]  ? kcov_remote_start+0x4d3/0x7f0
[  157.708484][ T5858]  ? lockdep_hardirqs_on+0x10/0x150
[  157.708504][ T5858]  ? hci_send_to_monitor+0xe2/0x570
[  157.708525][ T5858]  hci_rx_work+0x46a/0xe80
[  157.708546][ T5858]  ? process_scheduled_works+0x9ef/0x17b0
[  157.708562][ T5858]  process_scheduled_works+0xade/0x17b0
[  157.708595][ T5858]  ? __pfx_process_scheduled_works+0x10/0x10
[  157.708621][ T5858]  worker_thread+0x8a0/0xda0
[  157.708637][ T5858]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  157.708659][ T5858]  ? __kthread_parkme+0x7b/0x200
[  157.708681][ T5858]  kthread+0x711/0x8a0
[  157.708700][ T5858]  ? __pfx_worker_thread+0x10/0x10
[  157.708714][ T5858]  ? __pfx_kthread+0x10/0x10
[  157.708732][ T5858]  ? _raw_spin_unlock_irq+0x23/0x50
[  157.708747][ T5858]  ? lockdep_hardirqs_on+0x9c/0x150
[  157.708763][ T5858]  ? __pfx_kthread+0x10/0x10
[  157.708781][ T5858]  ret_from_fork+0x3f9/0x770
[  157.708796][ T5858]  ? __pfx_ret_from_fork+0x10/0x10
[  157.708813][ T5858]  ? __switch_to_asm+0x39/0x70
[  157.708837][ T5858]  ? __switch_to_asm+0x33/0x70
[  157.708853][ T5858]  ? __pfx_kthread+0x10/0x10
[  157.708871][ T5858]  ret_from_fork_asm+0x1a/0x30
[  157.708901][ T5858]  </TASK>
[  157.708920][ T5858] kobject: kobject_add_internal failed for hci4:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  158.027314][   T55] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  158.035105][ T5858] Bluetooth: hci4: failed to register connection device
[  158.043838][    C0] raw-gadget.0 gadget.5: ignoring, device is not running
[  158.268106][   T55] usb 6-1: device descriptor read/64, error -32
[  158.564271][   T55] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  158.690156][    C0] raw-gadget.0 gadget.5: ignoring, device is not running
[  158.847965][   T55] usb 6-1: device descriptor read/64, error -32
[  159.019421][   T55] usb usb6-port1: attempt power cycle
[  159.088432][ T6707] IPVS: sync thread started: state = MASTER, mcast_ifn = lo, syncid = 2, id = 0
[  159.384224][   T55] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  159.448703][    C0] raw-gadget.0 gadget.5: ignoring, device is not running
[  159.461639][   T55] usb 6-1: device descriptor read/8, error -32
[  159.594640][   T55] raw-gadget.0 gadget.5: failed to queue suspend event
[  159.771137][   T55] raw-gadget.0 gadget.5: failed to queue reset event
[  160.050135][   T55] raw-gadget.0 gadget.5: failed to queue resume event
[  160.095111][ T5858] Bluetooth: hci4: command tx timeout
[  160.227229][   T55] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  160.304694][    C0] raw-gadget.0 gadget.5: ignoring, device is not running
[  160.311993][   T55] usb 6-1: device descriptor read/8, error -32
[  160.454402][   T55] raw-gadget.0 gadget.5: failed to queue suspend event
[  160.470577][   T55] usb usb6-port1: unable to enumerate USB device
[  161.425423][ T6730] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  162.397489][ T6733] loop3: detected capacity change from 0 to 32768
[  162.482564][ T6733] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.153 (6733)
[  163.416851][ T6733] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  163.427170][ T6733] BTRFS info (device loop3): using crc32c (crc32c-lib) checksum algorithm
[  163.568301][ T6764] netlink: 8 bytes leftover after parsing attributes in process `syz.1.159'.
[  163.758070][ T6733] BTRFS info (device loop3): rebuilding free space tree
[  163.816890][ T6733] BTRFS info (device loop3): disabling free space tree
[  163.824051][ T6733] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  163.833885][ T6733] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  163.857748][ T6733] BTRFS info (device loop3): checking UUID tree
[  163.970139][ T6775] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  164.029422][ T6583] BTRFS warning (device loop3): checksum verify failed on logical 5308416 mirror 1 wanted 0xe1d58233 found 0xb0b78aaf level 0
[  164.289184][ T6733] BTRFS: error (device loop3) in btrfs_fill_super:986: errno=-5 IO failure
[  164.310144][ T6733] BTRFS error (device loop3 state E): commit super ret -30
[  164.581617][   T30] audit: type=1326 audit(1752269959.067:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6773 comm="syz.1.162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae1558e929 code=0x7ffc0000
[  164.904163][   T30] audit: type=1326 audit(1752269959.067:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6773 comm="syz.1.162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae1558e929 code=0x7ffc0000
[  165.109881][    T9] IPVS: starting estimator thread 0...
[  165.324467][   T30] audit: type=1326 audit(1752269959.077:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6773 comm="syz.1.162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fae1558d3df code=0x7ffc0000
[  165.612500][ T6785] IPVS: using max 26 ests per chain, 62400 per kthread
[  165.644092][   T30] audit: type=1326 audit(1752269959.077:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6773 comm="syz.1.162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae1558e929 code=0x7ffc0000
[  165.803591][   T30] audit: type=1326 audit(1752269959.077:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6773 comm="syz.1.162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae1558e929 code=0x7ffc0000
[  165.922637][   T30] audit: type=1326 audit(1752269959.107:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6773 comm="syz.1.162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fae1558e929 code=0x7ffc0000
[  166.273721][   T30] audit: type=1326 audit(1752269959.107:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6773 comm="syz.1.162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae1558e929 code=0x7ffc0000
[  166.427843][   T30] audit: type=1326 audit(1752269959.107:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6773 comm="syz.1.162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae1558e929 code=0x7ffc0000
[  166.455663][   T30] audit: type=1326 audit(1752269959.117:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6773 comm="syz.1.162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fae1558e929 code=0x7ffc0000
[  166.489089][   T30] audit: type=1326 audit(1752269959.117:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6773 comm="syz.1.162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae1558e929 code=0x7ffc0000
[  168.606899][ T6830] overlayfs: overlapping lowerdir path
[  171.354109][    T9] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  171.544128][    T9] usb 4-1: Using ep0 maxpacket: 16
[  171.567917][    T9] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  171.588316][    T9] usb 4-1: config 0 interface 0 altsetting 1 endpoint 0x7 has invalid wMaxPacketSize 0
[  171.612798][    T9] usb 4-1: config 0 interface 0 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  171.632395][    T9] usb 4-1: config 0 interface 0 has no altsetting 0
[  171.661235][    T9] usb 4-1: New USB device found, idVendor=06cb, idProduct=0006, bcdDevice=9a.eb
[  171.685060][   T51] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  171.695213][   T51] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  171.715288][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  171.734096][    T9] usb 4-1: Product: syz
[  171.746171][    T9] usb 4-1: Manufacturer: syz
[  171.754529][    T9] usb 4-1: SerialNumber: syz
[  171.848710][   T51] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  171.857086][   T51] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  171.866640][   T51] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  171.885933][    T9] usb 4-1: config 0 descriptor??
[  172.348756][    T9] usb 4-1: USB disconnect, device number 2
[  172.359749][ T6668] raw-gadget.0 gadget.5: failed to queue disconnect event
[  172.379201][ T6868] capability: warning: `syz.1.182' uses deprecated v2 capabilities in a way that may be insecure
[  172.822023][ T3479] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  172.922701][ T6869] lo speed is unknown, defaulting to 1000
[  173.154980][ T3479] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  173.753091][    T9] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  173.924248][ T5858] Bluetooth: hci3: command tx timeout
[  173.994596][ T5914] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  174.257062][ T3479] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  175.059582][ T5914] usb 2-1: Using ep0 maxpacket: 16
[  175.084455][ T5914] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[  175.113187][ T5914] usb 2-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e
[  175.134763][ T5914] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  175.151840][ T5914] usb 2-1: Product: syz
[  175.169686][ T5914] usb 2-1: Manufacturer: syz
[  175.184374][ T5914] usb 2-1: SerialNumber: syz
[  175.216345][ T5914] usb 2-1: config 0 descriptor??
[  175.243490][ T5914] hub 2-1:0.0: bad descriptor, ignoring hub
[  175.304010][ T5914] hub 2-1:0.0: probe with driver hub failed with error -5
[  175.358736][ T3479] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  175.376753][ T5914] input: syz syz as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/input/input7
[  175.646129][ T5914] usb 2-1: USB disconnect, device number 4
[  176.005184][ T5858] Bluetooth: hci3: command tx timeout
[  176.494452][ T6928] netlink: 328 bytes leftover after parsing attributes in process `syz.1.198'.
[  176.719497][ T6869] chnl_net:caif_netlink_parms(): no params data found
[  176.737968][ T6909] loop0: detected capacity change from 0 to 32768
[  178.149887][ T5858] Bluetooth: hci3: command tx timeout
[  178.155643][ T6909] XFS (loop0): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  178.223398][ T6909] workqueue: Failed to create a rescuer kthread for wq "xfs-log/loop0": -EINTR
[  178.223841][ T6909] XFS (loop0): log mount failed
[  178.679366][ T3479] bridge_slave_1: left allmulticast mode
[  178.718696][ T3479] bridge_slave_1: left promiscuous mode
[  178.774960][ T3479] bridge0: port 2(bridge_slave_1) entered disabled state
[  179.254547][    T9] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  179.263425][ T3479] bridge_slave_0: left allmulticast mode
[  179.295232][ T3479] bridge_slave_0: left promiscuous mode
[  179.301001][ T3479] bridge0: port 1(bridge_slave_0) entered disabled state
[  179.467325][    T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  179.484096][    T9] usb 4-1: New USB device found, idVendor=1532, idProduct=010e, bcdDevice= 0.00
[  179.513819][    T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  179.550703][ T6969] netlink: 'syz.2.197': attribute type 10 has an invalid length.
