last executing test programs:

50.699947535s ago: executing program 4 (id=1479):
r0 = syz_usb_connect$cdc_ncm(0x0, 0x72, 0x0, 0x0)
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
write$char_usb(r1, 0x0, 0x0)
r2 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
write$char_usb(r2, 0x0, 0x0)
write$char_usb(r1, 0x0, 0x0)
syz_usb_disconnect(r0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)

49.715054393s ago: executing program 4 (id=1484):
r0 = epoll_create1(0x0)
r1 = socket(0x1, 0x80802, 0x0)
r2 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, 0xffffffffffffffff, &(0x7f0000000280))
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r2, &(0x7f0000000100)={0xa000000d})
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f00000000c0)={0x10000001})
epoll_pwait(r2, &(0x7f0000000080)=[{}], 0x1, 0x80000000, 0x0, 0x0)
close(r2)
shutdown(r1, 0x0)
close(r0)

49.379497964s ago: executing program 4 (id=1486):
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000400)={0x10000004, 0x0, 0x0, 0xfffffffc}, 0x10)
socket$inet_tcp(0x2, 0x1, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000040)=ANY=[@ANYRES8, @ANYRESHEX], &(0x7f0000000300)='GPL\x00', 0x0, 0x1239821a4ce64f71, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_generate\x00', r1}, 0x10)
r2 = gettid()
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
read(r3, &(0x7f0000000200)=""/209, 0xd1)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r3, 0x4040534e, &(0x7f0000000080)={0x335})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x0, 0x8b}, 0x0)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x4)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
openat$cgroup_type(0xffffffffffffffff, &(0x7f00000001c0), 0x2, 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000600)={0x0, 0x0, 0x0, 'queue0\x00'})
ioctl$SNDRV_SEQ_IOCTL_CLIENT_ID(r3, 0x80045301, 0x0)
tkill(r2, 0x7)

48.726194579s ago: executing program 4 (id=1487):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, 0x0, &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = socket(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
prctl$PR_MCE_KILL(0x36, 0x0, 0x1)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x28}}, 0x0)
getsockname$packet(r1, 0x0, 0x0)
r2 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0xa02, 0x0)
writev(r2, &(0x7f0000000600)=[{&(0x7f0000000940)="52e6e3716535b77364bdbc4fe823e6afa68f39fa4a64b6af8b8910be", 0xffffffe1}], 0x1)
r3 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r4 = dup(r3)
io_setup(0x19, &(0x7f00000009c0)=<r5=>0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet(0x10, 0x3, 0x0)
bind$packet(0xffffffffffffffff, 0x0, 0x0)
socket(0x1, 0x803, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newlink={0x20, 0x10, 0x401}, 0x20}}, 0x0)
sendmsg$NFT_BATCH(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)={{0x14}, [@NFT_MSG_NEWRULE={0xc4, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2}, [@NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_EXPRESSIONS={0x98, 0x4, 0x0, 0x1, [{0x50, 0x1, 0x0, 0x1, @log={{0x8}, @val={0x44, 0x2, 0x0, 0x1, [@NFTA_LOG_QTHRESHOLD={0x6}, @NFTA_LOG_FLAGS={0x8}, @NFTA_LOG_QTHRESHOLD={0x6}, @NFTA_LOG_QTHRESHOLD={0x6}, @NFTA_LOG_QTHRESHOLD={0x6}, @NFTA_LOG_QTHRESHOLD={0x6}, @NFTA_LOG_GROUP={0x6}, @NFTA_LOG_SNAPLEN={0x8}]}}}, {0x44, 0x1, 0x0, 0x1, @xfrm={{0x9}, @val={0x34, 0x2, 0x0, 0x1, [@NFTA_XFRM_KEY={0x8}, @NFTA_XFRM_SPNUM={0x8}, @NFTA_XFRM_SPNUM={0x8}, @NFTA_XFRM_DIR={0x5}, @NFTA_XFRM_DIR={0x5}, @NFTA_XFRM_DIR={0x5}]}}}]}]}], {0x14}}, 0xec}}, 0x0)
io_submit(r5, 0x1, &(0x7f0000000500)=[&(0x7f0000000200)={0x0, 0x0, 0x0, 0x5, 0x0, r4, 0x0}])
ioctl$SNDCTL_DSP_SETTRIGGER(r4, 0x40045010, &(0x7f00000001c0))
sendmsg$nl_route_sched(r0, 0x0, 0x0)

21.108894695s ago: executing program 5 (id=1606):
r0 = socket$nl_route(0x10, 0x3, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=@dellink={0x20, 0x11, 0x101}, 0x20}}, 0x0)

18.354970498s ago: executing program 5 (id=1610):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(aes-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c2", 0x17)

18.143449714s ago: executing program 5 (id=1613):
r0 = socket(0x1, 0x80802, 0x0)
r1 = epoll_create1(0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r2, &(0x7f0000000280))
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r1, &(0x7f0000000100)={0xa000000d})
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f00000000c0)={0x10000001})
epoll_pwait(r1, &(0x7f0000000080)=[{}], 0x1, 0x80000000, 0x0, 0x0)
close(r1)
shutdown(r0, 0x0)
close(0xffffffffffffffff)

17.879140103s ago: executing program 5 (id=1616):
syz_mount_image$f2fs(&(0x7f0000000040), &(0x7f0000000080)='./file2\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='alloc_mode=default,resgid=', @ANYRESHEX=0x0, @ANYBLOB=',background_gc=off,resgid=', @ANYRESHEX=0x0, @ANYBLOB='\x00\b'], 0x1, 0x5501, &(0x7f0000005880)="$eJzs3M1rI2UYAPAnabvfrkU8eNuBRWhhEzbd7aK3qrv4gV3KqgdPmiZpyG6SKU2a1p48eBQP/iei4Mmjf4MHz97Eg+JNUDIzXbd+gNA0sdvfDybPvG/ePPO8YVl4ZkoCOLMWk19/LsXVuBgRcxFxJSI7LxVHZi0PL0TEtYgoP3GUivnHE+ci4lJEXB0nz3OWirc+vzG6vvrTW7988935+ctffP397HYNzNqLEdHbzs/3enlM23l8WMzXR50s9m6Pipi/0XtUjNM87rU2swx79cN19Szeaufr0+3dwThudeuNcWx3trL57X5+wcGofZgn+8DD+k42brY2s9gZpFlsH+R17R/k/7cdDIZ5nmaR76MsfQyHhzGfb+238v1sP8pioz8s5vO8abO1P46jIhaXi0babWZ1bB7nm/5/e7vT391PRq2dQSftJ6vV2kvV2p1KbSdttoat25V6r3nndrLU7o6XVYatem+tnabtbqvaSMtFilotWbrb2uzU+0mtVr1VvVlZXS7ObiSv338v6TaTpXF8tdPfHXa6g2Qr3UnyTywnK9VbLy8n12vJO+sbycaDe/fWN9794O77919Zf/O1YtHfykqWVm6urFRqNysrteWZ7b+3nCy1G43K9Pb/SVH0BPcPx1KadQEAp8/0+v95/T/w2Mn1/zsPIk6+/w/9/0Scqv73rPf/J7B/OBb9PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAmfXDwpdvZCeL+fhyMf9MMfVcMS5FRDkifv8Hc3HuSM65Is/Cv6xf+EsN35YiyzC+xvniuBQRa8Xx27Mn/S0AAADA0+urj699lnfr+cvirAtimvKbNuUrH04oXykiFhZ/nFC28vjl+Qkly/59z8f+hLJlN7AuTChZfsttflLZ/pO5I+HCE6GUh/JUywEAAKbiaCcw3S4EAACAafp01gUwG6U4fJR5+Cw4+8v7Px8IXjwyAgAAAE6h0qwLAAAAAE5c1v/7/T8AAAB4uuW//wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwB/s3M9t4kAUB+Bngxf2nxat9r6t7A3K2BL2uMeIAtIEJZAW0gA1kFtKiCDC46AQkSiSx7aCvk8yw1jwYwbBYd5IAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANClu2q9uLn6fd02Z7dvJ89sAAAAgHO21XpRP5ml/tfm/vfm1s+mX0REGRHn1u6j+HSSOWpyqldeX70Yw21EnXD4jElzfYmIP8318KPrbwEAAAAu12a5mqfVenqYDT0g+pSKNuW3v5nyioioZveZ0spD3q9MYfXvexz/M6XVBaxpprBUchvnSnuX+u9+rNpNnzVFasq3359t7gAAQI9GJ02/qxAAAAD69G/oATCMIp62Mo9bgZPUNNt7n096AAAAwAdUDD0AAAAAoHP1+t/5fwAAAHDZ0vl/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdGlbrReb5WreNme3byfPbAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCR/XlHgRAIgzDYu74zmfsfVho0NTWpAuHjbwwGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADe/O4v/yemxplk7rWx9DySrJ0aW6fG3rlx9Ifx9WsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC725yUFQiAIomDO+N9J3/+wkqBnECECGh5V1KIBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgC/63S//J6bGmWTutLF0PJKsXTW2rhp7DxpHD8bbvwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC527uc1jioOAPibmZ2trYprlD1ERMGDXux2W1t7Ew9K8OCfIIR0W2O3/mhzsKUIuXiTnHMRPYoISrzlf8g5gVziLYc9RPCszOxMMvkBrj86s0k+H3jzvjsM875vFkK+814CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAafTuQZxkh844jotzm3uPF7J+60ifWV/Zns1aFkd1Jn06vFz9EHWbSwQAAIDzIynr+xDCTro2l/VxJ6//0/KarOb/7tlxXNbzR+v+si9r/6z9+svui/sDdcbjZDe9vTgcXDmeSuvJzXK6Pfe3V7TyJ5+/e0nyLyT+YPmFUZo/z+ibjY332nl4oY5sAYB/43LZF0H5+1DW95tMDIBzo1UpvMv6P+k0mxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAHUbL4ekyjkIIs62DOLO193jhpH59ZXu2bDdWV1eq98xukYYQbi8OB1dqnMu0e/Dw0d354XBwv/7glRBCU6O/U0z/7kcTXBxCI89H8D8FcfFlT0s+pyNo8IcSAABnUlq0rK7fSdfmsnPRTAh/fn+4/n+9EocJ6//dj29sVseq1v/92mY4/XpL9z7vPXj46M3Fe/N3BncGn751tf92/9rN69dv9vJ3JT1vTAAAAPhv2kWr1v/xzPH1/0uVOExY/3/xbf+r6liJ+v9EB4t+TWcCAABwvj3/6h+/Ryecj9rt8OX80tL9/vi4//nq+NhAqv/YhaJV6/9kpumsAAAAgDqMlqND6/+3KnGYcP3/mR9e+ql6zySEcLFY/7+88NnwVn3TmWp1/Dlx03MEAACgWReLVl3/T/P9//H+loc4hPDGa+O4+DeAE9X/yftf/1gdq7r//1p9U5xKcXf8PPK+G0Kr23RGAAAAnGVPFS0r9n9L1+Y++fnSh237/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADq9lcAAAD//1CCPCw=")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000000340)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000040)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c})
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}]})
syz_mount_image$fuse(&(0x7f0000000000), &(0x7f0000000100)='./bus\x00', 0x100000, &(0x7f0000000940)=ANY=[], 0x1, 0x0, 0x0)
chdir(&(0x7f0000000140)='./bus\x00')
syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)

14.052983983s ago: executing program 5 (id=1633):
syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb), 0x0)
keyctl$join(0x1, &(0x7f00000003c0)={'syz', 0x0})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, &(0x7f00000024c0)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000440)={&(0x7f00000025c0)=ANY=[], 0x24}, 0x1, 0x0, 0x0, 0x20000080}, 0x4010)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x6)
sendmsg$NL80211_CMD_DEL_KEY(0xffffffffffffffff, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x44001}, 0x40040c0)
mount(0x0, &(0x7f0000002500)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/bus/input/devices\x00', 0x0, 0x0)

13.936291161s ago: executing program 0 (id=1634):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(aes-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c2", 0x17)

13.12325787s ago: executing program 0 (id=1635):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'ip6_vti0\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=@dellink={0x20, 0x11, 0x101, 0x0, 0x0, {0x0, 0x0, 0x0, r1}}, 0x20}}, 0x0)

12.909289147s ago: executing program 0 (id=1636):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f00000003c0)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
setsockopt$inet6_int(r0, 0x29, 0x21, &(0x7f0000000000)=0x101, 0x4)
sendto$inet6(r0, 0x0, 0x0, 0x2404c801, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @loopback}, 0x21)
getpeername$inet6(r0, 0x0, 0x0)

12.715413532s ago: executing program 0 (id=1638):
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000400)={0x10000004, 0x0, 0x0, 0xfffffffc}, 0x10)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000040)=ANY=[@ANYRES8, @ANYRESHEX], &(0x7f0000000300)='GPL\x00', 0x0, 0x1239821a4ce64f71, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_generate\x00', r2}, 0x10)
r3 = gettid()
r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
read(r4, &(0x7f0000000200)=""/209, 0xd1)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r4, 0x4040534e, &(0x7f0000000080)={0x335})
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x4)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
openat$cgroup_type(0xffffffffffffffff, &(0x7f00000001c0), 0x2, 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r4, 0xc08c5332, &(0x7f0000000600)={0x0, 0x0, 0x0, 'queue0\x00'})
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TIMER(r4, 0xc0605345, &(0x7f0000000300)={0x0, 0x0, {0x0, 0x0, 0x1ff, 0x0, 0x3e}})
ioctl$SNDRV_SEQ_IOCTL_CLIENT_ID(r4, 0x80045301, 0x0)
tkill(r3, 0x7)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000000c0)={'wlan0\x00'})

12.715245725s ago: executing program 3 (id=1639):
r0 = epoll_create1(0x0)
r1 = socket(0x1, 0x80802, 0x0)
r2 = epoll_create1(0x0)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r3, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r2, &(0x7f0000000100)={0xa000000d})
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f00000000c0)={0x10000001})
epoll_pwait(r2, &(0x7f0000000080)=[{}], 0x1, 0x80000000, 0x0, 0x0)
close(r2)
shutdown(r1, 0x0)
close(r0)

12.669448046s ago: executing program 2 (id=1640):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2, 0x0, @empty}, 0x1c)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000080)='veno\x00', 0x5)
setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000022, &(0x7f0000000040)=0x1, 0x4)
sendto$inet6(r0, 0x0, 0x0, 0x20004002, &(0x7f0000b63fe4)={0xa, 0x2, 0x80000000}, 0x1c)

12.569914936s ago: executing program 3 (id=1641):
r0 = syz_open_dev$usbfs(&(0x7f0000000040), 0x76, 0x141201)
ioctl$USBDEVFS_SUBMITURB(r0, 0x8038550a, &(0x7f0000000380)=@urb_type_control={0x2, {}, 0x0, 0xa4, &(0x7f0000002b00)={0x5f}, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_80211_inject_frame(&(0x7f0000000200)=@device_b, &(0x7f0000000400)=@mgmt_frame=@beacon={{{}, {}, @device_b}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @void, @void, @void, @void, @void, @void, @void, @val={0x3c, 0x4, {0x1, 0x39, 0x84}}, @void, @val={0x72, 0x6}, @val={0x71, 0x7, {0x0, 0x2, 0x0, 0xffffffffffffffff}}, @void}, 0x43)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = gettid()
sendmsg$netlink(r2, &(0x7f0000000080)={&(0x7f0000000000)=@kern={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f00000008c0)=[{&(0x7f0000000740)=ANY=[@ANYRES8, @ANYRES8, @ANYRES64, @ANYBLOB="66b305bcd92f66f22401053a80e3888d7b0f244c8ab334802e33b698f2f1eb262fe871d6830829351bf1af00ae6587cb75421ec48e6328717f4627316041b7303cb2a330c79fa4a3741a971044011d2778a4e839242759f89581", @ANYRES64=r2], 0x10}], 0x1, &(0x7f00000003c0)=[@cred={{0x1c, 0x1, 0x2, {r3}}}], 0x20, 0x1}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r4, 0x5, 0x70bd29, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_4ADDR={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000040}, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='ramfs\x00', 0x0, 0x0)
chdir(&(0x7f0000000240)='./file0\x00')
r6 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="190000000400000008", @ANYRES32, @ANYRES32], 0x50)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r7 = syz_open_dev$MSR(&(0x7f0000000000), 0x0, 0x0)
read$msr(r7, &(0x7f0000019680)=""/102392, 0x18ff8)
close(r6)
vmsplice(r6, 0x0, 0x0, 0x8)
readlinkat(r6, &(0x7f00000001c0)='./file0\x00', &(0x7f0000001040)=""/4096, 0x1000)
execve(&(0x7f0000000340)='./file0\x00', 0x0, 0x0)

12.495422824s ago: executing program 2 (id=1642):
bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$sock_int(r0, 0x1, 0x24, &(0x7f0000000200), 0x4)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, 0xfffffffffffffd5d)
getpid()
sched_setscheduler(0x0, 0x1, &(0x7f0000000080))
getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x20}}, 0x4)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000580)=ANY=[@ANYBLOB="20f3ffff0f000104000000000000000000480000c1bf393b462b68c3a155be2971e5786df378ad000e622718", @ANYBLOB], 0x20}}, 0x0)
process_vm_readv(0x0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x36}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, 0x0, 0x0, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x4)
writev(r1, &(0x7f0000000080)=[{&(0x7f0000000140)="580000001400192340834b80040d8c560a11820fffff5bab4e210000000058000b4824ca945f6400940f6a0325010ebc000000000000008007f0fffeffe809005300fff5dd00000010000100080c100000000000224e0000", 0x58}], 0x1)

12.389559162s ago: executing program 2 (id=1643):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt(r0, 0x84, 0x7f, &(0x7f0000000040)="020000000980ffff", 0x8)
ioctl$sock_TIOCINQ(r0, 0x541b, &(0x7f00000000c0))

11.655014918s ago: executing program 5 (id=1644):
r0 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0xfffd, 0x0, @remote, 0x7}, 0x1c)
setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000001440)=ANY=[], 0xc0)
sendmmsg$inet6(r0, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4000000)
setsockopt$inet6_IPV6_RTHDR(r0, 0x29, 0x39, 0x0, 0x0)