[  179.577951][    T9] usb 4-1: config 0 descriptor??
[  180.164233][ T5858] Bluetooth: hci3: command tx timeout
[  180.794861][    T9] hid (null): global environment stack underflow
[  180.914061][    T9] razer 0003:1532:010E.0002: global environment stack underflow
[  180.921744][    T9] razer 0003:1532:010E.0002: item 0 4 1 11 parsing failed
[  181.121037][    T9] razer 0003:1532:010E.0002: probe with driver razer failed with error -22
[  181.347128][ T6983] loop0: detected capacity change from 0 to 40427
[  181.380694][   T49] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  181.394504][    T9] usb 4-1: USB disconnect, device number 3
[  181.417266][ T6983] F2FS-fs (loop0): invalid crc value
[  181.502976][ T6983] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  181.539752][ T6983] F2FS-fs (loop0): Start checkpoint disabled!
[  181.630172][ T6983] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[  181.949617][ T6989] input: syz0 as /devices/virtual/input/input8
[  182.691288][ T6992] 9pnet: p9_errstr2errno: server reported unknown error ¤ÑÅl
[  182.709858][ T3551] kworker/u8:10: attempt to access beyond end of device
[  182.709858][ T3551] loop0: rw=1, sector=45096, nr_sectors = 8 limit=40427
[  182.808468][    T9] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  182.809012][ T1318] kworker/u8:6: attempt to access beyond end of device
[  182.809012][ T1318] loop0: rw=2049, sector=45104, nr_sectors = 16 limit=40427
[  182.819373][ T5922] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  182.874163][ T1318] CPU: 0 UID: 0 PID: 1318 Comm: kworker/u8:6 Not tainted 6.16.0-rc5-next-20250711-syzkaller #0 PREEMPT(full) 
[  182.874188][ T1318] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  182.874199][ T1318] Workqueue: writeback wb_workfn (flush-7:0)
[  182.874224][ T1318] Call Trace:
[  182.874231][ T1318]  <TASK>
[  182.874238][ T1318]  dump_stack_lvl+0x189/0x250
[  182.874265][ T1318]  ? __pfx_dump_stack_lvl+0x10/0x10
[  182.874283][ T1318]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  182.874305][ T1318]  ? __pfx_queue_work_on+0x10/0x10
[  182.874326][ T1318]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  182.874346][ T1318]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  182.874368][ T1318]  ? f2fs_hw_is_readonly+0x39b/0x470
[  182.874394][ T1318]  f2fs_handle_critical_error+0x37c/0x540
[  182.874420][ T1318]  f2fs_write_end_io+0x495/0x810
[  182.874440][ T1318]  ? blkg_put+0x22/0x240
[  182.874478][ T1318]  __submit_merged_bio+0x27a/0x6a0
[  182.874504][ T1318]  __submit_merged_write_cond+0x255/0x530
[  182.874542][ T1318]  f2fs_write_data_pages+0x261d/0x3000
[  182.874602][ T1318]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  182.874706][ T1318]  ? __pfx_preempt_schedule_irq+0x10/0x10
[  182.874738][ T1318]  ? irqentry_exit+0x74/0x90
[  182.874761][ T1318]  ? lockdep_hardirqs_on+0x9c/0x150
[  182.874802][ T1318]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  182.874824][ T1318]  do_writepages+0x32e/0x550
[  182.874852][ T1318]  ? reacquire_held_locks+0x127/0x1d0
[  182.874871][ T1318]  ? writeback_sb_inodes+0x384/0x1010
[  182.874903][ T1318]  __writeback_single_inode+0x145/0xff0
[  182.874925][ T1318]  ? do_raw_spin_unlock+0x122/0x240
[  182.874954][ T1318]  writeback_sb_inodes+0x6c7/0x1010
[  182.875006][ T1318]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  182.875084][ T1318]  ? rcu_is_watching+0x15/0xb0
[  182.875113][ T1318]  wb_writeback+0x43b/0xaf0
[  182.875144][ T1318]  ? queue_io+0x2e1/0x590
[  182.875169][ T1318]  ? __pfx_wb_writeback+0x10/0x10
[  182.875198][ T1318]  ? preempt_schedule_thunk+0x16/0x30
[  182.875235][ T1318]  wb_workfn+0x409/0xef0
[  182.875272][ T1318]  ? __pfx_wb_workfn+0x10/0x10
[  182.875296][ T1318]  ? __lock_acquire+0xab9/0xd20
[  182.875325][ T1318]  ? process_scheduled_works+0x9ef/0x17b0
[  182.875353][ T1318]  ? process_scheduled_works+0x9ef/0x17b0
[  182.875369][ T1318]  ? process_scheduled_works+0x9ef/0x17b0
[  182.875389][ T1318]  process_scheduled_works+0xade/0x17b0
[  182.875443][ T1318]  ? __pfx_process_scheduled_works+0x10/0x10
[  182.875482][ T1318]  worker_thread+0x8a0/0xda0
[  182.875538][ T1318]  kthread+0x711/0x8a0
[  182.875565][ T1318]  ? __pfx_worker_thread+0x10/0x10
[  182.875602][ T1318]  ? __pfx_kthread+0x10/0x10
[  182.875631][ T1318]  ? _raw_spin_unlock_irq+0x23/0x50
[  182.875655][ T1318]  ? lockdep_hardirqs_on+0x9c/0x150
[  182.875678][ T1318]  ? __pfx_kthread+0x10/0x10
[  182.875706][ T1318]  ret_from_fork+0x3f9/0x770
[  182.875732][ T1318]  ? __pfx_ret_from_fork+0x10/0x10
[  182.875762][ T1318]  ? __switch_to_asm+0x39/0x70
[  182.875786][ T1318]  ? __switch_to_asm+0x33/0x70
[  182.875811][ T1318]  ? __pfx_kthread+0x10/0x10
[  182.875839][ T1318]  ret_from_fork_asm+0x1a/0x30
[  182.875890][ T1318]  </TASK>
[  182.876159][ T1318] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  183.167327][ T6997] loop1: detected capacity change from 0 to 2048
[  183.245127][ T1318] CPU: 1 UID: 0 PID: 1318 Comm: kworker/u8:6 Not tainted 6.16.0-rc5-next-20250711-syzkaller #0 PREEMPT(full) 
[  183.245153][ T1318] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  183.245165][ T1318] Workqueue: writeback wb_workfn (flush-7:0)
[  183.245191][ T1318] Call Trace:
[  183.245199][ T1318]  <TASK>
[  183.245206][ T1318]  dump_stack_lvl+0x189/0x250
[  183.245234][ T1318]  ? __pfx_dump_stack_lvl+0x10/0x10
[  183.245254][ T1318]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  183.245276][ T1318]  ? __pfx_queue_work_on+0x10/0x10
[  183.245298][ T1318]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  183.245320][ T1318]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  183.245344][ T1318]  ? f2fs_hw_is_readonly+0x39b/0x470
[  183.245369][ T1318]  f2fs_handle_critical_error+0x37c/0x540
[  183.245396][ T1318]  f2fs_write_end_io+0x495/0x810
[  183.245417][ T1318]  ? blkg_put+0x22/0x240
[  183.245453][ T1318]  __submit_merged_bio+0x27a/0x6a0
[  183.245480][ T1318]  __submit_merged_write_cond+0x255/0x530
[  183.245519][ T1318]  f2fs_write_data_pages+0x261d/0x3000
[  183.245596][ T1318]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  183.245700][ T1318]  ? __pfx_preempt_schedule_irq+0x10/0x10
[  183.245744][ T1318]  ? irqentry_exit+0x74/0x90
[  183.245770][ T1318]  ? lockdep_hardirqs_on+0x9c/0x150
[  183.245815][ T1318]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  183.245841][ T1318]  do_writepages+0x32e/0x550
[  183.245873][ T1318]  ? reacquire_held_locks+0x127/0x1d0
[  183.245894][ T1318]  ? writeback_sb_inodes+0x384/0x1010
[  183.245930][ T1318]  __writeback_single_inode+0x145/0xff0
[  183.245955][ T1318]  ? do_raw_spin_unlock+0x122/0x240
[  183.245987][ T1318]  writeback_sb_inodes+0x6c7/0x1010
[  183.246044][ T1318]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  183.246117][ T1318]  ? rcu_is_watching+0x15/0xb0
[  183.246150][ T1318]  wb_writeback+0x43b/0xaf0
[  183.246184][ T1318]  ? queue_io+0x2e1/0x590
[  183.246212][ T1318]  ? __pfx_wb_writeback+0x10/0x10
[  183.246243][ T1318]  ? preempt_schedule_thunk+0x16/0x30
[  183.246283][ T1318]  wb_workfn+0x409/0xef0
[  183.246321][ T1318]  ? __pfx_wb_workfn+0x10/0x10
[  183.246347][ T1318]  ? __lock_acquire+0xab9/0xd20
[  183.246378][ T1318]  ? process_scheduled_works+0x9ef/0x17b0
[  183.246408][ T1318]  ? process_scheduled_works+0x9ef/0x17b0
[  183.246427][ T1318]  ? process_scheduled_works+0x9ef/0x17b0
[  183.246450][ T1318]  process_scheduled_works+0xade/0x17b0
[  183.246506][ T1318]  ? __pfx_process_scheduled_works+0x10/0x10
[  183.246548][ T1318]  worker_thread+0x8a0/0xda0
[  183.246602][ T1318]  kthread+0x711/0x8a0
[  183.246632][ T1318]  ? __pfx_worker_thread+0x10/0x10
[  183.246652][ T1318]  ? __pfx_kthread+0x10/0x10
[  183.246680][ T1318]  ? _raw_spin_unlock_irq+0x23/0x50
[  183.246704][ T1318]  ? lockdep_hardirqs_on+0x9c/0x150
[  183.246727][ T1318]  ? __pfx_kthread+0x10/0x10
[  183.246774][ T1318]  ret_from_fork+0x3f9/0x770
[  183.246797][ T1318]  ? __pfx_ret_from_fork+0x10/0x10
[  183.246834][ T1318]  ? __switch_to_asm+0x39/0x70
[  183.246866][ T1318]  ? __switch_to_asm+0x33/0x70
[  183.246886][ T1318]  ? __pfx_kthread+0x10/0x10
[  183.246910][ T1318]  ret_from_fork_asm+0x1a/0x30
[  183.246949][ T1318]  </TASK>
[  183.246956][ T1318] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  183.581168][ T6997] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  184.768543][ T3479] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  184.797504][ T3479] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  184.816256][ T3479] bond0 (unregistering): Released all slaves
[  184.922346][ T6969] team0: Device ipvlan1 failed to register rx_handler
[  185.129721][ T6869] bridge0: port 1(bridge_slave_0) entered blocking state
[  185.171633][ T6869] bridge0: port 1(bridge_slave_0) entered disabled state
[  185.200229][ T6869] bridge_slave_0: entered allmulticast mode