11.599749448s ago: executing program 0 (id=1645):
syz_mount_image$f2fs(&(0x7f0000000040), &(0x7f0000000080)='./file2\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='alloc_mode=default,resgid=', @ANYRESHEX=0x0, @ANYBLOB=',background_gc=off,resgid=', @ANYRESHEX=0x0, @ANYBLOB='\x00\b'], 0x1, 0x5501, &(0x7f0000005880)="$eJzs3M1rI2UYAPAnabvfrkU8eNuBRWhhEzbd7aK3qrv4gV3KqgdPmiZpyG6SKU2a1p48eBQP/iei4Mmjf4MHz97Eg+JNUDIzXbd+gNA0sdvfDybPvG/ePPO8YVl4ZkoCOLMWk19/LsXVuBgRcxFxJSI7LxVHZi0PL0TEtYgoP3GUivnHE+ci4lJEXB0nz3OWirc+vzG6vvrTW7988935+ctffP397HYNzNqLEdHbzs/3enlM23l8WMzXR50s9m6Pipi/0XtUjNM87rU2swx79cN19Szeaufr0+3dwThudeuNcWx3trL57X5+wcGofZgn+8DD+k42brY2s9gZpFlsH+R17R/k/7cdDIZ5nmaR76MsfQyHhzGfb+238v1sP8pioz8s5vO8abO1P46jIhaXi0babWZ1bB7nm/5/e7vT391PRq2dQSftJ6vV2kvV2p1KbSdttoat25V6r3nndrLU7o6XVYatem+tnabtbqvaSMtFilotWbrb2uzU+0mtVr1VvVlZXS7ObiSv338v6TaTpXF8tdPfHXa6g2Qr3UnyTywnK9VbLy8n12vJO+sbycaDe/fWN9794O77919Zf/O1YtHfykqWVm6urFRqNysrteWZ7b+3nCy1G43K9Pb/SVH0BPcPx1KadQEAp8/0+v95/T/w2Mn1/zsPIk6+/w/9/0Scqv73rPf/J7B/OBb9PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAmfXDwpdvZCeL+fhyMf9MMfVcMS5FRDkifv8Hc3HuSM65Is/Cv6xf+EsN35YiyzC+xvniuBQRa8Xx27Mn/S0AAADA0+urj699lnfr+cvirAtimvKbNuUrH04oXykiFhZ/nFC28vjl+Qkly/59z8f+hLJlN7AuTChZfsttflLZ/pO5I+HCE6GUh/JUywEAAKbiaCcw3S4EAACAafp01gUwG6U4fJR5+Cw4+8v7Px8IXjwyAgAAAE6h0qwLAAAAAE5c1v/7/T8AAAB4uuW//wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwB/s3M9t4kAUB+Bngxf2nxat9r6t7A3K2BL2uMeIAtIEJZAW0gA1kFtKiCDC46AQkSiSx7aCvk8yw1jwYwbBYd5IAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANClu2q9uLn6fd02Z7dvJ89sAAAAgHO21XpRP5ml/tfm/vfm1s+mX0REGRHn1u6j+HSSOWpyqldeX70Yw21EnXD4jElzfYmIP8318KPrbwEAAAAu12a5mqfVenqYDT0g+pSKNuW3v5nyioioZveZ0spD3q9MYfXvexz/M6XVBaxpprBUchvnSnuX+u9+rNpNnzVFasq3359t7gAAQI9GJ02/qxAAAAD69G/oATCMIp62Mo9bgZPUNNt7n096AAAAwAdUDD0AAAAAoHP1+t/5fwAAAHDZ0vl/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdGlbrReb5WreNme3byfPbAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCR/XlHgRAIgzDYu74zmfsfVho0NTWpAuHjbwwGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADe/O4v/yemxplk7rWx9DySrJ0aW6fG3rlx9Ifx9WsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC725yUFQiAIomDO+N9J3/+wkqBnECECGh5V1KIBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgC/63S//J6bGmWTutLF0PJKsXTW2rhp7DxpHD8bbvwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC527uc1jioOAPibmZ2trYprlD1ERMGDXux2W1t7Ew9K8OCfIIR0W2O3/mhzsKUIuXiTnHMRPYoISrzlf8g5gVziLYc9RPCszOxMMvkBrj86s0k+H3jzvjsM875vFkK+814CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAafTuQZxkh844jotzm3uPF7J+60ifWV/Zns1aFkd1Jn06vFz9EHWbSwQAAIDzIynr+xDCTro2l/VxJ6//0/KarOb/7tlxXNbzR+v+si9r/6z9+svui/sDdcbjZDe9vTgcXDmeSuvJzXK6Pfe3V7TyJ5+/e0nyLyT+YPmFUZo/z+ibjY332nl4oY5sAYB/43LZF0H5+1DW95tMDIBzo1UpvMv6P+k0mxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAHUbL4ekyjkIIs62DOLO193jhpH59ZXu2bDdWV1eq98xukYYQbi8OB1dqnMu0e/Dw0d354XBwv/7glRBCU6O/U0z/7kcTXBxCI89H8D8FcfFlT0s+pyNo8IcSAABnUlq0rK7fSdfmsnPRTAh/fn+4/n+9EocJ6//dj29sVseq1v/92mY4/XpL9z7vPXj46M3Fe/N3BncGn751tf92/9rN69dv9vJ3JT1vTAAAAPhv2kWr1v/xzPH1/0uVOExY/3/xbf+r6liJ+v9EB4t+TWcCAABwvj3/6h+/Ryecj9rt8OX80tL9/vi4//nq+NhAqv/YhaJV6/9kpumsAAAAgDqMlqND6/+3KnGYcP3/mR9e+ql6zySEcLFY/7+88NnwVn3TmWp1/Dlx03MEAACgWReLVl3/T/P9//H+loc4hPDGa+O4+DeAE9X/yftf/1gdq7r//1p9U5xKcXf8PPK+G0Kr23RGAAAAnGVPFS0r9n9L1+Y++fnSh237/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADq9lcAAAD//1CCPCw=")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000000340)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000040)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c})
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}]})
syz_mount_image$fuse(&(0x7f0000000000), &(0x7f0000000100)='./bus\x00', 0x100000, &(0x7f0000000940)=ANY=[], 0x1, 0x0, 0x0)
chdir(&(0x7f0000000140)='./bus\x00')
syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)

11.491431794s ago: executing program 2 (id=1647):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'ip6_vti0\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=@dellink={0x20, 0x11, 0x101, 0x0, 0x0, {0x0, 0x0, 0x0, r1}}, 0x20}}, 0x0)

11.215818759s ago: executing program 2 (id=1648):
socket$nl_sock_diag(0x10, 0x3, 0x4)
preadv(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
socket(0x0, 0x803, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000001240)=[{0x0}], 0x1, 0x0, 0x0)
r1 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x4, [@func={0x2, 0x0, 0x0, 0xc, 0x2}, @func_proto]}, {0x0, [0x0, 0x5f]}}, 0x0, 0x34, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000100)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f00000000c0)={0x0, 0x1}, 0x1, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc000000000000000000000000000000ac1e000100000000000000000000000000000000000000000a00600000000000", @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB='\x00'/112], 0xb8}}, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(aes-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r3 = accept4(r2, 0x0, 0x0, 0x0)
sendmmsg$alg(r3, &(0x7f0000000400)=[{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000080)="f78d9c", 0x3}], 0x1}], 0x1, 0x0)
getpriority(0x2, 0x0)
recvmmsg(r3, &(0x7f0000005d80)=[{{0x0, 0x0, &(0x7f0000001340)=[{&(0x7f0000000340)=""/4096, 0x34000}], 0x1}}], 0x1, 0x0, 0x0)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000080)={'\x00', 0x52d35ce30131f272})
ioctl$TUNSETLINK(r4, 0x400454cd, 0x301)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
sendmsg$NFQNL_MSG_VERDICT(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000800)=ANY=[@ANYBLOB="14000000010201f1"], 0x14}}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)

10.410390541s ago: executing program 3 (id=1649):
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="5000000000010000000000000000000000000000180001801400018008000100ac1414bb080002003f3214bb24000280140001"], 0x50}}, 0x48000)
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendmsg$netlink(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="d824000028000100020000080000000001"], 0x24d8}], 0x1}, 0x0)

9.973749866s ago: executing program 1 (id=1652):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000440)=0x82, 0x49)
ioctl$int_in(r0, 0x5452, &(0x7f0000000040)=0x401)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e21, @local}, 0x10)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
setsockopt$sock_int(r0, 0x1, 0x7, &(0x7f0000000d00), 0x4)
sendto$inet(r0, &(0x7f0000000480)="fbbf0b5044e308cb7bd572aa2b42e9678bcf30eff9f3aed14dc94a114bd2b45956aebe2b108a87e865501a5f9e0383611afdd3f8bac3d5cfd7772a3ab48d0ba4b600731e357e38716c449fae7c28548a4f2105f44b8fd9b33041270ae01f1a405e3f650fc3b0926d481c364fca00000000000000006d3a3ede9fc738b8d86209c060161d5ddb5fcf3d09001117cdb9d055aa2d89fe3458720724853a876448d4a1fe9ef0569ad98a05ab5df763923b4e2c576e00000000000000000000000000000000002090666159e3075f7244cf4ec3d7814c0c934f44e200219e6dd7bc23397d5f2f2c76a5baddd0fd8c340362691ef226f7a0ac51b74b6be5ed6737948514cd466943d08eeb3895b80499da2b209da4f3ec5e3744ce3e863b0e04d0ec2f39edf50b6e08c4b47e448a35414763d687fbe3792ee15c5b9791310a346472723c100bf77a310b0ced8004b5ac6d48c40439f512e8ef34a53d65f55563f68136a577736ca5f6f66e01ef4ec2cdc8db34f6de50713adaa3f70189958263fddc1314f8a28ccdef6e1390c5fbaeadc3035d019f0dc75de307de6c0d010000000000000027083d1d5b4b013c503b863b560688d94de886b6dc73d5da2dfeff4bed1a49a975a6c8dbb480e4415ddca5657a5a8e3b111015499e952bb5e8d8f60de3d688df7802c6e8b27b31fac4e199038b79a3999920e634a5af162a9581b0e6647e410700246548234acacf9cb43ab332a37bbc926c39897395c974fda31536be523bf4260300730ae6136fecae5f0fa6ab2df8d98128b24589e3bbe5230e07dc5e0d65cc397e3f8204d48e59e8e294a6d7008ba8fba28cd5009fe1a7c569ce740078bf1c7389a6ba0f89257f0eac417aac0d2d89b05ee5dafa2f1d936c87264d077b2c0d5abdbc64ce943f895dd4c2e9dd7393543d89b00dc6b3a25045d4ec932366c67dfad087fa8dc104644828440bdf67dd97ebccb3bd", 0xfffffea5, 0xc000, 0x0, 0xfffffcef)
recvmsg(r0, &(0x7f00000033c0)={&(0x7f00000003c0)=@ethernet={0x0, @dev}, 0x80, &(0x7f0000002040)=[{&(0x7f0000000080)=""/49, 0x31}, {&(0x7f0000000f80)=""/4096, 0x1000}, {0x0}, {&(0x7f0000000100)=""/102, 0x66}, {0x0}], 0x5, &(0x7f0000001f80)=""/178, 0xb2}, 0x120)

9.751562102s ago: executing program 4 (id=1520):
r0 = syz_usb_connect$cdc_ncm(0x0, 0x72, &(0x7f0000000bc0)=ANY=[], 0x0)
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
write$char_usb(r1, 0x0, 0x0)
r2 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
write$char_usb(r2, 0x0, 0x0)
write$char_usb(r1, 0x0, 0x0)
syz_usb_disconnect(r0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)

9.70698696s ago: executing program 2 (id=1653):
prctl$PR_SET_MM(0x23, 0x6, &(0x7f0000ffc000/0x4000)=nil)
prctl$PR_SET_MM(0x23, 0x7, &(0x7f0000ffc000/0x4000)=nil)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
dup(r0)
getpgid(0x0)
syz_mount_image$hfsplus(&(0x7f0000000800), &(0x7f0000000140)='./bus\x00', 0x1098000, &(0x7f0000000100)=ANY=[], 0x0, 0x685, &(0x7f00000016c0)="$eJzs3c1vHGcdB/DvbNZONpTUbZM2RZUSNRIgIhI7Vgrm0oAQyqFCVTlwthInsbJJi+0it0LUvF97yB9QDr5xQEjcI8qFC9x69bESgksvmNOimZ1db/y6bhOvHT6favw8M888z/ye387s7EujDfB/6/rFNB+myPWLbyyX62ur0+211el7vXqS40kaSbNbpPhPp9P5OLmW7pKXy431cMVOx3kwP/PWJ5+tfdpda9ZLtX9jt37DWamXnE9yrC4f13g39hrvxLZbWxvVoj/DMmEXeomDURtL0qn860F3y0/+9ky/ZUBru97bn/nA0VJ075tbTCQn6wu9fB3QvSt279lH2sqoAwAAAIAD8Ox61rOcU6OOAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAI6S+vf/i3pp9OrnU/R+/3+83pa6fric29/uD59UHAAAAAAAAABwgM6tZz3LOdVb7xTVd/6vViunq79fyrtZzFwWcinLmc1SlrKQqSQTAwONL88uLS1M9Xv2/s+ArT2vbNvzyh6BHq/L1uOYNQAAAAAAAAAcfeudTmdg9Ze5vvH9PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHAZFcqxbVMvpXn0ijWaSE0nGy/1Wkn/06kfZw1EHAAAAAF9AZ8j9nl3PepZzqt+vqN7zv1i97z+Rd3M/S5nPUtqZy83qs4Duu/7G2up0e211+l65bB33u//eV7jViOl+9rD9kc9We7RyK/PVlku5kbdTFDfTqHqWzvbi2T6uX5QxFa93jQ0Z2c26LGf+YV1u8cG+JruTfX6YMlFlZKyfkck6tjIbz+2eiX0+OpuPNJVGP9jTm460aRKP5Pz1IY93si7L+fx2p5yPxOZMXBk4+17cPefJ1/78hx/fad+/e+fW4sXDM6XhHKvL7vNKa2smpgcy8dLTnIktJqtMnOmvX88P8qNczPm8mYXM56eZzVLmcj7fr2qz9flcDFzyO2Tq2iNrb+4VyXh9hnYfrEdjyh4xvVr1PZX5/DBv52bm8lr135VM5Vu5mquZGXiEzwzxTNvY4arvfHnb4C98va60kvyuLiu3m3tN/Akr8/rcQF4Hn3MnqrbBLRtZen4f96Nelv64eyjNr9SV8hi/qsvDYXMmpgYy8cLumfh99bSy2L5/d+HO7DvDHe75D+tKeR395lDdJcrz5fnywarWHj07yrYX6raxatnI13j9jUu3X2NL25l+W/dKXdnxSh2vX8NtHelK1fbStm3TVdvZgbbNr7fa/ddDT8OXPwBPrZPfODne+mfr762PWr9u3Wm9ceJ7x799/JXxjP117DvNyWNfbbxS/Ckf5ecb7/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDPb/G99+/OtttzC5sqnU7ngx2aqkrZXvbfbZ9DWOn9nNkBHvTlZ5JRTXk8yeHI/H87nU69pTgM8exe6ZSOp/M5u/8lyXA7N5Ns13Ru9EkY7fMS8ORdXrr3zuXF997/5vy92dtzt+fuz1y9OjM5c/W16cu35ttzk92/o44SeBI2bvqjjgQAAAAAAAAAAAAY1kH8c4Kdj37iIKcKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHFHXL6b5MEWmJi9Nlutrq9PtcunVN/ZsJmkkKX6WFB8n19JdMjEwXLHTcR7Mz7z1yWdrn26M1ezt39it33BW6iXnkxyry8c13o0vPF7Rn2GZsAu9xMGo/S8AAP//s3EKMQ==")
syz_mount_image$hfsplus(&(0x7f00000000c0), &(0x7f0000002380)='./bus\x00', 0x1024890, &(0x7f00000023c0)=ANY=[], 0x3, 0x6eb, &(0x7f0000000900)="$eJzs3U1sHGcZAOB31uv1roHUadOkoEhdNVJBWCR2jAvmQkAIfKhQVQ6cV4nTWNk4le0iJ0LU4efOoQfEqRx8qzigco8EZ6pKqFcfOFRC6qUn34xmdmZ3bY9314lju/R5rJn5Zr7feWdnZn9kTQBfWovTUX0cSSxOv76Rrm9vzbXHtuYm8ux2RNQiohJR7SwiWcnzvno5bqTLr6cb823JYf28t7zw5iefb3/aWavm0/B6JWoHN23mUzQjYixfHjR+SIsf7u9+T3s3D21vVEl3D9OAXcmXEX9+qlbhqe0esNnN++Df2XxQ9aOct8AZlXTumwdMRUxGRD0isvcE+dWhcrKjO36bpz0AAAAAOKrG0as8txM7sRHnnsVwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4P9V/vz/JJ8qRboZSfH8/1q+LfL0GTT8QYgfT3SWj5/9YAAAAAAAAADgmXt5J3ZiI84V67tJ9pv/K32/8X8l3om1WIrVuBob0Yr1WI/VmI2Iqb6Gahut9fXV2axmxIUBNa/HRyU1rx8+xhvHvM8AAAAAAAAAcMbVh+TfHT+47bex2Pv9HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAzoIkYqyzyKYLRXoqKtWIqBflNiM+ioja6Y72SJKyjY9PfhwAAADwVOp7V5P6CHWeezd2YiPOFeu7SfaZ/2L2ebke78RKrMdyrEc7luJW/hk6/dRf2d6aa29vzd1Lp4Pt/uizIw09azE63z2U9/xSVqIRt2M523I1bkYSu5lK3spL21tz6fJe+bgepWNKfpgbMJqxvvStdHbpwyz9x73fIlSPtItPqHJozlSWO96NyEw+trTG+SIC5ZEYenSqA3uajUr3m58Lg3sqj/mjwb1P7itV+s3NqdgfietR6R6hi4MjEfHNv3/wyzvtlbt3bq9Nn51dKvXu0BLdSHy3uMz0InFp5Eg0jnvgp2Am2/cXu+uL8dP4RUzHZxNvxGosx6+iFeux1CzyW/nrOZ1PDY7Ux5P9a28MG0l6Tja716+yMTVjz5iiGT/JUq14JTum52I5krgfEUvxWvZ3PWa7V4PeEX5xhLO+MsKVts+Vb2WLbphiwGvjr6M1eVzSuJ7vi2v/NXcqy+vf0ovS86VRKu51o9+P+lS/kSfSFn438P5w0vZHYrYvEi8c9nrphPQvu+l8rb1yd/VO6+0R+3s1X6bn0R/O1F2iFo/i+ajnO3c+myfZOTWTHf0XunfYvfGq5b+4dFT25/3sT916nTP153E/bu05U78X8zEfC1lLF7PS4wfuWGnepW5L/XlzWV76Tqva/WGn//3W/Wh33g8BcLZNfnuy1vhv41+N9xu/b9xpvF7/8cT3Jy7XYvyf4z+ozoy9Wrmc/C3ej9/0Pv8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABPbu3Bw7utdntptTxRKc9KBtdqtXeLB4kNKLMnkeSPyhmhcLL24OHu0AYHJyby4T1h9eNMFI9RG164+QyHkWzuP1714ceieMrTCF0kBwKeVn7iMRc997aMn4FDuT/RPL4GixdsX9bor97/fK1TuVF2vMYioqzWkAvH2J4WgS+ga+v33r629uDhd5bvtd5aemtpZXx+fmFmYf61uWu3l9tLM515X4UTefgtcBL630501SLi5eF13fwBAAAAAAAAAADgdJzE/0Kc9j4CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAX2yL01F9HEnMzlydSde3t+ba6VSkeyWrEVGJiOTXEck/Im5EZ4qpvuaSw/p5b3nhzU8+3/6011a1KF+J2Dy03mg28ymaETGWL4+rvZvD26v1khMl2Uk3MmnArhSBg9P2vwAAAP//rPrpEA==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$PIO_UNIMAPCLR(r2, 0x4b68, 0x0)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001000)=ANY=[@ANYBLOB="700200001f0001002abd7000fedbdf257f0000010000c3973bd9000000000000000004d510b43c00000000000000b997a4586f9de2a600020000000005350000330114007368613232342d737373653300000000000000000000000000000000000000000005000000000000000000000000200000000000000000f2ff0000000000000038070000c0000000e433a4d4630eaa8c823a34a05fd2eece532dee6cbe4f36a0f32522fbc0264ce59da690557fbe8997ff931e7cf42752f999e5558a0e023c2927edc614ff894129c3f365f848da8611abe40d591844d93f14ff7996dbf4b7d72da32236db9dc10e94d584eb5839a2d11ace7e7d801f6b52c6ddf1d11fd96b2a48c18b8103ef00ce1f308821e8d87cfd72488d5872e5bf422c2cff90e2efc6dfeef83eb108c58de81d5834b097e80f04850b17a2c25fe36b02105790e6bc6a923d9340c088873bc1a369a62b8c21cd02d732579b4dbdfee645c75ef445ebee3a043eff78e7b6a00fa064b45d26f98f00e80003006c7a73000000000000000000000000000000000069ac9d5c37be0f73f70000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000500005a83cd97a67301c8e36d5adca6f7b5edf0da1abb18571984714fa483eeaac7eb3c57e7f57b2b0054452837f71b770d0e4870d30e69b03c8c629208c00cf2299d7ba7cce71928af597a2a94678d2ceb0c188b495dcf8df05b604fd9d00e03bdc05378ce3aab54d43f1edf15286ba35b2508408a929c086391f6b998a22e0b92f22c3b9c4ee33063be7c26779f4ea473a15ea8fedcb0837a4df62e7f67ef91922f14000d00fe8000000000000000000000000000aac59da77cd193a53d8c7b8dcf9be965a7a9895853bef3a2d3ed3c6c7bf1886eb48a86d056c2da4da020d66a411d0ae8f553bf0f70444ccc9aa357b342cf8d48"], 0x270}}, 0x0)

9.387433192s ago: executing program 3 (id=1654):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000240)={0x26, 'hash\x00', 0x0, 0x0, 'michael_mic-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000040)="4dc07f947163300c", 0x8)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmmsg$inet(r1, &(0x7f0000000e40)=[{{0x0, 0x0, &(0x7f0000000fc0)=[{&(0x7f00000002c0)}, {&(0x7f0000000300)="2b84c2a412b6bb9c91169d149757acf5bc60d4f194cd18ed5a855bb7f3bacbdfa3cdb838181905e5d4f5cc8c644cc4f95ac94463692e0dadcb8cda6a0fdeb27cd46270874904340164a11b73cec29cc440ee51612af3abd1130667b5c346f16defdd41abcd925ed21324cb9732d3b8f6e4942bfc8fd79770478688a495f81dc7572256141082d66fe3059e95289901eea9e9ca0d4f6e38243a20d1050bb08acf62e8ccd989adb3925926891169f34c373e553257eb6a3e99ad6a268ce30c94a2eb8d4d1d4c00"/214, 0xd6}, {&(0x7f0000000a00)="b5", 0x1}], 0x3}}], 0x1, 0x8000)
recvmmsg(r1, &(0x7f0000004ac0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)

9.338252411s ago: executing program 0 (id=1655):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000300)={0x30, r1, 0x1, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast1}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x18}]}]}, 0x30}}, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="3c00000010000100"/20, @ANYRES32=0x0, @ANYBLOB="00e7ff0000000000140003007465616d5f736c6176655f300000000008000a"], 0x3c}}, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000080)='cpuset\x00'}, 0x30)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r6=>0x0})
sendmsg$NL80211_CMD_FRAME(r4, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000c40)={0x40, r5, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_FRAME={0x22, 0x33, @action={{{}, {}, @broadcast}, @ext_ch_sw={0x4, 0x4, {{}, @void}}}}]}, 0x40}}, 0x0)
r7 = syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000080))
pread64(r7, &(0x7f00000011c0)=""/99, 0x63, 0x500)
r8 = socket$igmp6(0xa, 0x3, 0x2)
getsockopt$inet6_IPV6_IPSEC_POLICY(r8, 0x29, 0x22, &(0x7f0000000080)={{{@in=@multicast2, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r9=>0x0, <r10=>0x0}}, {{@in6=@remote}, 0x0, @in=@private}}, &(0x7f00000005c0)=0xffffffffffffff51)
r11 = socket$kcm(0x10, 0x2, 0x0)
r12 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r12, &(0x7f000000c2c0)={0x0, 0x0, 0x0}, 0x0)
r13 = socket$nl_netfilter(0x10, 0x3, 0xc)
r14 = syz_genetlink_get_family_id$team(&(0x7f0000000600), r3)
ioctl$ifreq_SIOCGIFINDEX_team(r3, 0x8933, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000740)={0xffffffffffffffff, 0x58, &(0x7f00000006c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r15=>0x0}}, 0x10)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, &(0x7f00000007c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000780)={&(0x7f0000000c80)={0x4a8, r14, 0x4, 0x70bd26, 0x25dfdbfb, {}, [{{0x8, 0x1, r9}, {0xb4, 0x2, 0x0, 0x1, [{0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8, 0x4, r9}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0xff2}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0xf}}}]}}, {{0x8, 0x1, r9}, {0x78, 0x2, 0x0, 0x1, [{0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8, 0x4, r9}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r9}}}]}}, {{0x8, 0x1, r9}, {0xb4, 0x2, 0x0, 0x1, [{0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8, 0x4, r9}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0xb80}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0xf}}}]}}, {{0x8}, {0x140, 0x2, 0x0, 0x1, [{0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x9}}}, {0x44, 0x1, @name={{0x24}, {0x5}, {0x11, 0x4, 'activebackup\x00'}}}, {0x3c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x9, 0x4, 'hash\x00'}}}, {0x44, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x14, 0x4, [{0x4, 0x0, 0x6, 0x9}, {0x9, 0x2, 0x1, 0x4}]}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0xfffffffa}}, {0x8, 0x6, r9}}}]}}, {{0x8, 0x1, r9}, {0x4}}, {{0x8, 0x1, r9}, {0x140, 0x2, 0x0, 0x1, [{0x44, 0x1, @name={{0x24}, {0x5}, {0x11, 0x4, 'activebackup\x00'}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0xfffff800}}}, {0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8, 0x4, r15}}}, {0x4c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x19, 0x4, 'hash_to_port_mapping\x00'}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r9}}}]}}]}, 0x4a8}, 0x1, 0x0, 0x0, 0x20000000}, 0x800)
sendmsg$NFT_MSG_GETSETELEM(r13, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000009c0)={0x20, 0xd, 0xa, 0xe01, 0x0, 0x0, {0x1}, [@NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}]}, 0x20}}, 0x0)
ioctl$sock_SIOCSIFBR(r11, 0x8941, &(0x7f0000000000)=@generic)
sendmsg$nl_xfrm(r2, &(0x7f0000000580)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800000}, 0xffffffffffffff4c, &(0x7f00000001c0)={&(0x7f0000000240)=@updsa={0x330, 0x1a, 0x200, 0x70bd2d, 0x25dfdbfd, {{@in=@loopback, @in=@broadcast, 0x4e21, 0x4, 0x4e21, 0x1000, 0x2, 0x0, 0x80, 0x407813d837b8b9f8, 0x0, r10}, {@in=@private=0xa010101, 0x4d6, 0x6c}, @in=@private=0xa010100, {0x10, 0x6a0, 0x25, 0xff9, 0x80, 0x5, 0xac, 0x8}, {0x5ec800000, 0x80000001, 0x8ce, 0x9}, {0x9, 0x3, 0x8}, 0x70bd29, 0x3500, 0xa, 0x1, 0x5e, 0x2}, [@srcaddr={0x14, 0xd, @in=@dev={0xac, 0x14, 0x14, 0x17}}, @lifetime_val={0x24, 0x9, {0x9, 0x415a, 0x7092, 0x8}}, @mark={0xc, 0x15, {0x35075c, 0x6}}, @algo_auth_trunc={0x7c, 0x14, {{'streebog256\x00'}, 0x180, 0x0, "04505e9975033bec188af1eb7a2ff8f0dd46683b5eabae11998cb49ded87d2075fa35881a439e4fb36992309137c5f05"}}, @XFRMA_IF_ID={0x8, 0x1f, 0x1}, @XFRMA_IF_ID={0x8, 0x1f, 0x1}, @XFRMA_SET_MARK_MASK={0x8, 0x1e, 0x2}, @algo_auth_trunc={0x115, 0x14, {{'blake2s-160-generic\x00'}, 0x648, 0x40, "f5dec6fc872d32bfc2edaf4298f0fe63619190a8629f973acfb9393e1000d6523c7b0dbdfd31ebcc2a55d9c3a9c5a681bdfff98cdf85b4b1df2f487869d50233071ac200cec3e9c9b128062430b133c63e1a6c67574e9b29a22a6394f1c9f33874e275a41ede87f071d6155bc2a4ca45ccd8d1634d208aebd29b5a801094a0e3c5f816ec3294fea025180591bf58f36c0c3c1176ac2e703c448022c6932c322a8d8b02ec46bb66a5216084a41bffbfcbc065b74293dd42ac84aee2232c4d86ada9bb08d0839594d9ab"}}, @migrate={0x50, 0x11, [{@in6=@ipv4={'\x00', '\xff\xff', @broadcast}, @in6=@loopback, @in6=@rand_addr=' \x01\x00', @in=@remote, 0x3c, 0x0, 0x0, 0x3506, 0x2, 0xa}]}]}, 0x330}, 0x1, 0x0, 0x0, 0x20004000}, 0x40010)
sendmsg$nl_route(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[], 0x68}, 0x9}, 0x0)

9.033289193s ago: executing program 1 (id=1656):
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000400)={0x10000004, 0x0, 0x0, 0xfffffffc}, 0x10)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000040)=ANY=[@ANYRES8, @ANYRESHEX], &(0x7f0000000300)='GPL\x00', 0x0, 0x1239821a4ce64f71, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_generate\x00', r2}, 0x10)
r3 = gettid()
r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
read(r4, &(0x7f0000000200)=""/209, 0xd1)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r4, 0x4040534e, &(0x7f0000000080)={0x335})
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x4)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
openat$cgroup_type(0xffffffffffffffff, &(0x7f00000001c0), 0x2, 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r4, 0xc08c5332, &(0x7f0000000600)={0x0, 0x0, 0x0, 'queue0\x00'})
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TIMER(r4, 0xc0605345, &(0x7f0000000300)={0x0, 0x0, {0x0, 0x0, 0x1ff, 0x0, 0x3e}})
ioctl$SNDRV_SEQ_IOCTL_CLIENT_ID(r4, 0x80045301, 0x0)
tkill(r3, 0x7)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000000c0)={'wlan0\x00'})

5.971563543s ago: executing program 3 (id=1657):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
sendmmsg$inet(r0, &(0x7f00000057c0)=[{{&(0x7f0000002d80)={0x2, 0x0, @multicast1}, 0x10, &(0x7f0000003ec0)=[{&(0x7f0000000740)="46798883787253b0caa0c08bd60674662bf97a9cffc1100362360ba9303d93c27f101f990c7b50713d1006a9e41f5cc2a90be150b4d0b41b1c5a69a05468c6d4ae6747c83fc0aedea2564c5b5c4fc3162d2bae0edbb0d3efe08b9885f57dc43a44dc61aa9b64367bc6631f07f66747766c26b5cfb027a8560364e8095180549d5432a608ac7d166e87031969429ef9367ebcca57ab533019cde8d045ca1f69ebecb93b0e1e0acc7ccedc7ac65b0e14d8454d3efed95d9151f25a540b96bcb659a9593afc38b66fb362f548264a544f9cc4ac74c98a48c40800000084cb59240261f5c62f2719ba14f2d6e537f0556b793ff9c067020b9041b3c5aa5a606e381219f2762b9ab55277a9d8764f2d8ef10334bd4211e41431faa8a58cd122bd53b3b43340d9d2545642e386fb3f966b7364c2b842ae336fedfc941f479e024d5f795ead5c559abbfe4e5a8aaabf140dfb7231a4d5c8de7bf97b31b0c5a1453fde4b4b4014455adb248c86bde77671be3ea6f72d74e7f129699b512b117f917fedcdfe21bfc25b94a3ea217514d5208d48203bd0797297db3bfd391853a787b76f2ea0f13492e71671ac9a48c66002b853bb4d7fdeba5b972ea301ff7f00008197e0648e9fdb575940c69571f096bfae5ae18c60f3d2041e4bcbd4ccb1af229f7fc4b1a5c1006e340af6cdaf7b876b60da879edcdee201c5882b0b42cce4a0744a1f21b494e66f2b6e64368c1e78a1d6e61e1fa3f5a568f8fa11a522828ad2e4ab7350c563a275f86d26dfabbdbe931b72d7c0cced8160ecd888ed7c4220612b979bf3239c273c1f1b501396adf2e66084d88df29083c66bedc7c70dfa0b338fd742ecb9284e3a312cc41cf23c9ca7baa10a44c6dd13066bde87c2916618b40581beb716c78062429ba7ab58d4f69eee4196d9df7173920fb0c0458a16683de762f788", 0x2a1}], 0x1}}], 0x1, 0x0)

4.916356691s ago: executing program 4 (id=1658):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, 0x0, &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = socket(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
prctl$PR_MCE_KILL(0x36, 0x0, 0x1)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x28}}, 0x0)
getsockname$packet(r1, 0x0, 0x0)
r2 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0xa02, 0x0)
writev(r2, &(0x7f0000000600)=[{&(0x7f0000000940)="52e6e3716535b77364bdbc4fe823e6afa68f39fa4a64b6af8b8910be", 0xffffffe1}], 0x1)
r3 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r4 = dup(r3)
io_setup(0x19, &(0x7f00000009c0)=<r5=>0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet(0x10, 0x3, 0x0)
bind$packet(0xffffffffffffffff, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newlink={0x20, 0x10, 0x401}, 0x20}}, 0x0)
sendmsg$NFT_BATCH(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)={{0x14}, [@NFT_MSG_NEWRULE={0xc4, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2}, [@NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_EXPRESSIONS={0x98, 0x4, 0x0, 0x1, [{0x50, 0x1, 0x0, 0x1, @log={{0x8}, @val={0x44, 0x2, 0x0, 0x1, [@NFTA_LOG_QTHRESHOLD={0x6}, @NFTA_LOG_FLAGS={0x8}, @NFTA_LOG_QTHRESHOLD={0x6}, @NFTA_LOG_QTHRESHOLD={0x6}, @NFTA_LOG_QTHRESHOLD={0x6}, @NFTA_LOG_QTHRESHOLD={0x6}, @NFTA_LOG_GROUP={0x6}, @NFTA_LOG_SNAPLEN={0x8}]}}}, {0x44, 0x1, 0x0, 0x1, @xfrm={{0x9}, @val={0x34, 0x2, 0x0, 0x1, [@NFTA_XFRM_KEY={0x8}, @NFTA_XFRM_SPNUM={0x8}, @NFTA_XFRM_SPNUM={0x8}, @NFTA_XFRM_DIR={0x5}, @NFTA_XFRM_DIR={0x5}, @NFTA_XFRM_DIR={0x5}]}}}]}]}], {0x14}}, 0xec}}, 0x0)
io_submit(r5, 0x1, &(0x7f0000000500)=[&(0x7f0000000200)={0x0, 0x0, 0x0, 0x5, 0x0, r4, 0x0}])
ioctl$SNDCTL_DSP_SETTRIGGER(r4, 0x40045010, &(0x7f00000001c0))
sendmsg$nl_route_sched(r0, 0x0, 0x0)

4.7536762s ago: executing program 3 (id=1659):
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x0, 0x8}, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000000c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000180)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket(0x40000000002, 0x3, 0x2)
setsockopt$SO_BINDTODEVICE(r5, 0x1, 0x19, &(0x7f0000000080)='syz_tun\x00', 0x4d)
sendto$unix(r5, 0x0, 0x0, 0x8000, &(0x7f0000000d00)=@abs={0x0, 0x0, 0x10000e0}, 0x6e)
sendmsg$unix(r5, &(0x7f0000000900)={&(0x7f0000000180)=@abs={0x0, 0x0, 0x4e22}, 0x6e, &(0x7f0000000040)=[{0x0}], 0x1}, 0x0)
recvmmsg(r5, &(0x7f0000000240)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffec8}}], 0x4000000000002c5, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000180)='./file1\x00', 0x3000010, &(0x7f0000000080), 0x1, 0x513, &(0x7f00000010c0)="$eJzs3d9rY1kdAPDvvW1mOzNdk1WRdcF1cVc6i07Sbt3dIqLriz4tqOt7rW1aSpOmNOk6LYt28T8QQcEnn3wR/AOEZR78A2RgQF/EB1FRRGf0QVDnSpIbp5Mmbd1pm07z+cBpzrn35n7PuSEn98fpvQGMrRci4o2ImIiIlyOimE9P87TYLux3l7t/753ldkoiy976axJJPq23rnZ5MiKud98SUxHxtS9HfDM5HLe5u7exVKtVt/NypVXfqjR3926u15fWqmvVzfn5udcWXl94dWE2yz1WO0u9zE++9Pn3Pv2t3y3++ca329X63EeiEH3tOE3dphc626KnvY22zyLYCEzk7SmMuiIAAJxIex//gxHxic7+fzEmOntzfSZGUTMAAADgtGRfmI5/JxEZAAAAcGmlETEdSVrOxwJMR5peyc8NfDiupbVGs/Wp1cbO5kp7XkQpCunqeq06m48VLkUhaZfn8jG2vfIrfeX5iHgmIr5fvNopl5cbtZURn/sAAACAcXG97/j/H8W0kz/egP8TAAAAAC6u0tACAAAAcFk45AcAAIDLr//4/70R1QMAAAA4E1958812ynrPv155e3dno/H2zZVqc6Nc31kuLze2t8prjcZa55599ePWV2s0tj4Tmzu3Kq1qs1Vp7u4t1hs7m63F9UcegQ0AAACco2c+fvvXSUTsf/ZqJ0V+H0CAR/xh1BUATtPEqCsAjIy7eMP4Koy6AsDIJcfMN3gHAACefDMfPXz9v/f8f+cG4HIz1gcAxo/r/zC+CkYAwlhLI+ID3exTw5YZev3/lyeNkmURd4oHpzi/CAAA52u6k5K0nB8HTEealssRT0ekpSgkq+u16mx+fPCrYuGpdnmu887k2DHDAAAAAAAAAAAAAAAAAAAAAAAAAEBXliWRAQAAAJdaRPqnpHM3/4iZ4kvT/ecHriT/LMYf88KP3vrBraVWa3uuPf1vnWd5XYmI1g/z6a8MfXwYAAAAcNqS/aGzusfp+evcudYKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgDFw/947y710nnH/8sWIKA2KPxlTndepKETEtb8nMXngfUlETJxC/P13I+LZQfGTeJBlWSmvxaD4V884fqmzaQbHTyPi+inEh3F2u93/vDHo+5fGC53Xwd+/yTw9ruH9X5pHfrbTzw3qf54+tLb6wBjP3f1ZZWj8dyOemxzc//T632RI/BcPre1fWZYdjvGNr+/tDYuf/ThiZuDvT/JIrEqrvlVp7u7dXK8vrVXXqpvz83OvLby+8OrCbGV1vVbN/w6M8b2P/fzBUe2/NiD+b3/T7X+Pav9Lw1ba5z93b937UDdbGBT/xosDf3+nYkj8NP/t+2Seb8+f6eX3u/mDnv/pneePav/KkO1/3Od/44Ttf/mr3/39CRcFAM5Bc3dvY6lWq24fkZk6wTJPYuYXUxeiGv9nJvtO95O7KPV5v5n23urDKb1WXYCKHchk5xZrIi5Ik/+XGWm3BAAAnIGHO/2jrgkAAAAAAAAAAAAAAAAAAACMr/O4nVh/zP3RNBUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Ej/DQAA///M/t/r")
open(&(0x7f0000000040)='./bus\x00', 0x1ed37e, 0x0)
r6 = open(&(0x7f0000000080)='./bus\x00', 0x185102, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r6, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)

4.49468217s ago: executing program 1 (id=1660):
r0 = syz_usb_connect(0x0, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="11010000733336088dee1edb23610000000109022d0101100000000904000003fe03010009cd8d1f0002000000090505020000fcffff09058b1e20"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000780)={0x84, &(0x7f00000004c0)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$uac1(r0, &(0x7f00000002c0)={0x14, &(0x7f00000001c0)=ANY=[], 0x0}, 0x0)
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$EVIOCGMASK(r1, 0x5b02, 0x0)