[  185.222898][ T6869] bridge_slave_0: entered promiscuous mode
[  185.258388][ T6869] bridge0: port 2(bridge_slave_1) entered blocking state
[  185.308373][ T6869] bridge0: port 2(bridge_slave_1) entered disabled state
[  185.326594][ T6869] bridge_slave_1: entered allmulticast mode
[  185.343007][ T6869] bridge_slave_1: entered promiscuous mode
[  186.546797][ T6869] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  187.962180][ T6869] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  188.363040][ T7034] lo speed is unknown, defaulting to 1000
[  188.978166][ T6869] team0: Port device team_slave_0 added
[  189.212329][ T3479] hsr_slave_0: left promiscuous mode
[  189.236593][ T3479] hsr_slave_1: left promiscuous mode
[  189.275795][ T3479] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  189.283218][ T3479] batman_adv: batadv0: Removing interface: batadv_slave_0
[  189.308417][ T3479] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  189.349015][ T3479] batman_adv: batadv0: Removing interface: batadv_slave_1
[  189.392791][ T3479] veth1_macvtap: left promiscuous mode
[  189.409390][ T3479] veth0_macvtap: left promiscuous mode
[  189.420358][ T3479] veth1_vlan: left promiscuous mode
[  189.427754][ T3479] veth0_vlan: left promiscuous mode
[  190.576920][ T7065] loop3: detected capacity change from 0 to 2048
[  190.603747][ T7065] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  192.056525][ T3479] team0 (unregistering): Port device team_slave_1 removed
[  192.096769][ T3479] team0 (unregistering): Port device team_slave_0 removed
[  192.407524][ T5922] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  192.436849][ T6869] team0: Port device team_slave_1 added
[  192.467899][ T7054] tipc: Enabling of bearer <}dp:s> rejected, media not registered
[  192.614685][ T6869] batman_adv: batadv0: Adding interface: batadv_slave_0
[  192.661625][ T6869] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  192.734115][ T6869] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  192.763449][ T6869] batman_adv: batadv0: Adding interface: batadv_slave_1
[  192.775039][ T6869] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  192.835029][ T6869] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  194.329345][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  194.339320][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  194.600214][ T6869] hsr_slave_0: entered promiscuous mode
[  194.618632][ T6869] hsr_slave_1: entered promiscuous mode
[  194.625246][ T6869] debugfs: 'hsr0' already exists in 'hsr'
[  194.630994][ T6869] Cannot create hsr debugfs directory
[  194.953327][ T7099] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  195.094193][ T5922] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  195.183139][ T7106] netlink: 'syz.1.238': attribute type 1 has an invalid length.
[  195.286959][ T5922] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  195.353113][ T5922] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  195.379348][ T5922] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  195.399701][ T5922] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  195.472071][ T5922] usb 1-1: SerialNumber: syz
[  195.970299][ T7108] 8021q: adding VLAN 0 to HW filter on device bond2
[  195.982588][ T7108] bond1: (slave bond2): making interface the new active one
[  195.991843][ T7108] bond1: (slave bond2): Enslaving as an active interface with an up link
[  196.637152][ T5922] usb 1-1: 0:2 : does not exist
[  196.642302][ T5922] usb 1-1: unit 5: unexpected type 0x03
[  196.649896][ T5922] usb 1-1: unit 4 not found!
[  196.669985][ T5922] usb 1-1: USB disconnect, device number 2
[  196.701594][ T7128] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  196.831655][ T5854] udevd[5854]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  196.975856][ T6869] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  197.679460][ T6869] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  197.935145][ T7138] netlink: 'syz.1.244': attribute type 10 has an invalid length.
[  197.946125][ T7138] team0: Device ipvlan1 failed to register rx_handler
[  198.004862][ T6869] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  198.065343][ T6869] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  198.204173][ T7152] netlink: 'syz.1.247': attribute type 4 has an invalid length.
[  198.252547][ T5936] lo speed is unknown, defaulting to 1000
[  198.314475][ T5936] syz2: Port: 1 Link DOWN
[  198.768260][ T6869] 8021q: adding VLAN 0 to HW filter on device bond0
[  199.131786][ T6869] 8021q: adding VLAN 0 to HW filter on device team0
[  199.234155][ T7174] loop0: detected capacity change from 0 to 1024
[  199.253357][ T1145] bridge0: port 1(bridge_slave_0) entered blocking state
[  199.260553][ T1145] bridge0: port 1(bridge_slave_0) entered forwarding state
[  199.352210][ T1145] bridge0: port 2(bridge_slave_1) entered blocking state
[  199.359417][ T1145] bridge0: port 2(bridge_slave_1) entered forwarding state
[  199.957020][ T6554] hfsplus: b-tree write err: -5, ino 4
[  201.061954][ T6869] 8021q: adding VLAN 0 to HW filter on device batadv0
[  201.369980][ T7215] netlink: 'syz.3.257': attribute type 10 has an invalid length.
[  201.383073][ T7215] team0: Device ipvlan1 failed to register rx_handler
[  203.306412][ T7240] netlink: 4 bytes leftover after parsing attributes in process `syz.0.259'.
[  204.392541][ T7253] syz.3.265 uses obsolete (PF_INET,SOCK_PACKET)
[  205.109469][ T6869] veth0_vlan: entered promiscuous mode
[  205.141929][ T6869] veth1_vlan: entered promiscuous mode
[  205.214190][ T6869] veth0_macvtap: entered promiscuous mode
[  205.248667][ T6869] veth1_macvtap: entered promiscuous mode
[  205.348235][ T6869] batman_adv: batadv0: Interface activated: batadv_slave_0
[  205.521007][ T6869] batman_adv: batadv0: Interface activated: batadv_slave_1
[  205.814131][   T30] kauditd_printk_skb: 19 callbacks suppressed
[  205.814168][   T30] audit: type=1326 audit(1752270256.112:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7268 comm="syz.1.267" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fae1558e929 code=0x0
[  206.156910][ T6554] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  206.172728][ T6554] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  206.254162][ T6554] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  206.310499][ T1318] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  207.543048][ T6554] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  207.593306][ T6554] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  207.723654][ T6554] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  207.923466][ T6554] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  210.012636][   T30] audit: type=1326 audit(1752270260.502:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7326 comm="syz.2.278" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb13ff8e929 code=0x0
[  211.924850][ T7331] Bluetooth: hci0: command 0x0406 tx timeout
[  211.932065][ T7331] Bluetooth: hci2: command 0x0406 tx timeout
[  211.940823][ T7331] Bluetooth: hci1: command 0x0406 tx timeout
[  211.948086][ T7331] Bluetooth: hci4: command 0x0406 tx timeout
[  212.944924][ T1318] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  213.571271][   T30] audit: type=1326 audit(1752270264.052:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7382 comm="syz.2.293" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb13ff8e929 code=0x0
[  214.051504][ T7400] netlink: 'syz.3.297': attribute type 2 has an invalid length.
[  214.059476][ T7400] netlink: 'syz.3.297': attribute type 8 has an invalid length.
[  214.067217][ T7400] netlink: 132 bytes leftover after parsing attributes in process `syz.3.297'.
[  216.990388][ T7418] bridge0: port 2(bridge_slave_1) entered disabled state
[  216.998499][ T7418] bridge0: port 1(bridge_slave_0) entered disabled state
[  217.124181][ T7418] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  217.135244][ T7418] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  217.277956][   T49] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  217.329536][   T49] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  217.414174][   T49] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  217.472644][   T49] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  218.045502][ T7437] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  218.469566][   T51] Bluetooth: hci5: command 0x1003 tx timeout
[  218.476824][ T5856] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  218.710376][ T7449] overlayfs: failed to clone upperpath
[  220.593742][ T7479] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  220.616097][ T7481] loop0: detected capacity change from 0 to 16
[  220.679010][ T7481] erofs (device loop0): mounted with root inode @ nid 36.