886.312326ms ago: executing program 1 (id=1661):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
ppoll(&(0x7f0000000180), 0x0, &(0x7f0000000100), 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x22000406, &(0x7f0000000180)={[{@dioread_lock}, {@noblock_validity}, {@abort}, {@init_itable}, {@auto_da_alloc}, {@grpjquota, 0x2e}, {@grpid}, {@errors_remount}, {@jqfmt_vfsv1}, {@grpid}], [], 0x2c}, 0x84, 0x4aa, &(0x7f0000000740)="$eJzs3MtvG0UYAPBvN4++m7SURx9QQ0FEFJImLdADh4JA6gUJCQ7lGNJQlaYtaoJEq4oGhMoR8RcARyQkTlw4gYQQcAJxhTtCqlAvLRxQ0Nq7ybqxU8d5GOrfT7IzszvrmW93xx7vZB1A16pkT0nE1oj4NSIGatn6ApXan5vXL0/8df3yRBJzcy//mVTL3bh+eaIoWmy3Jc8MpRHp+0nsbVDv9MVLZ8anpiYv5PmRmbNvjkxfvPTE6bPjpyZPTZ4bO3r0yOHRp58ae3JV4sziurHnnfP7dh9/9aMXJ+bitR8+z9q7NV9fjqNmcMV1VqISc7mFpf3V50dW/Or/LdtK6aS3gw1hWXoiIjtcfdX+PxA9sXDwBuKF9+Yz33aogcCayT6bdixa2pP/Tec/v4A7UaKPQ5cqPvGz77/FYz3HH5127dnsebIa/838UVvTG2n2XXaw9o29p8n2x1ZY/9aIODH798fZIxpehwAAWF1fZ+OfxxuN/9K4p1Ruez6HMhgRByNiZ0TcFRG7IuLuiGrZeyPivmXWX7klv3j88/OmtgJrUTb+eyaf26of/6V5iWQ+t60af1/y+umpyUP5PhmKvg1ZfnSJOr55/pcPm62rlMZ/2SOrvxgL5u34o3dD/TYnx2fGVxBynWvvRuzpbRR/Mj8TkO2B3RGxp43Xz/bZ6cc+25elt29ZvP728S9hFeaZ5j6NeLR2/GfjlvgLSa2mZvOTIxtjavLQSHFWLPbjT1dfKuf7Sum6+De2FtPGdoNtIDv+mxue/3n8RTco5munl1/H1d8+aPqdZvHxT+LEbLlEfv6X3gWy878/eaWa7s+XvT0+M3NhNKI/X1C3fGxh2yJflM/iHzrQuP/vjPjnk3y7vRGRncT3R8QDEbE/b/uDEfFQRBxYIv7vn3v4jaX3UJvn/yrI4j+51PGPGEzK8/VtJHrOfPdVs/pbe/87Uk0N5Utaef9rtYEr2XcAAADwf5FW56CTdLhIly5O7YrN6dT56ZmDlXjr3MnaXPVg9KXFla6B0vXQ0fzacJEfuyV/OCJ2VP/TaFM1PzxxfmpbJwMHqvfq1PX/SNPh4dq635v90wtw51jWPFr57sAvvlz9xgDryv2a0L30f+he+j90L/0fulej/n8l4mYHmgKsM5//0L30f+he+j90L/0futLiW+KLH1po507/hcTO4yvafM0TcwNr8sqzy9+qZ40ijfKPdjRNJBHRXhWRLl2mv4XaO5ZIb1vmWJu7ZRmJ/XliQ0S0utWVddurnX1fAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAWC3/BgAA//+cGdz7")

293.589118ms ago: executing program 1 (id=1662):
r0 = socket$inet6(0xa, 0x3, 0x8000000003c)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @dev, 0x9}, 0x1c)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=',', 0x1}, {&(0x7f00000001c0)="30371949c055ebaa78de", 0xa}, {&(0x7f0000000380)="0d015b194eeec2902247470dda7e3fd3eb7c96e4a26226f7d4f53c79d73e57dc029a05a6b0d1dd2c0bf9129d95254fe4e3d064a596e36e7b907993abf0eb6ba87a4a4758738449545e92afbc53c8511b7247", 0x52}], 0x3}, 0x8940)
writev(r0, &(0x7f0000000340)=[{&(0x7f0000000100)="5fc908ce8cb5049e077f3ba953190a8ce22e51a45861006641e661523ed30e13487a64d3e98231a20c5e08ebe24801b531c63d06db0e6cca2bdb10dd7d02d74ab9dd95bd33747598fc1e063ff967b7c16abd2076323dca7cd2cc5ab8225b6d31c8029cfe91c8f8c054ff", 0x6a}, {&(0x7f0000000980)="941dd634f75d70afed00837e63d7a620c1b5fd6f48660a86826b474ffb6274f02f52586f30140dafd6a0baffee63a7bafec8837268f35cf21be882e4ac6c522534080f35b3033aeb3f84e473f0b8c5a0d132378d8d7ff5299fd7616415c9c97f6331af9d07a746bb657558522dcee4c292efe922ce9584ec0ca31b7f5362419bd2084f5f9d2ef32bb866383dcb862e17ae85989ce20040b023f6d6b6cae15622b6b9ab922f95edd7f1fe11b20efdecc038027fe452320671c98e51817e1ab6e62610629bb0fa0b8513df543828b7dc90c220c6e7b17c4c7176508749", 0xdc}, {&(0x7f0000000480)="11", 0x1}], 0x3)

0s ago: executing program 1 (id=1663):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r1 = socket$kcm(0x2, 0xa, 0x2)
r2 = socket$igmp6(0xa, 0x3, 0x2)
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r2, 0x8983, &(0x7f0000000300)={0x0, 'syzkaller1\x00'})
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000340)={@val={0x6}, @void, @eth={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}, @random="d26b98d19dd8", @val={@val={0x88a8, 0x0, 0x0, 0x3}}, {@ipv4={0x800, @dccp={{0x5, 0x4, 0x1, 0x2, 0x24, 0x67, 0x0, 0x0, 0x21, 0x0, @dev, @local}, {{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "20e856", 0x0, "fb148f"}}}}}}}, 0x3e)
sendmsg$netlink(0xffffffffffffffff, 0x0, 0x0)

kernel console output (not intermixed with test programs):

01] EXT4-fs warning (device loop3): dx_probe:881: Enable large directory feature to access it
[  227.551823][ T9101] EXT4-fs warning (device loop3): dx_probe:966: inode #2: comm syz.3.1168: Corrupt directory, running e2fsck is recommended
[  227.638506][ T9115] fuse: Bad value for 'fd'
[  227.752239][ T9106] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  227.792249][ T5223] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  228.346374][ T9117] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  228.369700][ T5281] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  228.621927][ T9124] process 'syz.0.1170' launched './file0' with NULL argv: empty string added
[  229.214461][ T5281] usb 2-1: config 0 has no interfaces?
[  229.220164][ T5281] usb 2-1: New USB device found, idVendor=0458, idProduct=0087, bcdDevice= 0.00
[  229.229324][ T5281] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  229.382238][ T5281] usb 2-1: config 0 descriptor??
[  230.121345][ T5231] usb 2-1: USB disconnect, device number 10
[  230.136918][ T9146] loop4: detected capacity change from 0 to 512
[  230.169277][ T9146] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  230.510973][ T9146] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #16: comm syz.4.1179: invalid indirect mapped block 83886080 (level 1)
[  230.624674][ T9146] EXT4-fs (loop4): 1 orphan inode deleted
[  230.644913][ T9146] EXT4-fs (loop4): 1 truncate cleaned up
[  230.678371][ T9146] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  231.565856][ T9181] input: syz0 as /devices/virtual/input/input22
[  231.567788][ T9178] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[  231.873622][ T9180] loop1: detected capacity change from 0 to 1024
[  232.163036][ T9180] loop1: detected capacity change from 0 to 1024
[  232.466837][ T9194] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1188'.
[  232.951958][ T7772] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  233.068268][ T9200] loop2: detected capacity change from 0 to 512
[  233.088378][ T9165] loop0: detected capacity change from 0 to 40427
[  233.154838][ T9165] F2FS-fs (loop0): Invalid Fs Meta Ino: node(1) meta(262146) root(3)
[  233.169409][ T9200] EXT4-fs: Ignoring removed mblk_io_submit option
[  233.176939][ T9200] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  233.185451][ T9165] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[  233.219176][ T9200] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a042c118, mo2=0002]
[  233.244901][ T9200] System zones: 1-12
[  233.286923][ T9200] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2240: inode #15: comm syz.2.1194: corrupted in-inode xattr: e_value size too large
[  233.326417][ T9165] F2FS-fs (loop0): Found nat_bits in checkpoint
[  233.505142][ T9200] EXT4-fs error (device loop2): ext4_orphan_get:1393: comm syz.2.1194: couldn't read orphan inode 15 (err -117)
[  234.312452][ T9200] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  234.357956][ T9165] F2FS-fs (loop0): Try to recover 2th superblock, ret: 0
[  234.393512][ T9165] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  234.999836][    T8] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  235.696200][    T8] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  235.793150][ T5221] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  235.809642][    T8] usb 2-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  235.830178][    T8] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  235.847007][    T8] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  235.901045][ T5281] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  235.999938][ T9213] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  236.033138][    T8] usb 2-1: Quirk or no altset; falling back to MIDI 1.0
[  236.038936][ T9241] loop3: detected capacity change from 0 to 512
[  236.112337][ T9241] ext4: Unknown parameter 'uid<00000000000000000000'
[  236.460396][ T5281] usb 5-1: config 0 has no interfaces?
[  236.465979][ T5281] usb 5-1: New USB device found, idVendor=0458, idProduct=0087, bcdDevice= 0.00
[  236.479641][ T5281] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  236.521866][ T5281] usb 5-1: config 0 descriptor??
[  236.529182][ T5284] usb 2-1: USB disconnect, device number 11
[  236.831818][ T5283] usb 5-1: USB disconnect, device number 9
[  236.849627][    T8] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  237.765873][    T8] usb 3-1: config 0 has no interfaces?
[  237.774612][    T8] usb 3-1: New USB device found, idVendor=27b8, idProduct=01ed, bcdDevice= 0.00
[  237.826583][    T8] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  238.182229][    T8] usb 3-1: config 0 descriptor??
[  238.383658][ T9286] Â: renamed from pim6reg1
[  238.412613][ T9278] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  238.429420][ T9259] bridge0: entered promiscuous mode
[  238.488917][ T9259] vlan2: entered promiscuous mode
[  238.519814][ T9259] vlan2: entered allmulticast mode
[  238.524957][ T9259] bridge0: entered allmulticast mode
[  238.537439][ T9287] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  238.585601][ T9259] bridge0: left allmulticast mode
[  238.635064][ T9259] bridge0: left promiscuous mode
[  238.946186][ T9282] loop3: detected capacity change from 0 to 40427
[  239.334242][ T9282] F2FS-fs (loop3): Invalid Fs Meta Ino: node(1) meta(262146) root(3)
[  239.344376][ T9282] F2FS-fs (loop3): Can't find valid F2FS filesystem in 2th superblock
[  239.434430][ T1840] usb 3-1: USB disconnect, device number 9
[  239.713484][ T9282] F2FS-fs (loop3): Found nat_bits in checkpoint
[  239.894056][ T9306] pim6reg1: entered promiscuous mode
[  239.913233][ T9306] pim6reg1: entered allmulticast mode
[  239.933735][ T9282] F2FS-fs (loop3): Try to recover 2th superblock, ret: 0
[  239.946254][ T9282] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  240.180261][ T5282] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  240.733105][ T9314] fuse: Bad value for 'fd'
[  240.834164][ T5223] syz-executor: attempt to access beyond end of device
[  240.834164][ T5223] loop3: rw=524288, sector=45064, nr_sectors = 8 limit=40427
[  240.839436][ T9320] fuse: Unknown parameter 'group_id00000000000000000000'
[  240.854915][ T5223] syz-executor: attempt to access beyond end of device
[  240.854915][ T5223] loop3: rw=0, sector=45064, nr_sectors = 8 limit=40427
[  240.975942][ T5282] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  240.987738][ T5282] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  240.999759][ T5282] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  241.009332][ T5282] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  241.029845][ T9307] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  241.053161][ T5282] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  241.086519][   T51] kworker/u8:3: attempt to access beyond end of device
[  241.086519][   T51] loop3: rw=2049, sector=40960, nr_sectors = 40 limit=40427
[  241.137818][   T51] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  241.145180][   T51] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  241.150113][ T5343] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  241.164626][   T51] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  241.194446][   T51] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  241.230497][   T51] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  241.373187][ T5343] usb 6-1: config 0 has no interfaces?
[  241.378936][ T5343] usb 6-1: New USB device found, idVendor=0458, idProduct=0087, bcdDevice= 0.00
[  241.398764][ T5343] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  241.418159][ T5343] usb 6-1: config 0 descriptor??
[  241.697275][ T5343] usb 6-1: USB disconnect, device number 6
[  241.784662][ T5303] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  242.028701][ T5303] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  243.166091][ T5303] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  243.183494][ T9353] loop0: detected capacity change from 0 to 256
[  243.297234][ T9357] fuse: Unknown parameter 'group_id00000000000000000000'
[  243.318854][ T9353] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x39626d3b, utbl_chksum : 0xe619d30d)
[  243.342632][ T5283] usb 5-1: USB disconnect, device number 10
[  244.106518][ T5303] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  244.492339][ T9381] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0
[  244.536357][ T4612] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  244.858545][ T4612] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  244.867778][ T4612] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  244.913833][   T53] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  244.922144][   T53] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  244.929404][   T53] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  244.979586][    T8] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[  245.142810][    T8] usb 2-1: Using ep0 maxpacket: 8
[  246.940023][    T8] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  246.952235][    T8] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  246.962583][    T8] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  246.972609][    T8] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  246.986099][    T8] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  246.995457][    T8] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  247.038497][   T53] Bluetooth: hci2: command tx timeout
[  247.273306][    T8] usb 2-1: usb_control_msg returned -71
[  247.287382][    T8] usbtmc 2-1:16.0: can't read capabilities
[  247.459852][ T5231] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  247.897844][    T8] usb 2-1: USB disconnect, device number 12
[  248.013045][ T5231] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  248.143895][ T5231] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  248.194101][ T5231] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  248.233489][ T5231] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  248.272116][ T9408] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  248.298477][ T5231] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  248.873795][ T5303] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  248.917243][ T5303] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  248.950344][ T5303] bond0 (unregistering): Released all slaves
[  249.005514][ T5231] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  249.151088][ T9373] chnl_net:caif_netlink_parms(): no params data found
[  249.166051][   T53] Bluetooth: hci2: command tx timeout
[  249.231206][ T5303] IPVS: stopping backup sync thread 5602 ...
[  249.366077][ T5231] usb 1-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config
[  249.387125][ T5231] usb 1-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21
[  249.424768][ T5231] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  249.434036][ T5231] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  249.446965][ T5231] usb 1-1: config 0 descriptor??
[  249.499020][ T5231] usbhid 1-1:0.0: couldn't find an input interrupt endpoint
[  249.803558][ T9373] bridge0: port 1(bridge_slave_0) entered blocking state
[  249.851933][ T9373] bridge0: port 1(bridge_slave_0) entered disabled state
[  249.908293][ T9373] bridge_slave_0: entered allmulticast mode
[  249.935566][ T9373] bridge_slave_0: entered promiscuous mode
[  249.990261][ T9373] bridge0: port 2(bridge_slave_1) entered blocking state
[  250.021810][ T9373] bridge0: port 2(bridge_slave_1) entered disabled state
[  250.074814][ T9373] bridge_slave_1: entered allmulticast mode
[  250.084275][ T9373] bridge_slave_1: entered promiscuous mode
[  250.165034][    T8] usb 5-1: USB disconnect, device number 11
[  250.410002][ T9466] loop4: detected capacity change from 0 to 8
[  250.653047][ T9373] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  250.716100][ T9373] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  251.249090][   T53] Bluetooth: hci2: command tx timeout
[  252.172604][    T8] usb 1-1: USB disconnect, device number 7
[  252.283647][ T9488] loop5: detected capacity change from 0 to 512
[  252.516749][ T9488] EXT4-fs warning (device loop5): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  252.528382][ T9488] EXT4-fs warning (device loop5): dx_probe:881: Enable large directory feature to access it
[  252.538618][ T9488] EXT4-fs warning (device loop5): dx_probe:966: inode #2: comm syz.5.1277: Corrupt directory, running e2fsck is recommended
[  252.552947][ T9488] EXT4-fs (loop5): Cannot turn on journaled quota: type 1: error -117
[  252.562119][ T9488] EXT4-fs error (device loop5): ext4_xattr_ibody_find:2240: inode #15: comm syz.5.1277: corrupted in-inode xattr: invalid ea_ino
[  253.217893][ T9488] EXT4-fs (loop5): Remounting filesystem read-only
[  253.225636][ T9488] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  253.303502][ T5303] hsr_slave_0: left promiscuous mode
[  253.317023][ T5303] hsr_slave_1: left promiscuous mode
[  253.344816][   T53] Bluetooth: hci2: command tx timeout
[  253.352373][ T5303] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  253.409060][ T5303] batman_adv: batadv0: Removing interface: batadv_slave_0
[  253.431426][ T6963] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  253.460756][ T5303] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  253.483564][ T5303] batman_adv: batadv0: Removing interface: batadv_slave_1
[  253.605542][ T5303] veth1_macvtap: left promiscuous mode
[  253.620129][ T5303] veth0_macvtap: left promiscuous mode
[  253.627865][ T5303] veth1_vlan: left promiscuous mode
[  253.633416][ T5303] veth0_vlan: left promiscuous mode
[  253.659619][ T5280] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  253.841516][ T5280] usb 5-1: Using ep0 maxpacket: 32
[  253.867039][ T5280] usb 5-1: config index 0 descriptor too short (expected 29220, got 36)
[  253.907098][ T5280] usb 5-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  253.949850][ T5280] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 81
[  253.983815][ T5280] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  254.014357][ T5280] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  254.045503][ T5280] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  254.077682][ T5280] usb 5-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  254.107048][ T5280] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  254.163580][ T5280] usb 5-1: config 0 descriptor??
[  254.382851][ T5280] usblp 5-1:0.0: usblp0: USB Bidirectional printer dev 12 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  254.430368][ T5280] usb 5-1: USB disconnect, device number 12
[  254.471005][ T5280] usblp0: removed
[  255.284411][ T9532] loop5: detected capacity change from 0 to 512
[  256.119966][ T1259] ieee802154 phy0 wpan0: encryption failed: -22
[  256.126332][ T1259] ieee802154 phy1 wpan1: encryption failed: -22
[  256.188866][ T9532] EXT4-fs warning (device loop5): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  256.200461][ T9532] EXT4-fs warning (device loop5): dx_probe:881: Enable large directory feature to access it
[  256.210638][ T9532] EXT4-fs warning (device loop5): dx_probe:966: inode #2: comm syz.5.1295: Corrupt directory, running e2fsck is recommended
[  256.242409][ T9532] EXT4-fs (loop5): Cannot turn on journaled quota: type 1: error -117
[  256.250790][ T9532] EXT4-fs error (device loop5): ext4_xattr_ibody_find:2240: inode #15: comm syz.5.1295: corrupted in-inode xattr: invalid ea_ino
[  256.288156][ T9532] EXT4-fs (loop5): Remounting filesystem read-only
[  256.295891][ T9532] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  256.375726][ T5303] team0 (unregistering): Port device team_slave_1 removed
[  256.455648][ T6963] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  256.711159][ T5303] team0 (unregistering): Port device team_slave_0 removed
[  257.265872][   T53] Bluetooth: hci4: command 0x0406 tx timeout
[  257.748413][ T9545] cgroup: fork rejected by pids controller in /syz4
[  260.068651][ T9373] team0: Port device team_slave_0 added
[  260.094915][ T9373] team0: Port device team_slave_1 added
[  260.259781][ T5231] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  260.366318][ T9373] batman_adv: batadv0: Adding interface: batadv_slave_0
[  260.414499][ T9373] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  260.469712][ T5231] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  260.512789][ T5231] usb 6-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  260.574718][ T5231] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  260.617448][ T9373] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  260.655428][ T5231] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  260.739819][ T9373] batman_adv: batadv0: Adding interface: batadv_slave_1
[  260.760405][ T9599] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  260.791971][ T5231] usb 6-1: Quirk or no altset; falling back to MIDI 1.0
[  260.852180][ T9373] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  261.012925][ T9622] loop1: detected capacity change from 0 to 512
[  261.885286][ T9622] EXT4-fs warning (device loop1): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  261.896971][ T9622] EXT4-fs warning (device loop1): dx_probe:881: Enable large directory feature to access it
[  261.907937][ T9622] EXT4-fs warning (device loop1): dx_probe:966: inode #2: comm syz.1.1310: Corrupt directory, running e2fsck is recommended
[  261.922020][ T9622] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -117
[  262.237756][ T9373] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  262.251635][ T9622] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2240: inode #15: comm syz.1.1310: corrupted in-inode xattr: invalid ea_ino
[  262.339759][ T9622] EXT4-fs (loop1): Remounting filesystem read-only
[  262.347086][ T9622] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  262.509728][ T8616] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  262.732860][ T9373] hsr_slave_0: entered promiscuous mode
[  262.781840][ T9373] hsr_slave_1: entered promiscuous mode
[  262.821420][ T9373] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  262.846464][ T9373] Cannot create hsr debugfs directory
[  263.115295][ T9637] loop1: detected capacity change from 0 to 256
[  263.625900][ T5231] usb 6-1: USB disconnect, device number 7
[  265.744741][ T9666] loop2: detected capacity change from 0 to 256
[  265.815842][ T9666] =======================================================
[  265.815842][ T9666] WARNING: The mand mount option has been deprecated and
[  265.815842][ T9666]          and is ignored by this kernel. Remove the mand
[  265.815842][ T9666]          option from the mount to silence this warning.
[  265.815842][ T9666] =======================================================
[  265.908143][ T9670] loop4: detected capacity change from 0 to 512
[  266.884563][ T9666] FAT-fs (loop2): Directory bread(block 64) failed
[  266.891696][ T9666] FAT-fs (loop2): Directory bread(block 65) failed
[  266.898369][ T9666] FAT-fs (loop2): Directory bread(block 66) failed
[  266.905172][ T9666] FAT-fs (loop2): Directory bread(block 67) failed
[  266.911884][ T9666] FAT-fs (loop2): Directory bread(block 68) failed
[  266.939758][ T9670] EXT4-fs warning (device loop4): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  266.951332][ T9670] EXT4-fs warning (device loop4): dx_probe:881: Enable large directory feature to access it
[  266.952235][ T9666] FAT-fs (loop2): Directory bread(block 69) failed
[  266.961469][ T9670] EXT4-fs warning (device loop4): dx_probe:966: inode #2: comm syz.4.1323: Corrupt directory, running e2fsck is recommended
[  266.981836][ T9670] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -117
[  266.992056][ T9670] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2240: inode #15: comm syz.4.1323: corrupted in-inode xattr: invalid ea_ino
[  267.019685][ T9670] EXT4-fs (loop4): Remounting filesystem read-only
[  267.028056][ T9670] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  267.038783][ T9666] FAT-fs (loop2): Directory bread(block 70) failed
[  267.062769][ T9666] FAT-fs (loop2): Directory bread(block 71) failed
[  267.079355][ T9666] FAT-fs (loop2): Directory bread(block 72) failed
[  267.177022][ T5303] IPVS: stop unused estimator thread 0...
[  267.239738][ T9666] FAT-fs (loop2): Directory bread(block 73) failed
[  267.260666][ T7772] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  267.648183][ T9685] syz.2.1322: attempt to access beyond end of device
[  267.648183][ T9685] loop2: rw=524288, sector=1768, nr_sectors = 4 limit=256
[  267.774561][ T9685] syz.2.1322: attempt to access beyond end of device
[  267.774561][ T9685] loop2: rw=0, sector=1768, nr_sectors = 4 limit=256
[  268.410130][ T5282] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  268.614239][ T5282] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  268.662222][ T5282] usb 5-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  268.733531][ T5282] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66
[  268.800758][ T5282] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9
[  268.841319][ T5282] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024
[  268.853008][   T29] audit: type=1800 audit(1727123366.363:17): pid=9685 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1322" name="file1" dev="loop2" ino=1048623 res=0 errno=0
[  268.915028][ T5282] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  268.933911][ T5282] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  268.983077][ T5282] usb 5-1: Product: syz
[  268.995263][ T5282] usb 5-1: Manufacturer: syz
[  269.050958][ T5282] cdc_wdm 5-1:1.0: skipping garbage
[  269.073401][ T5282] cdc_wdm 5-1:1.0: skipping garbage
[  269.106699][ T5282] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device
[  269.135157][ T5282] cdc_wdm 5-1:1.0: Unknown control protocol
[  269.556902][ T9373] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  269.612257][    C1] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[  269.619198][    C1] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[  269.626706][    C1] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[  269.633372][    C1] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[  269.639639][    C1] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[  269.646252][    C1] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[  269.652528][    C1] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[  269.659125][    C1] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[  269.665378][    C1] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[  269.671981][    C1] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[  269.678229][    C1] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[  269.684835][    C1] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[  269.691096][    C1] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[  269.697698][    C1] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[  269.703980][    C1] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[  269.710582][    C1] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[  269.716834][    C1] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[  269.723433][    C1] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[  269.729690][    C1] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[  269.736285][    C1] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[  269.747945][ T5282] usb 5-1: USB disconnect, device number 13
[  269.753884][    C1] cdc_wdm 5-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19
[  269.770377][ T5225] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  269.795855][ T5225] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  269.804756][ T5225] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  269.874552][ T9373] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  269.957486][ T5225] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  269.965803][ T5225] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[  269.973318][ T5225] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  270.013357][ T9373] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  270.071460][ T9373] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  270.786534][ T9723] loop2: detected capacity change from 0 to 8
[  271.432638][ T9373] 8021q: adding VLAN 0 to HW filter on device bond0
[  271.448863][ T9373] 8021q: adding VLAN 0 to HW filter on device team0
[  271.479855][ T9373] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  271.490259][ T9373] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  271.511109][ T8700] bridge0: port 1(bridge_slave_0) entered blocking state
[  271.518212][ T8700] bridge0: port 1(bridge_slave_0) entered forwarding state
[  271.529074][ T8700] bridge0: port 2(bridge_slave_1) entered blocking state
[  271.536241][ T8700] bridge0: port 2(bridge_slave_1) entered forwarding state
[  271.694588][   T33] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  272.710817][ T5225] Bluetooth: hci6: command tx timeout
[  272.897132][   T33] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  273.368903][ T9693] chnl_net:caif_netlink_parms(): no params data found
[  273.803555][   T33] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  273.961356][ T9373] 8021q: adding VLAN 0 to HW filter on device batadv0
[  274.419056][   T33] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  274.790896][ T5225] Bluetooth: hci6: command tx timeout
[  274.901602][ T5343] hid-generic 0000:04AD:0000.0006: unknown main item tag 0x0
[  274.921458][ T5343] hid-generic 0000:04AD:0000.0006: unknown main item tag 0x0
[  274.957478][ T5343] hid-generic 0000:04AD:0000.0006: unknown main item tag 0x0
[  274.965087][ T5343] hid-generic 0000:04AD:0000.0006: unknown main item tag 0x0
[  274.972546][ T5343] hid-generic 0000:04AD:0000.0006: unknown main item tag 0x0
[  274.980030][ T5343] hid-generic 0000:04AD:0000.0006: unknown main item tag 0x0
[  274.987444][ T5343] hid-generic 0000:04AD:0000.0006: unknown main item tag 0x0
[  274.995169][ T5343] hid-generic 0000:04AD:0000.0006: unknown main item tag 0x0
[  275.002987][ T5343] hid-generic 0000:04AD:0000.0006: unknown main item tag 0x0
[  275.011067][ T5343] hid-generic 0000:04AD:0000.0006: unknown main item tag 0x0
[  275.021835][ T5343] hid-generic 0000:04AD:0000.0006: unknown main item tag 0x0
[  275.029271][ T5343] hid-generic 0000:04AD:0000.0006: unknown main item tag 0x0
[  275.036830][ T5343] hid-generic 0000:04AD:0000.0006: unknown main item tag 0x0
[  275.044334][ T5343] hid-generic 0000:04AD:0000.0006: unknown main item tag 0x0
[  275.052014][ T5343] hid-generic 0000:04AD:0000.0006: unknown main item tag 0x0
[  275.059446][ T5343] hid-generic 0000:04AD:0000.0006: unknown main item tag 0x0
[  275.067458][ T5343] hid-generic 0000:04AD:0000.0006: unknown main item tag 0x0
[  275.074960][ T5343] hid-generic 0000:04AD:0000.0006: unknown main item tag 0x0
[  275.082494][ T5343] hid-generic 0000:04AD:0000.0006: unknown main item tag 0x0
[  275.089949][ T5343] hid-generic 0000:04AD:0000.0006: unknown main item tag 0x0
[  275.097358][ T5343] hid-generic 0000:04AD:0000.0006: unknown main item tag 0x0