[  220.728039][ T7481] erofs (device loop0): read error -117 @ 8200 of nid 36
[  230.259905][ T7595] netlink: 'syz.1.350': attribute type 2 has an invalid length.
[  230.267637][ T7595] netlink: 'syz.1.350': attribute type 8 has an invalid length.
[  230.275353][ T7595] netlink: 132 bytes leftover after parsing attributes in process `syz.1.350'.
[  230.806231][ T7603] nfs: Bad value for 'source'
[  231.617273][ T7601] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  232.021745][ T7619] overlayfs: failed to clone lowerpath
[  232.104346][ T7620] overlayfs: failed to clone upperpath
[  232.196407][ T7621] mmap: syz.3.356 (7621) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  235.088223][ T7647] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  235.142129][ T7647] batadv_slave_0: entered promiscuous mode
[  235.357045][ T7651] loop6: detected capacity change from 0 to 40427
[  235.407600][ T7651] F2FS-fs (loop6): invalid crc value
[  235.481920][ T7651] F2FS-fs (loop6): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  235.491509][ T7651] F2FS-fs (loop6): Start checkpoint disabled!
[  235.511897][ T7651] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e6
[  235.681452][ T7656] input: syz0 as /devices/virtual/input/input9
[  236.395902][ T6582] kworker/u8:12: attempt to access beyond end of device
[  236.395902][ T6582] loop6: rw=1, sector=45096, nr_sectors = 8 limit=40427
[  237.137869][   T51] Bluetooth: hci3: command 0x0406 tx timeout
[  237.264533][   T36] kworker/u8:2: attempt to access beyond end of device
[  237.264533][   T36] loop6: rw=2049, sector=45104, nr_sectors = 16 limit=40427
[  237.586966][   T36] CPU: 0 UID: 0 PID: 36 Comm: kworker/u8:2 Not tainted 6.16.0-rc5-next-20250711-syzkaller #0 PREEMPT(full) 
[  237.586993][   T36] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  237.587006][   T36] Workqueue: writeback wb_workfn (flush-7:6)
[  237.587035][   T36] Call Trace:
[  237.587044][   T36]  <TASK>
[  237.587053][   T36]  dump_stack_lvl+0x189/0x250
[  237.587084][   T36]  ? __pfx_dump_stack_lvl+0x10/0x10
[  237.587099][   T36]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  237.587124][   T36]  ? __pfx_queue_work_on+0x10/0x10
[  237.587141][   T36]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  237.587158][   T36]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  237.587177][   T36]  ? f2fs_hw_is_readonly+0x39b/0x470
[  237.587197][   T36]  f2fs_handle_critical_error+0x37c/0x540
[  237.587219][   T36]  f2fs_write_end_io+0x495/0x810
[  237.587236][   T36]  ? blkg_put+0x22/0x240
[  237.587266][   T36]  __submit_merged_bio+0x27a/0x6a0
[  237.587298][   T36]  __submit_merged_write_cond+0x255/0x530
[  237.587324][   T36]  f2fs_write_data_pages+0x261d/0x3000
[  237.587366][   T36]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  237.587393][   T36]  ? unwind_next_frame+0xa5/0x2390
[  237.587426][   T36]  ? ret_from_fork_asm+0x1a/0x30
[  237.587448][   T36]  ? __lock_acquire+0xab9/0xd20
[  237.587490][   T36]  ? __lock_acquire+0xab9/0xd20
[  237.587504][   T36]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  237.587520][   T36]  do_writepages+0x32e/0x550
[  237.587540][   T36]  ? reacquire_held_locks+0x127/0x1d0
[  237.587553][   T36]  ? writeback_sb_inodes+0x384/0x1010
[  237.587575][   T36]  __writeback_single_inode+0x145/0xff0
[  237.587590][   T36]  ? do_raw_spin_unlock+0x122/0x240
[  237.587610][   T36]  writeback_sb_inodes+0x6c7/0x1010
[  237.587647][   T36]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  237.587696][   T36]  ? rcu_is_watching+0x15/0xb0
[  237.587717][   T36]  wb_writeback+0x43b/0xaf0
[  237.587739][   T36]  ? queue_io+0x2e1/0x590
[  237.587756][   T36]  ? __pfx_wb_writeback+0x10/0x10
[  237.587778][   T36]  ? _raw_spin_unlock_irq+0x23/0x50
[  237.587797][   T36]  wb_workfn+0x409/0xef0
[  237.587821][   T36]  ? __pfx_wb_workfn+0x10/0x10
[  237.587838][   T36]  ? __lock_acquire+0xab9/0xd20
[  237.587858][   T36]  ? process_scheduled_works+0x9ef/0x17b0
[  237.587875][   T36]  ? _raw_spin_unlock_irq+0x23/0x50
[  237.587889][   T36]  ? process_scheduled_works+0x9ef/0x17b0
[  237.587900][   T36]  ? process_scheduled_works+0x9ef/0x17b0
[  237.587914][   T36]  process_scheduled_works+0xade/0x17b0
[  237.587950][   T36]  ? __pfx_process_scheduled_works+0x10/0x10
[  237.587977][   T36]  worker_thread+0x8a0/0xda0
[  237.587993][   T36]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  237.588014][   T36]  ? __kthread_parkme+0x7b/0x200
[  237.588036][   T36]  kthread+0x711/0x8a0
[  237.588055][   T36]  ? __pfx_worker_thread+0x10/0x10
[  237.588067][   T36]  ? __pfx_kthread+0x10/0x10
[  237.588085][   T36]  ? _raw_spin_unlock_irq+0x23/0x50
[  237.588099][   T36]  ? lockdep_hardirqs_on+0x9c/0x150
[  237.588119][   T36]  ? __pfx_kthread+0x10/0x10
[  237.588136][   T36]  ret_from_fork+0x3f9/0x770
[  237.588151][   T36]  ? __pfx_ret_from_fork+0x10/0x10
[  237.588168][   T36]  ? __switch_to_asm+0x39/0x70
[  237.588183][   T36]  ? __switch_to_asm+0x33/0x70
[  237.588197][   T36]  ? __pfx_kthread+0x10/0x10
[  237.588214][   T36]  ret_from_fork_asm+0x1a/0x30
[  237.588243][   T36]  </TASK>
[  237.588249][   T36] F2FS-fs (loop6): Stopped filesystem due to reason: 3
[  237.919135][   T36] CPU: 0 UID: 0 PID: 36 Comm: kworker/u8:2 Not tainted 6.16.0-rc5-next-20250711-syzkaller #0 PREEMPT(full) 
[  237.919164][   T36] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  237.919178][   T36] Workqueue: writeback wb_workfn (flush-7:6)
[  237.919206][   T36] Call Trace:
[  237.919215][   T36]  <TASK>
[  237.919224][   T36]  dump_stack_lvl+0x189/0x250
[  237.919257][   T36]  ? __pfx_dump_stack_lvl+0x10/0x10
[  237.919279][   T36]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  237.919306][   T36]  ? __pfx_queue_work_on+0x10/0x10
[  237.919330][   T36]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  237.919355][   T36]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  237.919382][   T36]  ? f2fs_hw_is_readonly+0x39b/0x470
[  237.919412][   T36]  f2fs_handle_critical_error+0x37c/0x540
[  237.919445][   T36]  f2fs_write_end_io+0x495/0x810
[  237.919469][   T36]  ? blkg_put+0x22/0x240
[  237.919514][   T36]  __submit_merged_bio+0x27a/0x6a0
[  237.919546][   T36]  __submit_merged_write_cond+0x255/0x530
[  237.919591][   T36]  f2fs_write_data_pages+0x261d/0x3000
[  237.919665][   T36]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  237.919709][   T36]  ? unwind_next_frame+0xa5/0x2390
[  237.919767][   T36]  ? ret_from_fork_asm+0x1a/0x30
[  237.919805][   T36]  ? __lock_acquire+0xab9/0xd20
[  237.919877][   T36]  ? __lock_acquire+0xab9/0xd20
[  237.919903][   T36]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  237.919931][   T36]  do_writepages+0x32e/0x550
[  237.919965][   T36]  ? reacquire_held_locks+0x127/0x1d0
[  237.919988][   T36]  ? writeback_sb_inodes+0x384/0x1010
[  237.920026][   T36]  __writeback_single_inode+0x145/0xff0
[  237.920053][   T36]  ? do_raw_spin_unlock+0x122/0x240
[  237.920099][   T36]  writeback_sb_inodes+0x6c7/0x1010
[  237.920169][   T36]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  237.920255][   T36]  ? rcu_is_watching+0x15/0xb0
[  237.920293][   T36]  wb_writeback+0x43b/0xaf0
[  237.920330][   T36]  ? queue_io+0x2e1/0x590
[  237.920361][   T36]  ? __pfx_wb_writeback+0x10/0x10
[  237.920399][   T36]  ? _raw_spin_unlock_irq+0x23/0x50
[  237.920432][   T36]  wb_workfn+0x409/0xef0
[  237.920475][   T36]  ? __pfx_wb_workfn+0x10/0x10
[  237.920504][   T36]  ? __lock_acquire+0xab9/0xd20
[  237.920539][   T36]  ? process_scheduled_works+0x9ef/0x17b0
[  237.920570][   T36]  ? _raw_spin_unlock_irq+0x23/0x50
[  237.920593][   T36]  ? process_scheduled_works+0x9ef/0x17b0
[  237.920612][   T36]  ? process_scheduled_works+0x9ef/0x17b0
[  237.920635][   T36]  process_scheduled_works+0xade/0x17b0
[  237.920696][   T36]  ? __pfx_process_scheduled_works+0x10/0x10
[  237.920741][   T36]  worker_thread+0x8a0/0xda0
[  237.920766][   T36]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  237.920799][   T36]  ? __kthread_parkme+0x7b/0x200
[  237.920836][   T36]  kthread+0x711/0x8a0
[  237.920866][   T36]  ? __pfx_worker_thread+0x10/0x10
[  237.920886][   T36]  ? __pfx_kthread+0x10/0x10
[  237.920915][   T36]  ? _raw_spin_unlock_irq+0x23/0x50
[  237.920938][   T36]  ? lockdep_hardirqs_on+0x9c/0x150
[  237.920960][   T36]  ? __pfx_kthread+0x10/0x10
[  237.920988][   T36]  ret_from_fork+0x3f9/0x770
[  237.921013][   T36]  ? __pfx_ret_from_fork+0x10/0x10
[  237.921042][   T36]  ? __switch_to_asm+0x39/0x70
[  237.921065][   T36]  ? __switch_to_asm+0x33/0x70
[  237.921095][   T36]  ? __pfx_kthread+0x10/0x10
[  237.921119][   T36]  ret_from_fork_asm+0x1a/0x30
[  237.921162][   T36]  </TASK>
[  237.921170][   T36] F2FS-fs (loop6): Stopped filesystem due to reason: 3
[  238.608333][ T7670] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  242.990348][ T7736] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  244.014172][ T7741] vti0: entered promiscuous mode
[  244.024032][ T7741] vti0: entered allmulticast mode
[  247.697987][ T7766] openvswitch: netlink: Unexpected mask (mask=440, allowed=10048)
[  247.756809][ T1318] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  248.452653][ T7779] loop6: detected capacity change from 0 to 2048
[  248.468797][ T7779] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  253.929211][ T7858] trusted_key: encrypted_key: key user:syz not found
[  255.037808][ T7878] ALSA: mixer_oss: invalid OSS volume ''
[  255.356462][ T7874] netlink: 'syz.2.422': attribute type 23 has an invalid length.