[  275.105059][ T5343] hid-generic 0000:04AD:0000.0006: unknown main item tag 0x0
[  275.112907][ T5343] hid-generic 0000:04AD:0000.0006: unknown main item tag 0x0
[  275.120827][ T5343] hid-generic 0000:04AD:0000.0006: unknown main item tag 0x0
[  275.128241][ T5343] hid-generic 0000:04AD:0000.0006: unknown main item tag 0x0
[  275.136094][ T5343] hid-generic 0000:04AD:0000.0006: unknown main item tag 0x0
[  275.143719][ T5343] hid-generic 0000:04AD:0000.0006: unknown main item tag 0x0
[  275.152828][ T5343] hid-generic 0000:04AD:0000.0006: unknown main item tag 0x0
[  275.160520][ T5343] hid-generic 0000:04AD:0000.0006: unknown main item tag 0x0
[  275.168143][ T5343] hid-generic 0000:04AD:0000.0006: unknown main item tag 0x0
[  275.175798][ T5343] hid-generic 0000:04AD:0000.0006: unknown main item tag 0x0
[  275.183528][ T5343] hid-generic 0000:04AD:0000.0006: unknown main item tag 0x0
[  275.750760][ T9373] veth0_vlan: entered promiscuous mode
[  275.762363][ T9373] veth1_vlan: entered promiscuous mode
[  275.901383][ T9693] bridge0: port 1(bridge_slave_0) entered blocking state
[  275.908592][ T9693] bridge0: port 1(bridge_slave_0) entered disabled state
[  275.916031][ T9693] bridge_slave_0: entered allmulticast mode
[  275.924381][ T9693] bridge_slave_0: entered promiscuous mode
[  275.933416][ T9693] bridge0: port 2(bridge_slave_1) entered blocking state
[  275.940582][ T9693] bridge0: port 2(bridge_slave_1) entered disabled state
[  275.947785][ T9693] bridge_slave_1: entered allmulticast mode
[  275.955050][ T9693] bridge_slave_1: entered promiscuous mode
[  275.977556][ T5343] hid-generic 0000:04AD:0000.0006: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  276.074224][ T5231] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  276.143282][ T9373] veth0_macvtap: entered promiscuous mode
[  276.155074][ T9373] veth1_macvtap: entered promiscuous mode
[  276.168428][ T9373] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  276.178886][ T9373] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  276.188818][ T9373] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  276.199288][ T9373] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  276.199585][   T60] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  276.209138][ T9373] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  276.227409][ T9373] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  276.237842][ T9373] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  276.249092][ T9373] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  276.258962][ T9373] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  276.269419][ T9373] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  276.281309][ T9373] batman_adv: batadv0: Interface activated: batadv_slave_0
[  276.293743][ T9373] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  276.304467][ T9373] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  276.314499][ T9373] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  276.324999][ T9373] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  276.334867][ T9373] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  276.345817][ T9373] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  276.357762][ T9373] batman_adv: batadv0: Interface activated: batadv_slave_1
[  276.471854][ T9693] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  276.485773][ T9693] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  276.515598][ T5231] usb 5-1: config 0 has an invalid descriptor of length 159, skipping remainder of the config
[  276.526243][ T5231] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 184, using maximum allowed: 30
[  276.537329][ T5231] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 184
[  276.550691][ T5231] usb 5-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00
[  276.560022][ T5231] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  276.580339][ T5231] usb 5-1: config 0 descriptor??
[  276.661473][   T60] usb 2-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  276.670832][   T60] usb 2-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  276.683843][   T60] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 66
[  276.694110][   T60] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9
[  276.709692][   T60] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024
[  276.791839][   T60] usb 2-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  276.856579][ T9693] team0: Port device team_slave_0 added
[  276.869891][   T60] usb 2-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  276.877947][   T60] usb 2-1: Product: syz
[  276.882288][   T60] usb 2-1: Manufacturer: syz
[  276.901200][   T60] cdc_wdm 2-1:1.0: skipping garbage
[  276.906578][   T60] cdc_wdm 2-1:1.0: skipping garbage
[  276.913227][ T9693] team0: Port device team_slave_1 added
[  276.918921][ T5225] Bluetooth: hci6: command tx timeout
[  276.947079][   T60] cdc_wdm 2-1:1.0: cdc-wdm0: USB WDM device
[  276.953317][   T60] cdc_wdm 2-1:1.0: Unknown control protocol
[  277.134066][    C1] wdm_int_callback: 14 callbacks suppressed
[  277.134096][    C1] cdc_wdm 2-1:1.0: nonzero urb status received: -71
[  277.146626][    C1] wdm_int_callback: 14 callbacks suppressed
[  277.146643][    C1] cdc_wdm 2-1:1.0: wdm_int_callback - 0 bytes
[  277.158852][    C1] cdc_wdm 2-1:1.0: nonzero urb status received: -71
[  277.165461][    C1] cdc_wdm 2-1:1.0: wdm_int_callback - 0 bytes
[  277.167944][ T9765] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  277.171572][    C1] hrtimer: interrupt took 37526081 ns
[  277.171728][    C1] cdc_wdm 2-1:1.0: nonzero urb status received: -71
[  277.190360][    C1] cdc_wdm 2-1:1.0: wdm_int_callback - 0 bytes
[  277.196718][    C1] cdc_wdm 2-1:1.0: nonzero urb status received: -71
[  277.203341][    C1] cdc_wdm 2-1:1.0: wdm_int_callback - 0 bytes
[  277.209671][    C1] cdc_wdm 2-1:1.0: nonzero urb status received: -71
[  277.216299][    C1] cdc_wdm 2-1:1.0: wdm_int_callback - 0 bytes
[  277.222585][    C1] cdc_wdm 2-1:1.0: nonzero urb status received: -71
[  277.229205][    C1] cdc_wdm 2-1:1.0: wdm_int_callback - 0 bytes
[  277.235516][    C1] cdc_wdm 2-1:1.0: nonzero urb status received: -71
[  277.242142][    C1] cdc_wdm 2-1:1.0: wdm_int_callback - 0 bytes
[  277.248590][    C1] cdc_wdm 2-1:1.0: nonzero urb status received: -71
[  277.255212][    C1] cdc_wdm 2-1:1.0: wdm_int_callback - 0 bytes
[  277.261503][    C1] cdc_wdm 2-1:1.0: nonzero urb status received: -71
[  277.268114][    C1] cdc_wdm 2-1:1.0: wdm_int_callback - 0 bytes
[  277.274400][    C1] cdc_wdm 2-1:1.0: nonzero urb status received: -71
[  277.281022][    C1] cdc_wdm 2-1:1.0: wdm_int_callback - 0 bytes
[  277.302077][ T5231] usb 5-1: string descriptor 0 read error: -71
[  277.322080][ T5231] usb 5-1: USB disconnect, device number 14
[  277.333550][   T25] usb 2-1: USB disconnect, device number 13
[  277.339500][    C1] cdc_wdm 2-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19
[  277.468371][ T9788] loop5: detected capacity change from 0 to 40427
[  277.503611][ T9788] F2FS-fs (loop5): Invalid Fs Meta Ino: node(1) meta(262146) root(3)
[  277.511901][ T9788] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock
[  277.546577][ T9788] F2FS-fs (loop5): Found nat_bits in checkpoint
[  277.701512][ T9788] F2FS-fs (loop5): Try to recover 2th superblock, ret: 0
[  277.718901][ T9788] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  277.778579][ T9788] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore
[  277.799624][ T9788] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off.
[  277.833747][ T9788] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  277.972141][ T6963] syz-executor: attempt to access beyond end of device
[  277.972141][ T6963] loop5: rw=524288, sector=45064, nr_sectors = 8 limit=40427
[  278.019573][ T6963] syz-executor: attempt to access beyond end of device
[  278.019573][ T6963] loop5: rw=0, sector=45064, nr_sectors = 8 limit=40427
[  278.593814][ T9833] loop1: detected capacity change from 0 to 512
[  278.963342][ T5225] Bluetooth: hci6: command tx timeout
[  279.071068][ T9833] EXT4-fs warning (device loop1): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  279.083028][ T9833] EXT4-fs warning (device loop1): dx_probe:881: Enable large directory feature to access it
[  279.093941][ T9833] EXT4-fs warning (device loop1): dx_probe:966: inode #2: comm syz.1.1358: Corrupt directory, running e2fsck is recommended
[  279.146440][ T9833] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -117
[  279.170242][ T9833] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2240: inode #15: comm syz.1.1358: corrupted in-inode xattr: invalid ea_ino
[  279.245000][ T9833] EXT4-fs (loop1): Remounting filesystem read-only
[  279.273502][ T9833] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  279.335501][ T9476] kworker/u8:11: attempt to access beyond end of device
[  279.335501][ T9476] loop5: rw=2049, sector=40960, nr_sectors = 40 limit=40427
[  279.363565][ T9832] EXT4-fs warning (device loop1): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  279.375176][ T9832] EXT4-fs warning (device loop1): dx_probe:881: Enable large directory feature to access it
[  279.385558][ T9832] EXT4-fs warning (device loop1): dx_probe:966: inode #2: comm syz.1.1358: Corrupt directory, running e2fsck is recommended
[  279.480748][ T9839] loop2: detected capacity change from 0 to 8
[  279.483510][ T9476] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  279.507407][ T9476] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  279.516592][ T9476] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  279.524744][ T9476] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  279.533873][ T9476] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  280.060285][ T8616] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  280.516843][   T25] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  280.599002][   T33] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  280.860178][   T25] usb 5-1: device descriptor read/64, error -71
[  280.888970][   T33] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  280.939386][   T33] bond0 (unregistering): Released all slaves
[  280.967960][ T9373] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  280.989601][ T9373] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  281.009599][ T9373] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  281.029583][ T9373] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  281.115666][   T33] tipc: Disabling bearer <eth:team0>
[  281.121968][   T25] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  281.164796][   T33] tipc: Left network mode
[  281.185533][ T9693] batman_adv: batadv0: Adding interface: batadv_slave_0
[  281.209534][ T9693] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  281.299945][   T25] usb 5-1: device descriptor read/64, error -71
[  281.797614][ T9693] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  281.813151][ T9693] batman_adv: batadv0: Adding interface: batadv_slave_1
[  281.820471][ T9693] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  281.835628][   T25] usb usb5-port1: attempt power cycle
[  281.846551][ T9693] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  282.889731][   T25] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  282.931344][   T25] usb 5-1: device descriptor read/8, error -71
[  282.977675][ T9693] hsr_slave_0: entered promiscuous mode
[  283.012309][ T9693] hsr_slave_1: entered promiscuous mode
[  283.056575][ T9693] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  283.106954][ T9693] Cannot create hsr debugfs directory
[  283.256423][ T9878] loop2: detected capacity change from 0 to 1024
[  283.370714][ T9878] loop2: detected capacity change from 0 to 1024
[  283.599126][ T9885] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1370'.
[  284.131767][   T33] hsr_slave_0: left promiscuous mode
[  284.138029][   T33] hsr_slave_1: left promiscuous mode
[  284.273361][   T33] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  284.299586][   T33] batman_adv: batadv0: Removing interface: batadv_slave_0
[  284.394520][   T33] veth1_macvtap: left promiscuous mode
[  284.430328][   T33] veth0_macvtap: left promiscuous mode
[  284.622580][ T1840] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  284.623275][ T9901] loop4: detected capacity change from 0 to 128
[  285.280013][ T1840] usb 3-1: Using ep0 maxpacket: 8
[  285.666765][ T1840] usb 3-1: config index 0 descriptor too short (expected 301, got 45)
[  285.720106][ T1840] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  285.741793][ T1840] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  285.762603][ T1840] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0
[  285.778950][ T1840] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 0
[  285.820786][ T1840] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  285.859685][ T1840] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  285.899577][ T1840] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  285.964118][ T1840] usbtmc 3-1:16.0: probe with driver usbtmc failed with error -22
[  286.085311][   T53] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  286.108135][   T53] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  286.117576][   T53] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  286.140876][   T53] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  286.154516][   T53] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  286.166616][   T53] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  286.170426][ T5280] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[  286.360031][ T5280] usb 2-1: device descriptor read/64, error -71
[  286.600051][ T5280] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[  286.658142][   T33] team0 (unregistering): Port device team_slave_1 removed
[  286.719234][   T33] team0 (unregistering): Port device team_slave_0 removed
[  286.759656][ T5280] usb 2-1: device descriptor read/64, error -71
[  286.870763][ T5280] usb usb2-port1: attempt power cycle
[  287.220059][ T5280] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  287.322391][ T5280] usb 2-1: device descriptor read/8, error -71
[  287.620214][ T5280] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[  287.700259][ T5280] usb 2-1: device descriptor read/8, error -71
[  287.716147][   T25] usb 3-1: USB disconnect, device number 10
[  287.798876][ T9935] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  287.825858][ T5280] usb usb2-port1: unable to enumerate USB device
[  288.022780][ T5281] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[  288.200636][ T5281] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  288.214096][ T5281] usb 5-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  288.228876][   T51] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  288.236853][   T53] Bluetooth: hci4: command tx timeout
[  288.238432][ T5281] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66
[  288.266798][ T5281] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9
[  288.273338][   T51] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  288.316574][ T5281] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024
[  288.359162][ T5281] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  288.388666][ T5281] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  288.409135][ T5281] usb 5-1: Product: syz
[  288.435916][ T5281] usb 5-1: Manufacturer: syz
[  288.463788][ T5281] cdc_wdm 5-1:1.0: skipping garbage
[  288.469044][ T5281] cdc_wdm 5-1:1.0: skipping garbage
[  288.487596][ T5281] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device
[  288.491304][ T9947] fuse: Bad value for 'user_id'
[  288.494295][ T5281] cdc_wdm 5-1:1.0: Unknown control protocol
[  288.530418][ T9947] fuse: Bad value for 'user_id'
[  288.591965][  T185] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  288.609293][  T185] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  288.673530][    C1] wdm_int_callback: 204 callbacks suppressed
[  288.673556][    C1] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[  288.686156][    C1] wdm_int_callback: 204 callbacks suppressed
[  288.686175][    C1] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[  288.698426][    C1] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[  288.705025][    C1] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[  288.711262][    C1] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[  288.717871][    C1] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[  288.724172][    C1] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[  288.730787][    C1] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[  288.737144][    C1] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[  288.743749][    C1] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[  288.750053][    C1] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[  288.756679][    C1] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[  288.762940][    C1] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[  288.769542][    C1] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[  288.775823][    C1] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[  288.782428][    C1] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[  288.788680][    C1] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[  288.795282][    C1] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[  288.801523][    C1] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[  288.808208][    C1] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[  288.863012][   T25] usb 5-1: USB disconnect, device number 19
[  288.863069][    C1] cdc_wdm 5-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19
[  289.291921][  T185] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  289.342590][ T9968] loop2: detected capacity change from 0 to 128
[  289.444808][ T9693] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  289.454967][ T9693] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  289.460041][ T9972] fuse: Bad value for 'fd'
[  289.473025][ T9693] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  289.619311][ T9976] loop1: detected capacity change from 0 to 8
[  290.430797][   T53] Bluetooth: hci4: command tx timeout
[  290.649718][  T185] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  290.739634][ T9693] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  290.798853][ T9915] chnl_net:caif_netlink_parms(): no params data found
[  290.832498][ T9984] syz.4.1392[9984] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  290.832602][ T9984] syz.4.1392[9984] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  290.865430][ T9984] syz.4.1392[9984] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  292.402676][  T185] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  292.466084][   T53] Bluetooth: hci4: command tx timeout
[  293.053507][  T185] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  293.340912][T10013] fuse: Bad value for 'fd'
[  293.381862][ T9693] 8021q: adding VLAN 0 to HW filter on device bond0
[  293.444080][T10016] loop1: detected capacity change from 0 to 128
[  293.512480][ T9915] bridge0: port 1(bridge_slave_0) entered blocking state
[  293.609385][ T9915] bridge0: port 1(bridge_slave_0) entered disabled state
[  293.826355][ T9915] bridge_slave_0: entered allmulticast mode
[  294.119870][ T9915] bridge_slave_0: entered promiscuous mode
[  294.188492][ T9915] bridge0: port 2(bridge_slave_1) entered blocking state
[  294.205857][ T9915] bridge0: port 2(bridge_slave_1) entered disabled state
[  294.222316][ T9915] bridge_slave_1: entered allmulticast mode
[  294.741859][   T53] Bluetooth: hci4: command tx timeout
[  294.753080][ T9915] bridge_slave_1: entered promiscuous mode
[  295.305907][T10027] fuse: Bad value for 'fd'
[  295.710131][ T9693] 8021q: adding VLAN 0 to HW filter on device team0
[  295.723248][ T9476] bridge0: port 1(bridge_slave_0) entered blocking state
[  295.730432][ T9476] bridge0: port 1(bridge_slave_0) entered forwarding state
[  295.860219][ T9915] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  295.876684][ T9476] bridge0: port 2(bridge_slave_1) entered blocking state
[  295.883860][ T9476] bridge0: port 2(bridge_slave_1) entered forwarding state
[  296.114154][ T9915] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  296.963398][T10063] loop1: detected capacity change from 0 to 512
[  297.027594][T10063] EXT4-fs warning (device loop1): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  297.039731][T10063] EXT4-fs warning (device loop1): dx_probe:881: Enable large directory feature to access it
[  297.051284][T10063] EXT4-fs warning (device loop1): dx_probe:966: inode #2: comm syz.1.1409: Corrupt directory, running e2fsck is recommended
[  297.064397][T10063] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -117
[  297.074776][T10063] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2240: inode #15: comm syz.1.1409: corrupted in-inode xattr: invalid ea_ino
[  297.095627][T10063] EXT4-fs (loop1): Remounting filesystem read-only
[  297.103099][T10063] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  297.106596][T10070] fuse: Bad value for 'fd'
[  297.145025][ T8616] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  297.182138][ T9915] team0: Port device team_slave_0 added
[  297.227374][ T9915] team0: Port device team_slave_1 added
[  297.331087][T10073] loop1: detected capacity change from 0 to 128
[  300.731361][  T185] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  300.745992][  T185] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  300.759924][  T185] bond0 (unregistering): Released all slaves
[  300.925980][T10121] loop2: detected capacity change from 0 to 128
[  301.804352][ T9915] batman_adv: batadv0: Adding interface: batadv_slave_0
[  301.821067][ T9915] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  301.892795][ T9915] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  302.889304][ T9915] batman_adv: batadv0: Adding interface: batadv_slave_1
[  302.896455][ T9915] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  302.920681][T10153] syz.3.1434[10153] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  302.922543][T10153] syz.3.1434[10153] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  302.923083][ T9915] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  303.072855][T10153] syz.3.1434[10153] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  303.132670][T10164] syz.3.1434[10164] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  303.189644][T10164] syz.3.1434[10164] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  303.247548][T10164] syz.3.1434[10164] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  303.293374][  T185] hsr_slave_0: left promiscuous mode
[  303.403535][  T185] hsr_slave_1: left promiscuous mode
[  303.431109][  T185] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  303.455682][  T185] batman_adv: batadv0: Removing interface: batadv_slave_0
[  304.005350][  T185] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  304.013441][  T185] batman_adv: batadv0: Removing interface: batadv_slave_1
[  304.037430][  T185] veth1_macvtap: left promiscuous mode
[  304.043223][  T185] veth0_macvtap: left promiscuous mode
[  304.048935][  T185] veth1_vlan: left promiscuous mode
[  304.054457][  T185] veth0_vlan: left promiscuous mode
[  304.644560][ T5280] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  304.797347][  T185] team0 (unregistering): Port device team_slave_1 removed
[  304.803946][ T5280] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  304.829684][ T5280] usb 3-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  304.840875][ T5280] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  304.850216][ T5280] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  304.870857][T10186] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  304.882191][ T5280] usb 3-1: Quirk or no altset; falling back to MIDI 1.0
[  304.888892][  T185] team0 (unregistering): Port device team_slave_0 removed
[  305.228983][ T5231] usb 3-1: USB disconnect, device number 11
[  305.621117][ T9915] hsr_slave_0: entered promiscuous mode
[  305.638277][ T9915] hsr_slave_1: entered promiscuous mode
[  305.894083][ T9693] 8021q: adding VLAN 0 to HW filter on device batadv0
[  305.912312][T10195] loop1: detected capacity change from 0 to 1024
[  306.002233][T10195] loop1: detected capacity change from 0 to 1024
[  306.249786][T10205] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1445'.
[  306.898138][T10209] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1449'.
[  307.221840][ T9693] veth0_vlan: entered promiscuous mode
[  307.247743][ T9693] veth1_vlan: entered promiscuous mode
[  307.295305][T10223] pim6reg1: entered promiscuous mode
[  307.310737][T10223] pim6reg1: entered allmulticast mode
[  307.474448][ T9693] veth0_macvtap: entered promiscuous mode
[  307.849609][ T9693] veth1_macvtap: entered promiscuous mode
[  308.159306][T10242] loop2: detected capacity change from 0 to 128
[  308.185425][T10244] pim6reg1: entered promiscuous mode
[  308.202477][T10244] pim6reg1: entered allmulticast mode
[  309.127669][ T9693] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  309.156308][ T9693] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  309.218290][ T9693] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  309.230496][ T9693] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  309.240959][ T9693] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  309.251962][ T9693] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  309.263992][ T9693] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  309.274727][ T9693] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  309.300669][ T9693] batman_adv: batadv0: Interface activated: batadv_slave_0
[  309.353650][ T9693] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  309.365514][ T9693] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  309.376652][ T9693] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  309.388366][ T9693] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  309.405586][ T9693] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  309.417749][ T9693] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  309.436989][ T9693] batman_adv: batadv0: Interface activated: batadv_slave_1
[  309.449208][ T9693] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  309.458185][ T5280] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  309.473311][ T9693] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  309.516306][ T9693] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  309.533888][ T9693] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  309.546747][T10259] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1462'.
[  309.605250][ T9915] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  309.615109][ T5280] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  309.645766][ T5280] usb 4-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  309.655756][ T5280] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  309.666104][ T5280] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  309.674786][ T9915] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  309.690183][T10251] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  309.753128][ T5280] usb 4-1: Quirk or no altset; falling back to MIDI 1.0