[  255.769500][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  255.776568][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  256.018048][ T7892] lo speed is unknown, defaulting to 1000
[  259.394772][ T7917] netlink: 12 bytes leftover after parsing attributes in process `syz.1.432'.
[  261.097193][ T7942] netlink: 'syz.2.437': attribute type 23 has an invalid length.
[  262.003060][ T7939] netlink: 8 bytes leftover after parsing attributes in process `syz.3.434'.
[  264.349554][ T7977] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  265.752903][ T7994] netlink: 'syz.6.450': attribute type 23 has an invalid length.
[  269.811523][ T8030] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  271.664287][ T8039] netlink: 'syz.1.463': attribute type 23 has an invalid length.
[  274.176111][ T8069] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  274.861008][ T8089] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  278.977622][ T8148] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  280.479821][ T8157] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  280.741311][ T8164] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  280.834977][ T8164] batadv_slave_0: entered promiscuous mode
[  281.943706][ T8187] 9pnet_fd: Insufficient options for proto=fd
[  283.152641][ T8226] 9pnet_fd: Insufficient options for proto=fd
[  285.523789][    C0] vcan0: j1939_tp_rxtimer: 0xffff88805e204c00: rx timeout, send abort
[  286.033320][    C0] vcan0: j1939_tp_rxtimer: 0xffff88805e204c00: abort rx timeout. Force session deactivation
[  287.089132][ T8273] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  287.161289][ T8264] process 'syz.2.524' launched '/dev/fd/4' with NULL argv: empty string added
[  289.236891][ T8310] netlink: 'syz.6.533': attribute type 10 has an invalid length.
[  289.247638][ T8310] team0: Device ipvlan1 failed to register rx_handler
[  289.431541][ T8304] netlink: 132 bytes leftover after parsing attributes in process `syz.0.532'.
[  292.287238][ T8351] netlink: 12 bytes leftover after parsing attributes in process `syz.2.543'.
[  296.465374][ T8388] loop0: detected capacity change from 0 to 2048
[  296.485495][ T8388] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  297.558027][ T8402] netlink: 4400 bytes leftover after parsing attributes in process `syz.1.560'.
[  300.239635][ T3551] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  302.580750][ T8470] lo speed is unknown, defaulting to 1000
[  303.276500][ T8488] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  307.629043][ T8543] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  309.769160][ T8559] netlink: 8 bytes leftover after parsing attributes in process `syz.0.601'.
[  315.133424][ T8632] 9pnet_fd: Insufficient options for proto=fd
[  317.223910][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  317.230235][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  319.284314][ T8679] 9pnet_fd: Insufficient options for proto=fd
[  319.817655][ T8688] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  328.104596][ T8776] netlink: 68 bytes leftover after parsing attributes in process `syz.0.652'.
[  329.344080][ T8794] netlink: 'syz.0.659': attribute type 4 has an invalid length.
[  329.377074][ T8795] netlink: 'syz.0.659': attribute type 4 has an invalid length.
[  331.479934][ T8814] 9pnet_fd: Insufficient options for proto=fd
[  333.207455][ T1145] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  334.451127][   T30] audit: type=1326 audit(1752270384.942:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8848 comm="syz.6.674" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f34dc58e929 code=0x7ffc0000
[  335.662331][   T30] audit: type=1326 audit(1752270384.942:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8848 comm="syz.6.674" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f34dc58e929 code=0x7ffc0000
[  335.693758][   T30] audit: type=1326 audit(1752270384.942:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8848 comm="syz.6.674" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f34dc58e929 code=0x7ffc0000
[  335.841505][   T30] audit: type=1326 audit(1752270384.942:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8848 comm="syz.6.674" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f34dc58e929 code=0x7ffc0000
[  335.892415][ T8865] 9pnet_fd: Insufficient options for proto=fd
[  335.924028][   T30] audit: type=1326 audit(1752270384.942:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8848 comm="syz.6.674" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f34dc58e929 code=0x7ffc0000
[  336.884440][   T30] audit: type=1326 audit(1752270384.942:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8848 comm="syz.6.674" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f34dc58e929 code=0x7ffc0000
[  337.019067][   T30] audit: type=1326 audit(1752270384.942:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8848 comm="syz.6.674" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f34dc58e929 code=0x7ffc0000
[  337.124118][   T30] audit: type=1326 audit(1752270384.942:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8848 comm="syz.6.674" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f34dc58e929 code=0x7ffc0000
[  337.194341][   T30] audit: type=1326 audit(1752270384.942:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8848 comm="syz.6.674" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f34dc58e929 code=0x7ffc0000
[  337.273949][   T30] audit: type=1326 audit(1752270384.942:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8848 comm="syz.6.674" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f34dc58e929 code=0x7ffc0000
[  340.941647][ T8961] netlink: 'syz.6.704': attribute type 10 has an invalid length.
[  340.953393][ T8961] team0: Device ipvlan1 failed to register rx_handler
[  342.134551][ T8979] lo speed is unknown, defaulting to 1000
[  344.469341][ T9024] netlink: 4 bytes leftover after parsing attributes in process `syz.1.725'.
[  345.704220][ T9029] netlink: 'syz.2.721': attribute type 10 has an invalid length.
[  345.722883][ T9029] team0: Device ipvlan1 failed to register rx_handler
[  348.017525][ T9051] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  350.347442][ T9106] netlink: del zone limit has 4 unknown bytes
[  351.407022][ T9115] netlink: 80 bytes leftover after parsing attributes in process `syz.1.758'.
[  352.430220][ T9098] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  355.781285][ T9160] tc_dump_action: action bad kind
[  356.976138][ T9169] netlink: 68 bytes leftover after parsing attributes in process `syz.0.774'.
[  357.994843][ T9182] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  358.062720][ T9174] infiniband syz1: set down
[  358.068655][ T9174] infiniband syz1: added syz_tun
[  358.082005][ T9174] syz1: rxe_create_cq: returned err = -12
[  358.097394][ T9174] infiniband syz1: Couldn't create ib_mad CQ
[  358.117737][ T9174] infiniband syz1: Couldn't open port 1
[  358.388046][ T9174] RDS/IB: syz1: added
[  358.425730][ T9174] smc: adding ib device syz1 with port count 1
[  358.432243][ T9174] smc:    ib device syz1 port 1 has pnetid 
[  361.976072][ T9228] netlink: 'syz.6.797': attribute type 10 has an invalid length.
[  361.985569][ T9228] team0: Device ipvlan1 failed to register rx_handler
[  362.086138][ T9233] netlink: 68 bytes leftover after parsing attributes in process `syz.1.798'.
[  365.314674][ T9267] IPVS: set_ctl: invalid protocol: 59 0.0.0.0:0
[  365.645741][ T9269] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  366.427279][ T9275] netlink: 44 bytes leftover after parsing attributes in process `syz.2.815'.
[  367.127760][ T1145] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  369.379248][ T9312] netlink: 68 bytes leftover after parsing attributes in process `syz.3.823'.
[  369.952402][ T9322] bridge0: port 3(team0) entered blocking state
[  369.959402][ T9322] bridge0: port 3(team0) entered disabled state
[  369.967051][ T9322] team0: entered allmulticast mode
[  369.972339][ T9322] team_slave_0: entered allmulticast mode
[  369.979041][ T9322] team_slave_1: entered allmulticast mode
[  369.999292][ T9322] team0: entered promiscuous mode
[  370.004450][ T9322] team_slave_0: entered promiscuous mode
[  370.011283][ T9322] team_slave_1: entered promiscuous mode
[  370.021205][ T9322] bridge0: port 3(team0) entered blocking state
[  370.027586][ T9322] bridge0: port 3(team0) entered forwarding state
[  377.637557][ T9393] wg1 speed is unknown, defaulting to 1000
[  377.643424][ T9393] wg1 speed is unknown, defaulting to 1000
[  377.650006][ T9393] wg1 speed is unknown, defaulting to 1000
[  377.664843][ T9393] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  377.685167][ T9393] wg1 speed is unknown, defaulting to 1000
[  377.692201][ T9393] wg1 speed is unknown, defaulting to 1000
[  377.699430][ T9393] wg1 speed is unknown, defaulting to 1000
[  377.706643][ T9393] wg1 speed is unknown, defaulting to 1000
[  377.713849][ T9393] wg1 speed is unknown, defaulting to 1000
[  378.692447][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  378.702080][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  379.331501][ T9421] netlink: 68 bytes leftover after parsing attributes in process `syz.0.861'.
[  382.253446][ T9437] 9pnet: p9_errstr2errno: server reported unknown error 
[  382.689790][ T9446] netlink: 'syz.0.867': attribute type 2 has an invalid length.
[  382.873993][ T9446] netlink: 'syz.0.867': attribute type 8 has an invalid length.
[  382.885703][ T9446] netlink: 132 bytes leftover after parsing attributes in process `syz.0.867'.
[  387.067411][   T30] kauditd_printk_skb: 10 callbacks suppressed
[  387.067427][   T30] audit: type=1326 audit(2000000045.820:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9484 comm="syz.6.882" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f34dc58e929 code=0x7ffc0000
[  387.163949][   T30] audit: type=1326 audit(2000000045.820:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9484 comm="syz.6.882" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f34dc58e929 code=0x7ffc0000
[  387.244963][   T30] audit: type=1326 audit(2000000045.820:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9484 comm="syz.6.882" exe="/root/syz-executor" sig=0 arch=c000003e syscall=206 compat=0 ip=0x7f34dc58e929 code=0x7ffc0000
[  387.328639][   T30] audit: type=1326 audit(2000000045.820:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9484 comm="syz.6.882" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f34dc58e929 code=0x7ffc0000
[  387.350937][   T30] audit: type=1326 audit(2000000045.820:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9484 comm="syz.6.882" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f34dc58e929 code=0x7ffc0000
[  387.374008][   T30] audit: type=1326 audit(2000000045.820:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9484 comm="syz.6.882" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f34dc58e929 code=0x7ffc0000
[  387.403907][   T30] audit: type=1326 audit(2000000045.820:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9484 comm="syz.6.882" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f34dc58e929 code=0x7ffc0000
[  387.502818][ T9492] tc_dump_action: action bad kind
[  387.547190][   T30] audit: type=1326 audit(2000000045.820:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9484 comm="syz.6.882" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f34dc58e929 code=0x7ffc0000
[  387.718204][   T30] audit: type=1326 audit(2000000045.820:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9484 comm="syz.6.882" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f34dc58e929 code=0x7ffc0000
[  388.125204][   T30] audit: type=1326 audit(2000000045.820:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9484 comm="syz.6.882" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f34dc58e929 code=0x7ffc0000
[  389.438075][ T9515] 9pnet: p9_errstr2errno: server reported unknown error 
[  390.681723][ T9527] netlink: 'syz.1.895': attribute type 10 has an invalid length.
[  390.864232][ T9527] veth0_vlan: left promiscuous mode
[  391.723387][ T9527] veth0_vlan: entered promiscuous mode
[  391.743505][ T9527] team0: Device veth0_vlan failed to register rx_handler
[  392.134458][ T9547] netlink: 12 bytes leftover after parsing attributes in process `syz.2.899'.
[  393.462142][ T9527] syz.1.895 (9527) used greatest stack depth: 19640 bytes left
[  397.023721][ T9600] sctp: [Deprecated]: syz.6.914 (pid 9600) Use of int in maxseg socket option.
[  397.023721][ T9600] Use struct sctp_assoc_value instead
[  397.045369][ T9599] netlink: 104 bytes leftover after parsing attributes in process `syz.2.917'.
[  397.134134][ T9600] netlink: 'syz.6.914': attribute type 10 has an invalid length.
[  397.144009][ T9604] netlink: 4 bytes leftover after parsing attributes in process `syz.2.919'.
[  397.287884][ T9600] veth0_vlan: left promiscuous mode
[  397.311237][ T9600] veth0_vlan: entered promiscuous mode
[  397.335220][ T9600] team0: Device veth0_vlan failed to register rx_handler
[  400.794137][ T1318] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  404.196541][ T9672] netlink: 4 bytes leftover after parsing attributes in process `syz.0.938'.
[  405.004080][ T9695] 9pnet: Could not find request transport: fd0x0000000000000003
[  408.265059][ T9732] 9pnet: Could not find request transport: fd0x0000000000000003
[  409.759615][ T9756] 9pnet_fd: Insufficient options for proto=fd
[  410.882373][ T9775] 9pnet_fd: Insufficient options for proto=fd
[  421.754813][ T9884] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1007'.
[  423.314392][ T9894] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1010'.
[  423.323379][ T9894] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1010'.
[  423.425013][ T9901] tc_dump_action: action bad kind
[  423.995427][ T9894] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1010'.
[  424.094132][ T9894] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1010'.
[  424.336821][ T9907] netlink: 68 bytes leftover after parsing attributes in process `syz.2.1013'.
[  426.498788][ T9921] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  426.529774][ T9921] batadv_slave_0: entered promiscuous mode
[  427.262073][ T9938] tc_dump_action: action bad kind
[  431.720821][ T9972] netlink: 4400 bytes leftover after parsing attributes in process `syz.0.1034'.
[  431.827206][ T9975] tc_dump_action: action bad kind
[  432.583987][   T36] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  434.594062][ T9997] netlink: 'syz.6.1037': attribute type 10 has an invalid length.
[  434.603680][ T9997] team0: Device ipvlan1 failed to register rx_handler
[  434.828986][T10003] overlayfs: failed to clone upperpath
[  435.610727][T10011] 9pnet_fd: Insufficient options for proto=fd
[  439.401080][T10059] 9pnet_fd: Insufficient options for proto=fd
[  439.709379][T10060] netlink: 'syz.2.1055': attribute type 10 has an invalid length.
[  439.720251][T10060] team0: Device ipvlan1 failed to register rx_handler
[  440.234494][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  440.240832][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  442.983970][T10091] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  443.532756][T10103] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1073'.
[  445.342301][T10120] netlink: 596 bytes leftover after parsing attributes in process `syz.3.1080'.
[  459.542353][T10263] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  460.558502][T10283] netlink: 'syz.1.1133': attribute type 10 has an invalid length.
[  460.719060][T10283] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  464.566540][ T3551] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  465.103592][T10326] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  466.921817][T10352] lo speed is unknown, defaulting to 1000
[  466.949842][T10355] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1153'.
[  467.945266][T10372] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  470.500132][T10352] wg1 speed is unknown, defaulting to 1000
[  473.898607][T10454] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  474.247423][T10463] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1190'.
[  476.578311][T10500] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1203'.
[  476.588574][T10500] netlink: 'syz.3.1203': attribute type 7 has an invalid length.
[  476.598963][T10500] netlink: 'syz.3.1203': attribute type 8 has an invalid length.
[  476.608433][T10500] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1203'.
[  476.627549][T10500] gretap0: entered promiscuous mode
[  476.640777][T10500] batadv_slave_1: entered promiscuous mode
[  476.674392][T10500] gretap0: left promiscuous mode
[  476.699022][T10500] batadv_slave_1: left promiscuous mode
[  479.434725][T10544] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1217'.
[  480.649362][T10528] x_tables: duplicate entry at hook 2
[  489.033092][   T30] kauditd_printk_skb: 4 callbacks suppressed
[  489.033111][   T30] audit: type=1800 audit(2000000147.280:70): pid=10658 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1259" name="nullb0" dev="tmpfs" ino=1095 res=0 errno=0
[  490.715113][T10672] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  491.985654][T10710] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1276'.
[  492.042007][T10712] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1269'.
[  494.275599][T10762] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  497.051496][ T6583] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  498.359784][T10807] bridge0: port 3(team0) entered blocking state
[  498.367154][T10807] bridge0: port 3(team0) entered disabled state
[  498.373576][T10807] team0: entered allmulticast mode
[  498.379356][T10807] team_slave_0: entered allmulticast mode
[  498.385822][T10807] team_slave_1: entered allmulticast mode
[  498.393079][T10807] team0: entered promiscuous mode
[  498.398512][T10807] team_slave_0: entered promiscuous mode
[  498.404466][T10807] team_slave_1: entered promiscuous mode
[  499.906136][T10822] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1315'.
[  501.721637][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  501.729377][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  505.642776][T10889] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  507.445863][T10904] lo speed is unknown, defaulting to 1000
[  507.931990][T10904] wg1 speed is unknown, defaulting to 1000
[  518.328518][T11033] bridge0: port 3(team0) entered blocking state
[  518.335468][T11033] bridge0: port 3(team0) entered disabled state
[  518.342830][T11033] team0: entered allmulticast mode
[  518.348114][T11033] team_slave_0: entered allmulticast mode
[  518.354714][T11033] team_slave_1: entered allmulticast mode
[  518.374330][T11033] team0: entered promiscuous mode
[  518.380228][T11033] team_slave_0: entered promiscuous mode
[  518.387332][T11033] team_slave_1: entered promiscuous mode
[  518.396901][T11033] bridge0: port 3(team0) entered blocking state
[  518.405003][T11033] bridge0: port 3(team0) entered forwarding state
[  519.095648][   T30] audit: type=1800 audit(2000000177.840:71): pid=11036 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1381" name="nullb0" dev="tmpfs" ino=1326 res=0 errno=0
[  528.874727][T11164] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  529.484996][T11169] netlink: 'syz.6.1425': attribute type 10 has an invalid length.