[  309.757444][ T9915] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  309.800811][T10265] fuse: Bad value for 'fd'
[  309.830538][ T9915] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  309.934524][T10268] Driver unsupported XDP return value 0 on prog  (id 81) dev N/A, expect packet loss!
[  310.594754][   T25] usb 4-1: USB disconnect, device number 10
[  310.727261][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  310.759546][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  310.841577][T10285] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  310.901383][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  311.036458][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  311.724318][ T9915] 8021q: adding VLAN 0 to HW filter on device bond0
[  312.305707][ T9915] 8021q: adding VLAN 0 to HW filter on device team0
[  312.357360][ T9915] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  312.367997][ T9915] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  312.389960][ T7030] bridge0: port 1(bridge_slave_0) entered blocking state
[  312.397189][ T7030] bridge0: port 1(bridge_slave_0) entered forwarding state
[  312.446796][ T7030] bridge0: port 2(bridge_slave_1) entered blocking state
[  312.454106][ T7030] bridge0: port 2(bridge_slave_1) entered forwarding state
[  312.765374][T10323] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1475'.
[  312.985430][T10325] fuse: Bad value for 'fd'
[  313.187515][ T9915] 8021q: adding VLAN 0 to HW filter on device batadv0
[  313.388180][T10330] pim6reg1: entered promiscuous mode
[  313.411706][T10330] pim6reg1: entered allmulticast mode
[  314.210238][    T8] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  314.391670][    T8] usb 1-1: config 0 has no interfaces?
[  314.400603][ T9915] veth0_vlan: entered promiscuous mode
[  314.426544][    T8] usb 1-1: New USB device found, idVendor=0458, idProduct=0087, bcdDevice= 0.00
[  314.447547][ T5280] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[  314.498244][    T8] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  314.518476][ T9915] veth1_vlan: entered promiscuous mode
[  314.528315][    T8] usb 1-1: config 0 descriptor??
[  314.584743][ T9915] veth0_macvtap: entered promiscuous mode
[  314.600469][ T9915] veth1_macvtap: entered promiscuous mode
[  314.627270][ T9915] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  314.648348][ T9915] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  314.658745][ T5280] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  314.681068][ T5280] usb 2-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  314.695994][ T9915] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  314.761091][    T8] usb 1-1: USB disconnect, device number 8
[  314.767436][ T5280] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  314.800651][ T9915] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  314.831190][ T5280] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  314.840610][ T9915] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  314.852549][ T9915] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  314.863205][ T9915] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  314.873837][ T9915] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  314.874143][T10370] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  314.883768][ T9915] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  314.901381][ T9915] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  314.913161][ T9915] batman_adv: batadv0: Interface activated: batadv_slave_0
[  314.923534][ T9915] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  314.934134][ T9915] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  314.946887][ T9915] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  314.950451][ T5280] usb 2-1: Quirk or no altset; falling back to MIDI 1.0
[  314.958720][ T9915] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  314.975563][ T9915] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  314.986096][ T9915] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  314.996043][ T9915] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  315.006615][ T9915] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  315.022363][ T9915] batman_adv: batadv0: Interface activated: batadv_slave_1
[  315.036968][ T9915] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  315.045770][ T9915] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  315.055335][ T9915] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  315.065674][ T9915] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  315.396484][ T7030] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  315.426337][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  315.437290][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  315.439182][ T7030] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  316.475084][T10393] fuse: Bad value for 'fd'
[  316.640595][ T1259] ieee802154 phy0 wpan0: encryption failed: -22
[  316.647254][ T1259] ieee802154 phy1 wpan1: encryption failed: -22
[  316.970118][T10397] loop5: detected capacity change from 0 to 512
[  317.772643][T10397] EXT4-fs warning (device loop5): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  317.784347][T10397] EXT4-fs warning (device loop5): dx_probe:881: Enable large directory feature to access it
[  317.794547][T10397] EXT4-fs warning (device loop5): dx_probe:966: inode #2: comm syz.5.1372: Corrupt directory, running e2fsck is recommended
[  317.807668][T10397] EXT4-fs (loop5): Cannot turn on journaled quota: type 1: error -117
[  317.817915][T10397] EXT4-fs error (device loop5): ext4_xattr_ibody_find:2240: inode #15: comm syz.5.1372: corrupted in-inode xattr: invalid ea_ino
[  317.832861][T10397] EXT4-fs (loop5): Remounting filesystem read-only
[  317.841082][T10397] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  317.864515][T10396] EXT4-fs warning (device loop5): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  317.876344][T10396] EXT4-fs warning (device loop5): dx_probe:881: Enable large directory feature to access it
[  317.886636][T10396] EXT4-fs warning (device loop5): dx_probe:966: inode #2: comm syz.5.1372: Corrupt directory, running e2fsck is recommended
[  318.076183][ T5281] usb 2-1: USB disconnect, device number 18
[  318.155922][ T9915] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  318.383123][T10408] netlink: 'syz.1.1495': attribute type 29 has an invalid length.
[  318.392738][T10408] netlink: 'syz.1.1495': attribute type 29 has an invalid length.
[  318.461605][   T25] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  318.709718][ T5281] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[  318.850533][ T5281] usb 2-1: device descriptor read/64, error -71
[  319.640530][ T5281] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[  319.919617][ T5281] usb 2-1: device descriptor read/64, error -71
[  320.040022][ T5281] usb usb2-port1: attempt power cycle
[  320.067925][T10433] fuse: Unknown parameter '0x0000000000000003'
[  320.598140][ T5281] usb 2-1: new high-speed USB device number 21 using dummy_hcd
[  320.603347][   T25] usb 3-1: config 0 has no interfaces?
[  320.619895][   T25] usb 3-1: New USB device found, idVendor=27b8, idProduct=01ed, bcdDevice= 0.00
[  320.638084][   T25] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  320.673606][ T5281] usb 2-1: device descriptor read/8, error -71
[  320.688431][   T25] usb 3-1: config 0 descriptor??
[  320.738255][   T25] usb 3-1: can't set config #0, error -71
[  320.768677][   T25] usb 3-1: USB disconnect, device number 12
[  320.949683][ T5281] usb 2-1: new high-speed USB device number 22 using dummy_hcd
[  320.992839][ T5281] usb 2-1: device descriptor read/8, error -71
[  321.215370][T10444] loop2: detected capacity change from 0 to 512
[  321.945404][T10444] EXT4-fs warning (device loop2): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  321.952739][ T5281] usb usb2-port1: unable to enumerate USB device
[  321.957053][T10444] EXT4-fs warning (device loop2): dx_probe:881: Enable large directory feature to access it
[  321.973577][T10444] EXT4-fs warning (device loop2): dx_probe:966: inode #2: comm syz.2.1505: Corrupt directory, running e2fsck is recommended
[  321.988830][T10444] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -117
[  322.000237][T10444] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2240: inode #15: comm syz.2.1505: corrupted in-inode xattr: invalid ea_ino
[  322.041460][T10444] EXT4-fs (loop2): Remounting filesystem read-only
[  322.049070][T10444] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  322.072695][T10443] EXT4-fs warning (device loop2): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  322.084360][T10443] EXT4-fs warning (device loop2): dx_probe:881: Enable large directory feature to access it
[  322.094493][T10443] EXT4-fs warning (device loop2): dx_probe:966: inode #2: comm syz.2.1505: Corrupt directory, running e2fsck is recommended
[  322.300940][ T5221] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  322.366980][T10455] netlink: 'syz.1.1508': attribute type 29 has an invalid length.
[  322.430614][T10457] team0: Device ipvlan1 failed to register rx_handler
[  322.780313][ T5280] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  322.790300][T10455] netlink: 'syz.1.1508': attribute type 29 has an invalid length.
[  322.932998][ T5280] usb 1-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  322.976792][ T5280] usb 1-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  323.070191][ T5280] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  323.116535][ T5280] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  323.178080][T10452] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  323.219233][ T5280] usb 1-1: Quirk or no altset; falling back to MIDI 1.0
[  323.949678][ T5280] usb 2-1: new high-speed USB device number 23 using dummy_hcd
[  324.163291][ T5280] usb 2-1: config 0 has no interfaces?
[  324.181260][ T5280] usb 2-1: New USB device found, idVendor=0458, idProduct=0087, bcdDevice= 0.00
[  324.203627][T10477] fuse: Unknown parameter '0x0000000000000003'
[  324.215165][ T5280] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  324.257114][ T5280] usb 2-1: config 0 descriptor??
[  324.868802][ T5358] usb 2-1: USB disconnect, device number 23
[  325.160306][ T5225] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  325.235524][ T5281] usb 1-1: USB disconnect, device number 9
[  325.281268][ T5225] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  325.294896][ T5225] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  325.302996][ T5225] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  325.310672][ T5225] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  325.318082][ T5225] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  325.336474][   T25] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  326.091709][   T53] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  326.105477][   T53] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  326.114204][   T53] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  326.122675][   T53] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  326.132015][   T53] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[  326.146442][   T53] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  326.170335][   T25] usb 3-1: config 0 has no interfaces?
[  326.175869][   T25] usb 3-1: New USB device found, idVendor=27b8, idProduct=01ed, bcdDevice= 0.00
[  326.185021][   T25] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  326.332022][   T25] usb 3-1: config 0 descriptor??
[  326.605443][T10481] chnl_net:caif_netlink_parms(): no params data found
[  326.849876][T10480] bridge0: entered promiscuous mode
[  326.861818][T10480] vlan2: entered promiscuous mode
[  326.867139][T10480] vlan2: entered allmulticast mode
[  326.877246][T10480] bridge0: entered allmulticast mode
[  326.980185][T10480] bridge0: left allmulticast mode
[  326.985501][T10480] bridge0: left promiscuous mode
[  327.136071][ T5281] usb 3-1: USB disconnect, device number 13
[  327.208413][   T64] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  327.227235][T10503] netlink: 'syz.1.1525': attribute type 29 has an invalid length.
[  327.236722][T10506] netlink: 'syz.1.1525': attribute type 29 has an invalid length.
[  327.362573][T10488] chnl_net:caif_netlink_parms(): no params data found
[  327.481795][   T64] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  327.501466][   T53] Bluetooth: hci5: command tx timeout
[  327.549953][T10481] bridge0: port 1(bridge_slave_0) entered blocking state
[  327.557439][T10481] bridge0: port 1(bridge_slave_0) entered disabled state
[  327.565087][T10481] bridge_slave_0: entered allmulticast mode
[  327.575778][T10481] bridge_slave_0: entered promiscuous mode
[  328.159656][T10481] bridge0: port 2(bridge_slave_1) entered blocking state
[  328.209946][T10481] bridge0: port 2(bridge_slave_1) entered disabled state
[  328.222860][   T53] Bluetooth: hci7: command tx timeout
[  328.274143][T10481] bridge_slave_1: entered allmulticast mode
[  328.375769][T10481] bridge_slave_1: entered promiscuous mode
[  328.567269][   T64] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  328.898604][T10528] fuse: Unknown parameter '0x0000000000000003'
[  328.947456][T10481] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  329.074343][   T64] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  329.251047][T10488] bridge0: port 1(bridge_slave_0) entered blocking state
[  329.301883][T10488] bridge0: port 1(bridge_slave_0) entered disabled state
[  329.325775][T10488] bridge_slave_0: entered allmulticast mode
[  329.352995][T10488] bridge_slave_0: entered promiscuous mode
[  329.431850][T10481] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  329.582541][   T53] Bluetooth: hci5: command tx timeout
[  329.606249][T10488] bridge0: port 2(bridge_slave_1) entered blocking state
[  329.656789][T10488] bridge0: port 2(bridge_slave_1) entered disabled state
[  329.775360][T10488] bridge_slave_1: entered allmulticast mode
[  329.830528][T10488] bridge_slave_1: entered promiscuous mode
[  330.034125][T10481] team0: Port device team_slave_0 added
[  330.093042][T10481] team0: Port device team_slave_1 added
[  330.229649][   T25] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  330.232221][T10488] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  330.306694][   T53] Bluetooth: hci7: command tx timeout
[  330.451234][   T25] usb 3-1: config 0 has no interfaces?
[  330.456762][   T25] usb 3-1: New USB device found, idVendor=0458, idProduct=0087, bcdDevice= 0.00
[  330.530112][T10488] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  330.562571][   T25] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  330.608601][   T25] usb 3-1: config 0 descriptor??
[  330.624555][T10546] netlink: 'syz.1.1536': attribute type 29 has an invalid length.
[  330.689959][T10547] netlink: 'syz.1.1536': attribute type 29 has an invalid length.
[  330.736755][T10481] batman_adv: batadv0: Adding interface: batadv_slave_0
[  330.780512][T10481] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  330.858780][T10481] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  330.902692][ T5281] usb 3-1: USB disconnect, device number 14
[  330.982985][T10481] batman_adv: batadv0: Adding interface: batadv_slave_1
[  331.000186][T10481] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  331.038383][T10481] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  331.103027][   T25] hid-generic 0000:04AD:0000.0007: unknown main item tag 0x0
[  331.130663][T10549] netlink: 'syz.5.1537': attribute type 10 has an invalid length.
[  331.139816][T10549] netlink: 40 bytes leftover after parsing attributes in process `syz.5.1537'.
[  331.146501][   T25] hid-generic 0000:04AD:0000.0007: unknown main item tag 0x0
[  331.168185][   T25] hid-generic 0000:04AD:0000.0007: unknown main item tag 0x0
[  331.189436][T10549] batman_adv: batadv0: Adding interface: virt_wifi0
[  331.196172][T10549] batman_adv: batadv0: The MTU of interface virt_wifi0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  331.199046][   T25] hid-generic 0000:04AD:0000.0007: unknown main item tag 0x0
[  331.269177][T10556] fuse: Unknown parameter '0x0000000000000003'
[  331.298498][   T25] hid-generic 0000:04AD:0000.0007: unknown main item tag 0x0
[  331.310487][T10549] batman_adv: batadv0: Interface activated: virt_wifi0
[  331.344242][T10488] team0: Port device team_slave_0 added
[  331.353768][T10488] team0: Port device team_slave_1 added
[  331.367561][   T25] hid-generic 0000:04AD:0000.0007: unknown main item tag 0x0
[  331.379596][ T5231] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  331.397554][   T25] hid-generic 0000:04AD:0000.0007: unknown main item tag 0x0
[  331.405336][   T25] hid-generic 0000:04AD:0000.0007: unknown main item tag 0x0
[  331.418686][   T25] hid-generic 0000:04AD:0000.0007: unknown main item tag 0x0
[  331.427431][   T25] hid-generic 0000:04AD:0000.0007: unknown main item tag 0x0
[  331.439861][   T25] hid-generic 0000:04AD:0000.0007: unknown main item tag 0x0
[  331.447283][   T25] hid-generic 0000:04AD:0000.0007: unknown main item tag 0x0
[  331.465556][   T25] hid-generic 0000:04AD:0000.0007: unknown main item tag 0x0
[  331.485439][   T25] hid-generic 0000:04AD:0000.0007: unknown main item tag 0x0
[  331.499351][   T25] hid-generic 0000:04AD:0000.0007: unknown main item tag 0x0
[  331.539950][ T5231] usb 1-1: config 0 has an invalid descriptor of length 159, skipping remainder of the config
[  331.569977][ T5231] usb 1-1: too many endpoints for config 0 interface 0 altsetting 0: 184, using maximum allowed: 30
[  331.594250][   T25] hid-generic 0000:04AD:0000.0007: unknown main item tag 0x0
[  331.614547][   T25] hid-generic 0000:04AD:0000.0007: unknown main item tag 0x0
[  331.625241][ T5231] usb 1-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 184
[  331.659584][   T25] hid-generic 0000:04AD:0000.0007: unknown main item tag 0x0
[  331.659782][   T53] Bluetooth: hci5: command tx timeout
[  331.666998][   T25] hid-generic 0000:04AD:0000.0007: unknown main item tag 0x0
[  331.680078][ T5231] usb 1-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00
[  331.689166][ T5231] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  331.697432][   T25] hid-generic 0000:04AD:0000.0007: unknown main item tag 0x0
[  331.706162][   T25] hid-generic 0000:04AD:0000.0007: unknown main item tag 0x0
[  331.713697][   T25] hid-generic 0000:04AD:0000.0007: unknown main item tag 0x0
[  331.721166][   T25] hid-generic 0000:04AD:0000.0007: unknown main item tag 0x0
[  331.728595][   T25] hid-generic 0000:04AD:0000.0007: unknown main item tag 0x0
[  331.736176][   T25] hid-generic 0000:04AD:0000.0007: unknown main item tag 0x0
[  331.744603][   T25] hid-generic 0000:04AD:0000.0007: unknown main item tag 0x0
[  331.752888][   T25] hid-generic 0000:04AD:0000.0007: unknown main item tag 0x0
[  331.760432][   T25] hid-generic 0000:04AD:0000.0007: unknown main item tag 0x0
[  331.767890][   T25] hid-generic 0000:04AD:0000.0007: unknown main item tag 0x0
[  331.775405][   T25] hid-generic 0000:04AD:0000.0007: unknown main item tag 0x0
[  331.782935][   T25] hid-generic 0000:04AD:0000.0007: unknown main item tag 0x0
[  331.790848][   T25] hid-generic 0000:04AD:0000.0007: unknown main item tag 0x0
[  331.830478][ T5231] usb 1-1: config 0 descriptor??
[  331.835973][   T25] hid-generic 0000:04AD:0000.0007: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  331.894620][T10567] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  331.949305][T10568] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  332.504601][ T5225] Bluetooth: hci7: command tx timeout
[  332.859093][T10579] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  332.925399][   T64] bridge_slave_1: left allmulticast mode
[  332.932042][   T64] bridge_slave_1: left promiscuous mode
[  332.941180][   T64] bridge0: port 2(bridge_slave_1) entered disabled state
[  332.961352][   T64] bridge_slave_0: left allmulticast mode
[  332.985040][   T64] bridge_slave_0: left promiscuous mode
[  333.000583][   T64] bridge0: port 1(bridge_slave_0) entered disabled state
[  333.768815][ T5225] Bluetooth: hci5: command tx timeout
[  334.134895][ T5231] usb 1-1: string descriptor 0 read error: -71
[  334.145560][ T5231] usb 1-1: USB disconnect, device number 10
[  334.198596][T10592] fuse: Unknown parameter '0x0000000000000003'
[  334.457849][T10601] syz.2.1555 uses obsolete (PF_INET,SOCK_PACKET)
[  334.535766][   T64] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  334.554042][ T5225] Bluetooth: hci7: command tx timeout
[  334.583312][   T64] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  334.604000][   T64] bond0 (unregistering): Released all slaves
[  334.636879][T10481] hsr_slave_0: entered promiscuous mode
[  334.648150][T10481] hsr_slave_1: entered promiscuous mode
[  334.675898][T10481] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  334.696100][T10481] Cannot create hsr debugfs directory
[  334.820417][T10488] batman_adv: batadv0: Adding interface: batadv_slave_0
[  334.828135][T10488] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  334.870932][T10488] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  334.926076][T10597] netlink: 'syz.0.1553': attribute type 10 has an invalid length.
[  334.947067][T10597] bridge0: port 2(bridge_slave_1) entered disabled state
[  334.954602][T10597] bridge0: port 1(bridge_slave_0) entered disabled state
[  334.997152][T10597] bridge0: port 2(bridge_slave_1) entered blocking state
[  335.004520][T10597] bridge0: port 2(bridge_slave_1) entered forwarding state
[  335.012175][T10597] bridge0: port 1(bridge_slave_0) entered blocking state
[  335.019336][T10597] bridge0: port 1(bridge_slave_0) entered forwarding state
[  335.036451][T10597] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  335.057302][T10600] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1553'.
[  335.074323][T10600] bridge_slave_1: left allmulticast mode
[  335.080982][T10600] bridge_slave_1: left promiscuous mode
[  335.092019][T10600] bridge0: port 2(bridge_slave_1) entered disabled state
[  335.101822][T10600] bridge_slave_0: left allmulticast mode
[  335.107478][T10600] bridge_slave_0: left promiscuous mode
[  335.114178][T10600] bridge0: port 1(bridge_slave_0) entered disabled state
[  335.147127][T10600] bond0: (slave bridge0): Releasing backup interface
[  335.299931][ T1840] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  335.925129][T10488] batman_adv: batadv0: Adding interface: batadv_slave_1
[  335.952909][T10488] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  335.984499][ T1840] usb 6-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config
[  335.996441][ T1840] usb 6-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21
[  336.028554][ T1840] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  336.037994][ T1840] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  336.044648][T10488] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  336.090136][ T1840] usb 6-1: config 0 descriptor??
[  336.125012][ T1840] usbhid 6-1:0.0: couldn't find an input interrupt endpoint
[  336.186844][T10630] fuse: Unknown parameter '0x0000000000000003'
[  336.440875][T10633] batadv0: entered promiscuous mode
[  336.463439][T10633] macsec1: entered promiscuous mode
[  336.477090][T10633] macsec1: entered allmulticast mode
[  336.490315][T10633] batadv0: entered allmulticast mode
[  336.501771][T10636] netlink: 'syz.1.1565': attribute type 29 has an invalid length.
[  336.608781][T10640] netlink: 'syz.1.1565': attribute type 29 has an invalid length.
[  336.644610][T10488] hsr_slave_0: entered promiscuous mode
[  336.656091][T10488] hsr_slave_1: entered promiscuous mode
[  336.663391][T10488] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  336.672121][T10488] Cannot create hsr debugfs directory
[  336.683495][T10643] netlink: 'syz.1.1565': attribute type 29 has an invalid length.
[  336.709750][T10650] netlink: 'syz.2.1569': attribute type 1 has an invalid length.
[  336.820297][   T64] hsr_slave_0: left promiscuous mode
[  336.830765][   T64] hsr_slave_1: left promiscuous mode
[  336.848954][   T64] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  336.870785][   T64] batman_adv: batadv0: Removing interface: batadv_slave_0
[  336.909204][   T64] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  336.938371][   T64] batman_adv: batadv0: Removing interface: batadv_slave_1
[  337.001737][   T64] veth1_macvtap: left promiscuous mode
[  337.007747][   T64] veth0_macvtap: left promiscuous mode
[  337.016278][   T64] veth1_vlan: left promiscuous mode
[  337.022829][   T64] veth0_vlan: left promiscuous mode
[  337.791944][   T64] team0 (unregistering): Port device team_slave_1 removed
[  337.833497][   T64] team0 (unregistering): Port device team_slave_0 removed
[  338.056629][ T5280] usb 6-1: USB disconnect, device number 8
[  338.159122][T10677] fuse: Unknown parameter 'fd0x0000000000000003'
[  338.355905][T10654] bond1: (slave ipip0): The slave device specified does not support setting the MAC address
[  338.366141][T10654] bond1: (slave ipip0): Setting fail_over_mac to active for active-backup mode
[  338.377624][T10654] bond1: (slave ipip0): making interface the new active one
[  338.390853][T10654] bond1: (slave ipip0): Enslaving as an active interface with an up link
[  338.485728][T10666] netlink: 'syz.1.1572': attribute type 10 has an invalid length.
[  338.508534][T10666] bridge0: port 2(bridge_slave_1) entered disabled state
[  338.516065][T10666] bridge0: port 1(bridge_slave_0) entered disabled state
[  338.540426][T10666] bridge0: port 2(bridge_slave_1) entered blocking state
[  338.547525][T10666] bridge0: port 2(bridge_slave_1) entered forwarding state
[  338.555085][T10666] bridge0: port 1(bridge_slave_0) entered blocking state
[  338.562275][T10666] bridge0: port 1(bridge_slave_0) entered forwarding state
[  338.574385][T10666] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  338.584336][T10667] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1572'.
[  338.593363][T10667] bridge_slave_1: left allmulticast mode
[  338.600928][T10667] bridge_slave_1: left promiscuous mode
[  338.606661][T10667] bridge0: port 2(bridge_slave_1) entered disabled state
[  338.616869][T10667] bridge_slave_0: left allmulticast mode
[  338.623037][T10667] bridge_slave_0: left promiscuous mode
[  338.628748][T10667] bridge0: port 1(bridge_slave_0) entered disabled state
[  338.667825][T10667] bond0: (slave bridge0): Releasing backup interface
[  338.931460][T10681] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1579'.
[  338.940823][T10681] netlink: 'syz.5.1579': attribute type 3 has an invalid length.
[  338.975888][T10688] netlink: 'syz.0.1581': attribute type 29 has an invalid length.
[  339.032961][T10691] netlink: 'syz.0.1581': attribute type 29 has an invalid length.
[  339.051397][T10688] netlink: 'syz.0.1581': attribute type 29 has an invalid length.
[  339.333586][T10700] openvswitch: netlink: Actions may not be safe on all matching packets