[  529.493615][T11169] team0: Device ipvlan1 failed to register rx_handler
[  529.752732][T11174] trusted_key: encrypted_key: insufficient parameters specified
[  529.835729][ T5856] Bluetooth: hci1: unexpected event 0x2f length: 763 > 260
[  530.334143][ T3479] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  533.332677][T11232] trusted_key: encrypted_key: insufficient parameters specified
[  533.556628][T11240] netlink: 'syz.1.1442': attribute type 2 has an invalid length.
[  533.614566][T11240] netlink: 'syz.1.1442': attribute type 8 has an invalid length.
[  533.642839][T11240] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1442'.
[  536.760325][T11264] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  539.674926][T11315] netlink: 'syz.0.1461': attribute type 2 has an invalid length.
[  539.697366][T11315] netlink: 'syz.0.1461': attribute type 8 has an invalid length.
[  539.930151][T11315] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1461'.
[  541.608600][T11326] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method
[  544.530499][T11360] trusted_key: encrypted_key: insufficient parameters specified
[  550.248676][T11412] openvswitch: netlink: VXLAN extension message has 4 unknown bytes.
[  560.936835][T11541] netlink: 'syz.1.1530': attribute type 2 has an invalid length.
[  560.944676][T11541] netlink: 'syz.1.1530': attribute type 8 has an invalid length.
[  560.953160][T11541] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1530'.
[  563.227176][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  563.239197][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  564.328038][   T36] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  565.164396][T11586] openvswitch: netlink: IP tunnel attribute has 20 unknown bytes.
[  574.148884][T11688] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1579'.
[  578.425733][T11723] lo speed is unknown, defaulting to 1000
[  578.437630][T11723] lo speed is unknown, defaulting to 1000
[  578.445373][T11723] lo speed is unknown, defaulting to 1000
[  578.842618][T11723] infiniband s
z1: set active
[  578.847379][T11723] infiniband s
z1: added lo
[  578.869970][ T5936] lo speed is unknown, defaulting to 1000
[  579.498750][T11723] RDS/IB: s
z1: added
[  579.503107][T11723] smc: adding ib device s
z1 with port count 1
[  579.509389][T11723] smc:    ib device s
z1 port 1 has pnetid 
[  579.522152][T11723] lo speed is unknown, defaulting to 1000
[  579.893545][T11723] lo speed is unknown, defaulting to 1000
[  579.973908][ T5936] lo speed is unknown, defaulting to 1000
[  580.098811][T11723] lo speed is unknown, defaulting to 1000
[  580.248703][T11723] lo speed is unknown, defaulting to 1000
[  580.393636][T11723] lo speed is unknown, defaulting to 1000
[  589.785456][T11838] netlink: 56 bytes leftover after parsing attributes in process `syz.1.1625'.
[  596.247223][T11188] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  599.034791][T11964] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1661'.
[  600.514498][T11982] netlink: 108 bytes leftover after parsing attributes in process `syz.6.1667'.
[  601.877590][T12007] netlink: 20 bytes leftover after parsing attributes in process `syz.6.1674'.
[  605.702024][T12046] overlayfs: failed to resolve './file0': -2
[  606.464700][T12056] x_tables: ip_tables: TCPOPTSTRIP target: only valid in mangle table, not raw
[  607.538270][T12068] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1695'.
[  607.634609][T12068] vlan2: entered allmulticast mode
[  607.639767][T12068] bridge1: entered allmulticast mode
[  607.729914][T12072] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  612.308232][T12132] netlink: 76 bytes leftover after parsing attributes in process `syz.1.1714'.
[  612.969154][T12136] netlink: 4400 bytes leftover after parsing attributes in process `syz.1.1714'.
[  613.125948][T12136] workqueue: name exceeds WQ_NAME_LEN. Truncating to: Ç`]Š•Iöq¯!¾>Ýsó³Îú*Š®!)\Ç+`
[  614.801290][T12152] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  615.653662][   T30] audit: type=1800 audit(2000000040.740:72): pid=12173 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1726" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0
[  623.939865][T12248] netlink: 'syz.1.1748': attribute type 1 has an invalid length.
[  624.010208][T12248] bond3: (slave geneve3): making interface the new active one
[  624.019224][T12248] bond3: (slave geneve3): Enslaving as an active interface with an up link
[  624.033842][ T1145] netdevsim netdevsim1 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0
[  624.034166][T12248] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1748'.
[  624.099768][ T1145] netdevsim netdevsim1 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0
[  624.150421][T12248] 8021q: adding VLAN 0 to HW filter on device bond3
[  624.179195][ T1145] netdevsim netdevsim1 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0
[  624.230894][ T1145] netdevsim netdevsim1 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0
[  624.410574][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  624.424751][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  626.116367][   T55] libceph: connect (1)[c::]:6789 error -101
[  626.513463][   T55] libceph: mon0 (1)[c::]:6789 connect error
[  626.541340][   T55] libceph: connect (1)[c::]:6789 error -101
[  626.552840][T12261] ceph: No mds server is up or the cluster is laggy
[  626.624373][   T55] libceph: mon0 (1)[c::]:6789 connect error
[  628.245203][ T6583] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  629.174658][T12300] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method
[  629.823518][T12312] overlayfs: failed to resolve './file1/file0': -2
[  630.931505][T12323] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  631.833232][T12330] overlayfs: failed to clone upperpath
[  633.325801][ T5856] Bluetooth: hci4: unexpected cc 0x203e length: 2 > 1
[  633.333861][ T5856] Bluetooth: hci4: unexpected event for opcode 0x203e
[  634.196013][T12373] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  635.360939][T12384] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  637.489039][T12381] openvswitch: netlink: VXLAN extension message has 4 unknown bytes.
[  638.506616][   T30] audit: type=1800 audit(2000000063.590:73): pid=12405 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1796" name="nullb0" dev="tmpfs" ino=1326 res=0 errno=0
[  638.944878][T12420] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1800'.
[  639.716600][T12425] netlink: 'syz.3.1804': attribute type 2 has an invalid length.
[  639.746048][T12425] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1804'.
[  640.928591][   T30] audit: type=1800 audit(2000000066.020:74): pid=12446 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1810" name="nullb0" dev="tmpfs" ino=1095 res=0 errno=0
[  642.458970][ T5856] Bluetooth: hci2: Received unexpected HCI Event 0x00
[  644.210749][T12496] overlayfs: failed to clone upperpath
[  647.838646][T12531] overlayfs: failed to resolve './file0': -2
[  650.050415][T12551] overlayfs: failed to clone upperpath
[  651.136158][T12569] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1848'.
[  652.802219][T12587] overlayfs: failed to clone upperpath
[  653.067007][   T30] audit: type=1800 audit(2000000078.160:75): pid=12596 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.1857" name="nullb0" dev="tmpfs" ino=959 res=0 errno=0
[  658.940266][T12673] netlink: 'syz.0.1880': attribute type 2 has an invalid length.
[  658.948074][T12673] netlink: 'syz.0.1880': attribute type 8 has an invalid length.
[  658.956352][T12673] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1880'.
[  658.971293][T12675] overlayfs: failed to clone upperpath
[  659.744132][T12688] netlink: 'syz.0.1884': attribute type 10 has an invalid length.
[  659.995169][T12688] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  660.254849][T11188] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  661.506066][T12713] bridge0: port 1(bridge_slave_0) entered disabled state
[  661.520525][T12713] bridge0: port 2(bridge_slave_1) entered disabled state
[  661.839728][ T5922] lo speed is unknown, defaulting to 1000
[  662.165517][ T5922] wg1 speed is unknown, defaulting to 1000
[  663.632191][T12750] overlayfs: failed to clone upperpath
[  664.634442][T12759] rdma_rxe: rxe_newlink: failed to add lo
[  665.169741][ T5856] Bluetooth: hci0: unexpected cc 0x203e length: 2 > 1
[  665.176651][ T5856] Bluetooth: hci0: unexpected event for opcode 0x203e
[  665.473628][T12774] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method
[  666.295039][T12777] overlayfs: failed to clone upperpath
[  670.513978][T12816] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1925'.
[  673.237871][T12838] overlayfs: failed to clone upperpath
[  674.827964][T12853] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  674.835635][T12853] IPv6: NLM_F_CREATE should be set when creating new route
[  677.495122][T12872] overlayfs: failed to clone upperpath
[  681.599761][T12911] ------------[ cut here ]------------
[  681.605288][T12911] verifier bug: error during ctx access conversion(1)
[  681.612215][T12911] WARNING: kernel/bpf/verifier.c:21405 at bpf_check+0x1b6ec/0x1d2e0, CPU#1: syz.1.1955/12911
[  681.622467][T12911] Modules linked in:
[  681.626441][T12911] CPU: 1 UID: 0 PID: 12911 Comm: syz.1.1955 Not tainted 6.16.0-rc5-next-20250711-syzkaller #0 PREEMPT(full) 
[  681.638033][T12911] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  681.648140][T12911] RIP: 0010:bpf_check+0x1b6ec/0x1d2e0
[  681.653559][T12911] Code: 8b e8 68 6f af ff 90 0f 0b 90 90 e9 6b 60 ff ff e8 a9 a6 eb ff c6 05 a3 8b b9 0d 01 90 48 c7 c7 40 01 92 8b e8 45 6f af ff 90 <0f> 0b 90 90 e9 b5 bd ff ff e8 86 a6 eb ff c6 05 85 8b b9 0d 01 90
[  681.673237][T12911] RSP: 0018:ffffc900038cf600 EFLAGS: 00010246
[  681.679380][T12911] RAX: b01ad75d149dcf00 RBX: 0000000000000004 RCX: 0000000000080000
[  681.687765][T12911] RDX: ffffc9000d486000 RSI: 0000000000003c73 RDI: 0000000000003c74
[  681.696039][T12911] RBP: ffffc900038cfb50 R08: ffff8880b8724293 R09: 1ffff110170e4852
[  681.704090][T12911] R10: dffffc0000000000 R11: ffffed10170e4853 R12: 0000000000000000
[  681.712091][T12911] R13: dffffc0000000000 R14: ffff888062dc0000 R15: dffffc0000000000
[  681.720195][T12911] FS:  00007fae1647a6c0(0000) GS:ffff888125cc6000(0000) knlGS:0000000000000000
[  681.729188][T12911] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  681.735857][T12911] CR2: 0000000000000000 CR3: 000000005fdbc000 CR4: 00000000003526f0
[  681.743879][T12911] Call Trace:
[  681.747175][T12911]  <TASK>
[  681.750136][T12911]  ? is_bpf_text_address+0x26/0x2b0
[  681.755445][T12911]  ? __pfx_bpf_convert_ctx_access+0x10/0x10
[  681.761437][T12911]  ? __pfx_bpf_check+0x10/0x10
[  681.766936][T12911]  ? ktime_get_with_offset+0x8c/0x2a0
[  681.772364][T12911]  ? seqcount_lockdep_reader_access+0x123/0x1c0
[  681.778659][T12911]  ? ktime_get_with_offset+0x8c/0x2a0
[  681.784465][T12911]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[  681.791092][T12911]  ? __asan_memset+0x22/0x50
[  681.796094][T12911]  ? bpf_obj_name_cpy+0x194/0x1e0
[  681.801343][T12911]  ? bpf_lsm_bpf_prog_load+0x9/0x20
[  681.806596][T12911]  ? security_bpf_prog_load+0x7f/0x310
[  681.812170][T12911]  bpf_prog_load+0x1318/0x1930
[  681.817033][T12911]  ? __pfx_bpf_prog_load+0x10/0x10
[  681.822199][T12911]  ? bpf_lsm_bpf+0x9/0x20
[  681.826586][T12911]  ? security_bpf+0x7e/0x300
[  681.831239][T12911]  __sys_bpf+0x528/0x870
[  681.835537][T12911]  ? __pfx___sys_bpf+0x10/0x10
[  681.840332][T12911]  ? rcu_is_watching+0x15/0xb0
[  681.845115][T12911]  __x64_sys_bpf+0x7c/0x90
[  681.849536][T12911]  do_syscall_64+0xfa/0x3b0
[  681.854071][T12911]  ? lockdep_hardirqs_on+0x9c/0x150
[  681.859270][T12911]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  681.865356][T12911]  ? clear_bhb_loop+0x60/0xb0
[  681.870032][T12911]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  681.875959][T12911] RIP: 0033:0x7fae1558e929
[  681.880372][T12911] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  681.900274][T12911] RSP: 002b:00007fae1647a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  681.909008][T12911] RAX: ffffffffffffffda RBX: 00007fae157b6160 RCX: 00007fae1558e929
[  681.917020][T12911] RDX: 0000000000000094 RSI: 0000200000000880 RDI: 0000000000000005
[  681.925040][T12911] RBP: 00007fae15610b39 R08: 0000000000000000 R09: 0000000000000000
[  681.933089][T12911] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  681.941082][T12911] R13: 0000000000000000 R14: 00007fae157b6160 R15: 00007ffd7ba3ba88
[  681.949081][T12911]  </TASK>
[  681.952111][T12911] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  681.959380][T12911] CPU: 1 UID: 0 PID: 12911 Comm: syz.1.1955 Not tainted 6.16.0-rc5-next-20250711-syzkaller #0 PREEMPT(full) 
[  681.970907][T12911] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  681.980948][T12911] Call Trace:
[  681.984223][T12911]  <TASK>
[  681.987151][T12911]  dump_stack_lvl+0x99/0x250
[  681.991738][T12911]  ? __asan_memcpy+0x40/0x70
[  681.996321][T12911]  ? __pfx_dump_stack_lvl+0x10/0x10
[  682.001524][T12911]  ? __pfx__printk+0x10/0x10
[  682.006127][T12911]  vpanic+0x281/0x750
[  682.010119][T12911]  ? __pfx_vpanic+0x10/0x10
[  682.014637][T12911]  ? is_bpf_text_address+0x292/0x2b0
[  682.019939][T12911]  ? is_bpf_text_address+0x26/0x2b0
[  682.025141][T12911]  panic+0xb9/0xc0
[  682.029302][T12911]  ? __pfx_panic+0x10/0x10
[  682.033743][T12911]  __warn+0x334/0x4c0
[  682.037737][T12911]  ? bpf_check+0x1b6ec/0x1d2e0
[  682.042501][T12911]  ? bpf_check+0x1b6ec/0x1d2e0
[  682.047260][T12911]  report_bug+0x2be/0x4f0
[  682.051588][T12911]  ? bpf_check+0x1b6ec/0x1d2e0
[  682.056348][T12911]  ? bpf_check+0x1b6ec/0x1d2e0
[  682.061105][T12911]  ? bpf_check+0x1b6ee/0x1d2e0
[  682.065868][T12911]  handle_bug+0x84/0x160
[  682.070126][T12911]  exc_invalid_op+0x1a/0x50
[  682.074628][T12911]  asm_exc_invalid_op+0x1a/0x20
[  682.079469][T12911] RIP: 0010:bpf_check+0x1b6ec/0x1d2e0
[  682.084841][T12911] Code: 8b e8 68 6f af ff 90 0f 0b 90 90 e9 6b 60 ff ff e8 a9 a6 eb ff c6 05 a3 8b b9 0d 01 90 48 c7 c7 40 01 92 8b e8 45 6f af ff 90 <0f> 0b 90 90 e9 b5 bd ff ff e8 86 a6 eb ff c6 05 85 8b b9 0d 01 90
[  682.104532][T12911] RSP: 0018:ffffc900038cf600 EFLAGS: 00010246
[  682.110613][T12911] RAX: b01ad75d149dcf00 RBX: 0000000000000004 RCX: 0000000000080000
[  682.118579][T12911] RDX: ffffc9000d486000 RSI: 0000000000003c73 RDI: 0000000000003c74
[  682.126546][T12911] RBP: ffffc900038cfb50 R08: ffff8880b8724293 R09: 1ffff110170e4852
[  682.134509][T12911] R10: dffffc0000000000 R11: ffffed10170e4853 R12: 0000000000000000
[  682.142469][T12911] R13: dffffc0000000000 R14: ffff888062dc0000 R15: dffffc0000000000
[  682.150460][T12911]  ? is_bpf_text_address+0x26/0x2b0
[  682.155685][T12911]  ? __pfx_bpf_convert_ctx_access+0x10/0x10
[  682.161614][T12911]  ? __pfx_bpf_check+0x10/0x10
[  682.166368][T12911]  ? ktime_get_with_offset+0x8c/0x2a0
[  682.171743][T12911]  ? seqcount_lockdep_reader_access+0x123/0x1c0
[  682.177972][T12911]  ? ktime_get_with_offset+0x8c/0x2a0
[  682.183332][T12911]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[  682.189921][T12911]  ? __asan_memset+0x22/0x50
[  682.194506][T12911]  ? bpf_obj_name_cpy+0x194/0x1e0
[  682.199513][T12911]  ? bpf_lsm_bpf_prog_load+0x9/0x20
[  682.204700][T12911]  ? security_bpf_prog_load+0x7f/0x310
[  682.210147][T12911]  bpf_prog_load+0x1318/0x1930
[  682.214923][T12911]  ? __pfx_bpf_prog_load+0x10/0x10
[  682.220050][T12911]  ? bpf_lsm_bpf+0x9/0x20
[  682.224373][T12911]  ? security_bpf+0x7e/0x300
[  682.228959][T12911]  __sys_bpf+0x528/0x870
[  682.233203][T12911]  ? __pfx___sys_bpf+0x10/0x10
[  682.237972][T12911]  ? rcu_is_watching+0x15/0xb0
[  682.242733][T12911]  __x64_sys_bpf+0x7c/0x90
[  682.247142][T12911]  do_syscall_64+0xfa/0x3b0
[  682.251642][T12911]  ? lockdep_hardirqs_on+0x9c/0x150
[  682.256849][T12911]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  682.262910][T12911]  ? clear_bhb_loop+0x60/0xb0
[  682.267579][T12911]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  682.273458][T12911] RIP: 0033:0x7fae1558e929
[  682.277867][T12911] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  682.297469][T12911] RSP: 002b:00007fae1647a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  682.305964][T12911] RAX: ffffffffffffffda RBX: 00007fae157b6160 RCX: 00007fae1558e929
[  682.313935][T12911] RDX: 0000000000000094 RSI: 0000200000000880 RDI: 0000000000000005
[  682.321899][T12911] RBP: 00007fae15610b39 R08: 0000000000000000 R09: 0000000000000000
[  682.329876][T12911] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  682.337840][T12911] R13: 0000000000000000 R14: 00007fae157b6160 R15: 00007ffd7ba3ba88
[  682.345821][T12911]  </TASK>
[  682.349254][T12911] Kernel Offset: disabled
[  682.353595][T12911] Rebooting in 86400 seconds..