[  339.603763][T10704] fuse: Unknown parameter 'fd0x0000000000000003'
[  339.761748][ T1840] usb 2-1: new high-speed USB device number 24 using dummy_hcd
[  339.922377][ T1840] usb 2-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config
[  339.941624][ T1840] usb 2-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21
[  339.963325][T10488] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  339.970652][ T1840] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  340.005885][ T1840] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  340.054268][ T1840] usb 2-1: config 0 descriptor??
[  340.094241][ T1840] usbhid 2-1:0.0: couldn't find an input interrupt endpoint
[  340.184245][T10488] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  340.314703][T10488] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  340.468273][T10488] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  340.736672][ T2959] bridge_slave_1: left allmulticast mode
[  340.767813][ T2959] bridge_slave_1: left promiscuous mode
[  340.803255][ T2959] bridge0: port 2(bridge_slave_1) entered disabled state
[  340.824038][ T2959] bridge_slave_0: left allmulticast mode
[  340.837626][ T2959] bridge_slave_0: left promiscuous mode
[  340.854869][ T2959] bridge0: port 1(bridge_slave_0) entered disabled state
[  341.687270][ T2959] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  341.705914][ T2959] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  341.722689][ T2959] bond0 (unregistering): Released all slaves
[  341.757031][T10731] netlink: 'syz.5.1592': attribute type 10 has an invalid length.
[  341.797696][T10731] bridge0: port 2(bridge_slave_1) entered disabled state
[  341.805284][T10731] bridge0: port 1(bridge_slave_0) entered disabled state
[  341.853595][T10731] bridge0: port 2(bridge_slave_1) entered blocking state
[  341.860823][T10731] bridge0: port 2(bridge_slave_1) entered forwarding state
[  341.868218][T10731] bridge0: port 1(bridge_slave_0) entered blocking state
[  341.875423][T10731] bridge0: port 1(bridge_slave_0) entered forwarding state
[  341.903838][T10731] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  341.913159][T10733] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1592'.
[  341.924941][T10733] bridge_slave_1: left allmulticast mode
[  341.930874][T10733] bridge_slave_1: left promiscuous mode
[  341.936673][T10733] bridge0: port 2(bridge_slave_1) entered disabled state
[  341.945753][T10733] bridge_slave_0: left allmulticast mode
[  341.955888][T10733] bridge_slave_0: left promiscuous mode
[  341.962725][T10733] bridge0: port 1(bridge_slave_0) entered disabled state
[  342.012856][T10733] bond0: (slave bridge0): Releasing backup interface
[  342.104649][T10738] netlink: 'syz.2.1595': attribute type 29 has an invalid length.
[  342.113462][T10739] netlink: 'syz.2.1595': attribute type 29 has an invalid length.
[  342.123573][T10742] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1596'.
[  342.247738][T10740] netlink: 'syz.2.1595': attribute type 29 has an invalid length.
[  342.540292][T10488] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  342.557501][T10755] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'syz0'
[  342.584082][   T25] usb 2-1: USB disconnect, device number 24
[  342.670228][T10488] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  342.736521][T10481] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  342.767270][T10481] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  342.828852][T10488] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  342.839950][T10488] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  342.871757][ T2959] hsr_slave_0: left promiscuous mode
[  342.880196][ T2959] hsr_slave_1: left promiscuous mode
[  342.953412][ T1840] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[  343.021113][ T2959] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  343.028625][ T2959] batman_adv: batadv0: Removing interface: batadv_slave_0
[  343.069587][ T2959] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  343.123943][T10769] loop1: detected capacity change from 0 to 8
[  343.160476][ T2959] batman_adv: batadv0: Removing interface: batadv_slave_1
[  343.191036][ T1840] usb 3-1: Using ep0 maxpacket: 8
[  343.247567][ T1840] usb 3-1: config index 0 descriptor too short (expected 301, got 45)
[  343.340284][ T1840] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  343.388740][ T1840] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  343.459222][ T1840] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  343.466554][ T2959] veth1_macvtap: left promiscuous mode
[  343.474940][ T1840] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  343.570549][ T1840] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  343.579700][ T2959] veth0_macvtap: left promiscuous mode
[  343.579898][ T2959] veth1_vlan: left promiscuous mode
[  343.580001][ T2959] veth0_vlan: left promiscuous mode
[  343.601076][ T1840] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  344.110146][ T1840] usb 3-1: usb_control_msg returned -32
[  344.372774][ T1840] usbtmc 3-1:16.0: can't read capabilities
[  344.831287][T10780] usbtmc 3-1:16.0: INITIATE_CLEAR returned 0
[  344.863338][ T2959] team0 (unregistering): Port device team_slave_1 removed
[  344.917271][ T2959] team0 (unregistering): Port device team_slave_0 removed
[  345.383772][T10481] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  345.398282][T10481] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  345.412616][T10777] netlink: 'syz.0.1609': attribute type 29 has an invalid length.
[  345.455079][T10778] netlink: 'syz.0.1609': attribute type 29 has an invalid length.
[  345.820598][T10488] 8021q: adding VLAN 0 to HW filter on device bond0
[  345.894571][T10481] 8021q: adding VLAN 0 to HW filter on device bond0
[  345.964320][T10488] 8021q: adding VLAN 0 to HW filter on device team0
[  346.583737][T10481] 8021q: adding VLAN 0 to HW filter on device team0
[  346.595305][ T5281] usb 3-1: USB disconnect, device number 15
[  346.623463][T10481] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  346.634048][T10481] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  346.725613][T10792] pimreg: entered allmulticast mode
[  346.777518][   T51] bridge0: port 1(bridge_slave_0) entered blocking state
[  346.784748][   T51] bridge0: port 1(bridge_slave_0) entered forwarding state
[  346.831230][   T51] bridge0: port 2(bridge_slave_1) entered blocking state
[  346.838395][   T51] bridge0: port 2(bridge_slave_1) entered forwarding state
[  346.915476][T10795] pimreg: left allmulticast mode
[  347.079535][   T51] bridge0: port 1(bridge_slave_0) entered blocking state
[  347.086801][   T51] bridge0: port 1(bridge_slave_0) entered forwarding state
[  347.641524][   T51] bridge0: port 2(bridge_slave_1) entered blocking state
[  347.648723][   T51] bridge0: port 2(bridge_slave_1) entered forwarding state
[  347.846076][T10481] 8021q: adding VLAN 0 to HW filter on device batadv0
[  348.006724][T10819] netlink: 'syz.1.1622': attribute type 29 has an invalid length.
[  348.078949][T10481] veth0_vlan: entered promiscuous mode
[  348.090545][T10819] netlink: 'syz.1.1622': attribute type 29 has an invalid length.
[  348.128906][T10481] veth1_vlan: entered promiscuous mode
[  348.153647][T10481] veth0_macvtap: entered promiscuous mode
[  348.162937][T10481] veth1_macvtap: entered promiscuous mode
[  348.180628][T10481] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  348.191319][T10481] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  348.201323][T10481] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  348.212214][T10481] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  348.222131][T10481] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  348.233644][T10481] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  348.244569][T10481] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  348.255070][T10481] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  348.266706][T10481] batman_adv: batadv0: Interface activated: batadv_slave_0
[  348.357224][T10481] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  348.367978][T10481] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  348.370376][T10797] loop5: detected capacity change from 0 to 40427
[  348.378074][T10481] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  348.396837][T10481] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  348.406887][T10481] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  348.417507][T10481] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  348.433669][T10481] batman_adv: batadv0: Interface activated: batadv_slave_1
[  348.980045][T10488] 8021q: adding VLAN 0 to HW filter on device batadv0
[  349.019787][T10797] F2FS-fs (loop5): Invalid Fs Meta Ino: node(1) meta(262146) root(3)
[  349.027949][T10797] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock
[  349.033791][T10481] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  349.089649][T10797] F2FS-fs (loop5): Found nat_bits in checkpoint
[  349.118715][T10481] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  349.129763][T10481] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  349.138487][T10481] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  349.237089][T10797] F2FS-fs (loop5): Try to recover 2th superblock, ret: 0
[  349.264790][T10797] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  349.436757][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  349.465593][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  349.487044][T10797] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  349.518234][T10854] loop2: detected capacity change from 0 to 512
[  349.535685][T10797] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  349.535696][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  349.576759][T10854] EXT4-fs warning (device loop2): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  349.589259][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  349.592894][T10854] EXT4-fs warning (device loop2): dx_probe:881: Enable large directory feature to access it
[  349.607845][T10854] EXT4-fs warning (device loop2): dx_probe:966: inode #2: comm syz.2.1629: Corrupt directory, running e2fsck is recommended
[  349.619630][ T5280] usb 2-1: new high-speed USB device number 25 using dummy_hcd
[  349.621829][T10854] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -117
[  349.636769][T10854] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2240: inode #15: comm syz.2.1629: corrupted in-inode xattr: invalid ea_ino
[  349.668714][T10854] EXT4-fs (loop2): Remounting filesystem read-only
[  349.683839][T10854] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  349.742391][ T9915] syz-executor: attempt to access beyond end of device
[  349.742391][ T9915] loop5: rw=524288, sector=45064, nr_sectors = 8 limit=40427
[  349.792118][ T5280] usb 2-1: Using ep0 maxpacket: 8
[  349.792894][ T5221] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  349.807824][ T9915] syz-executor: attempt to access beyond end of device
[  349.807824][ T9915] loop5: rw=0, sector=45064, nr_sectors = 8 limit=40427
[  349.836589][ T5280] usb 2-1: config index 0 descriptor too short (expected 301, got 45)
[  349.867929][ T5280] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  349.909841][ T5280] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  350.279662][ T5280] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  350.307102][ T5280] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  350.313350][T10488] veth0_vlan: entered promiscuous mode
[  350.599037][ T5280] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  350.617857][ T5280] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  350.621754][T10488] veth1_vlan: entered promiscuous mode
[  350.675950][   T11] kworker/u8:0: attempt to access beyond end of device
[  350.675950][   T11] loop5: rw=2049, sector=40960, nr_sectors = 40 limit=40427
[  350.691898][   T11] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  350.702376][   T11] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  350.712481][   T11] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  350.722238][   T11] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  350.729423][   T11] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  350.868957][T10488] veth0_macvtap: entered promiscuous mode
[  350.894569][ T5280] usb 2-1: usb_control_msg returned -32
[  350.902295][T10488] veth1_macvtap: entered promiscuous mode
[  350.929749][ T5280] usbtmc 2-1:16.0: can't read capabilities
[  350.957835][T10488] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  350.991460][T10488] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  351.014684][T10488] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  351.040117][T10488] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  351.051269][T10488] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  351.073247][T10488] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  351.119541][T10488] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  351.144261][T10488] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  351.179890][T10488] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  351.203922][T10488] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  351.223901][T10488] batman_adv: batadv0: Interface activated: batadv_slave_0
[  351.258068][T10488] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  351.307331][T10488] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  351.332559][T10488] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  351.363028][T10488] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  351.377387][T10892] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  351.399300][T10488] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  351.423229][T10488] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  351.437195][T10488] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  351.457563][T10488] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  351.472878][T10488] batman_adv: batadv0: Interface activated: batadv_slave_1
[  351.514740][T10488] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  351.602848][T10488] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  351.701717][T10488] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  351.775270][T10488] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  351.779990][T10902] usbtmc 2-1:16.0: INITIATE_CLEAR returned 0
[  352.440907][   T33] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  352.701044][   T33] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  353.375263][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  353.383216][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  353.419050][   T60] usb 2-1: USB disconnect, device number 25
[  353.459303][   T53] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  353.509797][   T53] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  353.510940][   T33] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  353.550253][   T53] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  353.580821][   T53] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  353.635608][   T53] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  353.648063][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  353.657407][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  353.678137][T10907] loop0: detected capacity change from 0 to 40427
[  353.689212][   T53] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  353.696440][T10907] F2FS-fs (loop0): Invalid Fs Meta Ino: node(1) meta(262146) root(3)
[  353.704970][T10907] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[  353.735407][T10907] F2FS-fs (loop0): Found nat_bits in checkpoint
[  353.774122][T10923] netlink: 'syz.3.1649': attribute type 1 has an invalid length.
[  353.926697][T10923] netlink: 9352 bytes leftover after parsing attributes in process `syz.3.1649'.
[  353.956891][T10907] F2FS-fs (loop0): Try to recover 2th superblock, ret: 0
[  353.972325][T10907] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  354.099766][T10923] netlink: 'syz.3.1649': attribute type 1 has an invalid length.
[  354.122107][   T33] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  354.173612][T10923] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1649'.
[  354.216627][T10907] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  354.254684][T10907] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  354.430528][T10935] loop2: detected capacity change from 0 to 1024
[  354.479629][    T9] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  354.500534][ T9693] syz-executor: attempt to access beyond end of device
[  354.500534][ T9693] loop0: rw=524288, sector=45064, nr_sectors = 8 limit=40427
[  354.608017][ T9693] syz-executor: attempt to access beyond end of device
[  354.608017][ T9693] loop0: rw=0, sector=45064, nr_sectors = 8 limit=40427
[  354.632465][T10935] loop2: detected capacity change from 0 to 1024
[  354.700067][    T9] usb 5-1: device descriptor read/64, error -71
[  357.870185][   T53] Bluetooth: hci2: command tx timeout
[  358.369464][    C1] sched: DL replenish lagged too much
[  358.626254][T10935] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1653'.
[  358.726778][    T9] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[  359.890016][ T9476] kworker/u8:11: attempt to access beyond end of device
[  359.890016][ T9476] loop0: rw=2049, sector=40960, nr_sectors = 40 limit=40427
[  359.918258][   T53] Bluetooth: hci2: command tx timeout
[  359.991887][T10969] loop3: detected capacity change from 0 to 512
[  360.057338][T10969] EXT4-fs (loop3): blocks per group (95) and clusters per group (32768) inconsistent
[  360.067067][ T5283] usb 2-1: new high-speed USB device number 26 using dummy_hcd
[  360.099840][ T9476] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  360.166115][ T9476] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  360.211675][ T9476] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  360.249258][ T9476] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  360.280358][ T5283] usb 2-1: Using ep0 maxpacket: 8
[  360.285676][ T9476] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  360.298581][ T5283] usb 2-1: config index 0 descriptor too short (expected 301, got 45)
[  360.339599][ T5283] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  360.377093][ T5283] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  360.437879][ T5283] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  360.472140][ T5283] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  360.552313][ T5283] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  360.585249][ T5283] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  360.878426][ T5283] usb 2-1: usb_control_msg returned -32
[  360.908907][ T5283] usbtmc 2-1:16.0: can't read capabilities
[  361.593672][T10983] usbtmc 2-1:16.0: INITIATE_CLEAR returned 0
[  361.979768][   T53] Bluetooth: hci2: command tx timeout
[  362.916345][ T5280] usb 2-1: USB disconnect, device number 26
[  363.111324][T10985] loop1: detected capacity change from 0 to 512
[  363.154586][T10985] EXT4-fs warning (device loop1): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  363.215839][T10985] EXT4-fs warning (device loop1): dx_probe:881: Enable large directory feature to access it
[  363.257044][T10985] EXT4-fs warning (device loop1): dx_probe:966: inode #2: comm syz.1.1661: Corrupt directory, running e2fsck is recommended
[  363.305441][T10985] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -117
[  363.329399][T10985] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2240: inode #15: comm syz.1.1661: corrupted in-inode xattr: invalid ea_ino
[  363.382243][T10985] EXT4-fs (loop1): Remounting filesystem read-only
[  363.400735][T10985] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  363.540977][ T8616] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  364.059987][   T53] Bluetooth: hci2: command tx timeout
[  365.191554][ T5225] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  365.201284][ T5225] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  365.211970][ T5225] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  365.232266][ T5225] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  365.240165][ T5225] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  365.248039][ T5225] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  366.009660][ T5225] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  366.019146][ T5225] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  366.028552][ T5225] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  366.040732][ T5225] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  366.050276][ T5225] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  366.057572][ T5225] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  367.339868][ T5225] Bluetooth: hci3: command tx timeout
[  368.139743][ T5225] Bluetooth: hci4: command tx timeout
[  369.419619][ T5225] Bluetooth: hci3: command tx timeout
[  370.219594][ T5225] Bluetooth: hci4: command tx timeout
[  370.308825][   T53] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  370.329832][   T53] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  370.338538][   T53] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  370.349275][   T53] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  370.369749][   T53] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[  370.379074][   T53] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  370.529108][ T5225] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1
[  370.538256][ T5225] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9
[  370.559405][ T5225] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9
[  370.588730][ T5225] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4
[  370.596546][ T5225] Bluetooth: hci8: unexpected cc 0x0c25 length: 249 > 3
[  370.610350][ T5225] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2
[  371.499692][ T5225] Bluetooth: hci3: command tx timeout
[  372.302278][ T5225] Bluetooth: hci4: command tx timeout
[  372.459771][ T5225] Bluetooth: hci6: command tx timeout
[  372.699690][ T5225] Bluetooth: hci8: command tx timeout
[  373.579930][ T5225] Bluetooth: hci3: command tx timeout
[  374.389572][ T5225] Bluetooth: hci4: command tx timeout
[  374.539906][ T5225] Bluetooth: hci6: command tx timeout
[  374.752660][   T53] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1
[  374.769959][   T53] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9
[  374.781887][   T53] Bluetooth: hci8: command tx timeout
[  374.789705][   T53] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9
[  374.801603][   T53] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4
[  374.809290][   T53] Bluetooth: hci9: unexpected cc 0x0c25 length: 249 > 3
[  374.818238][   T53] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2
[  376.621084][   T53] Bluetooth: hci6: command tx timeout
[  376.859755][ T5225] Bluetooth: hci8: command tx timeout
[  376.866035][   T53] Bluetooth: hci9: command tx timeout
[  378.069159][ T1259] ieee802154 phy0 wpan0: encryption failed: -22
[  378.079500][ T1259] ieee802154 phy1 wpan1: encryption failed: -22
[  378.700749][   T53] Bluetooth: hci6: command tx timeout
[  378.939672][ T5225] Bluetooth: hci8: command tx timeout
[  378.946613][   T53] Bluetooth: hci9: command tx timeout
[  381.026234][   T53] Bluetooth: hci9: command tx timeout
[  383.099753][   T53] Bluetooth: hci9: command tx timeout
[  414.982575][ T5225] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  414.996310][ T5225] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  415.004522][ T5225] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  415.029159][ T5225] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  415.037023][ T5225] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[  415.044754][ T5225] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  417.100148][ T5225] Bluetooth: hci7: command tx timeout
[  419.179740][ T5225] Bluetooth: hci7: command tx timeout
[  421.259755][ T5225] Bluetooth: hci7: command tx timeout
[  423.339921][ T5225] Bluetooth: hci7: command tx timeout
[  425.350264][   T53] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1
[  425.367508][   T53] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9
[  425.375515][   T53] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9
[  425.385770][   T53] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4
[  425.393824][   T53] Bluetooth: hci10: unexpected cc 0x0c25 length: 249 > 3
[  425.401473][   T53] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2
[  426.598390][ T5225] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1
[  426.609313][ T5225] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9
[  426.617838][ T5225] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9
[  426.626041][ T5225] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4
[  426.634254][ T5225] Bluetooth: hci11: unexpected cc 0x0c25 length: 249 > 3
[  426.641983][ T5225] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2
[  427.499787][ T5225] Bluetooth: hci10: command tx timeout
[  428.699601][ T5225] Bluetooth: hci11: command tx timeout
[  429.579822][ T5225] Bluetooth: hci10: command tx timeout
[  430.421433][   T53] Bluetooth: hci12: unexpected cc 0x0c03 length: 249 > 1
[  430.439728][ T4612] Bluetooth: hci13: unexpected cc 0x0c03 length: 249 > 1
[  430.448487][ T4612] Bluetooth: hci13: unexpected cc 0x1003 length: 249 > 9
[  430.457986][ T4612] Bluetooth: hci13: unexpected cc 0x1001 length: 249 > 9
[  430.465885][ T4612] Bluetooth: hci12: unexpected cc 0x1003 length: 249 > 9
[  430.475679][ T4612] Bluetooth: hci12: unexpected cc 0x1001 length: 249 > 9
[  430.483910][ T4612] Bluetooth: hci12: unexpected cc 0x0c23 length: 249 > 4
[  430.491687][ T4612] Bluetooth: hci12: unexpected cc 0x0c25 length: 249 > 3
[  430.499078][ T4612] Bluetooth: hci12: unexpected cc 0x0c38 length: 249 > 2
[  430.511918][ T5225] Bluetooth: hci13: unexpected cc 0x0c23 length: 249 > 4
[  430.530672][ T4612] Bluetooth: hci13: unexpected cc 0x0c25 length: 249 > 3
[  430.539027][ T4612] Bluetooth: hci13: unexpected cc 0x0c38 length: 249 > 2
[  430.779553][ T4612] Bluetooth: hci11: command tx timeout
[  431.659752][ T4612] Bluetooth: hci10: command tx timeout
[  432.539605][ T4612] Bluetooth: hci12: command tx timeout
[  432.619548][ T4612] Bluetooth: hci13: command tx timeout
[  432.859604][ T4612] Bluetooth: hci11: command tx timeout
[  433.739903][ T4612] Bluetooth: hci10: command tx timeout
[  434.619665][ T4612] Bluetooth: hci12: command tx timeout
[  434.699658][ T4612] Bluetooth: hci13: command tx timeout
[  434.939523][ T4612] Bluetooth: hci11: command tx timeout
[  435.061386][   T53] Bluetooth: hci14: unexpected cc 0x0c03 length: 249 > 1
[  435.071108][   T53] Bluetooth: hci14: unexpected cc 0x1003 length: 249 > 9
[  435.080179][   T53] Bluetooth: hci14: unexpected cc 0x1001 length: 249 > 9
[  435.089626][   T53] Bluetooth: hci14: unexpected cc 0x0c23 length: 249 > 4
[  435.097498][   T53] Bluetooth: hci14: unexpected cc 0x0c25 length: 249 > 3
[  435.104970][   T53] Bluetooth: hci14: unexpected cc 0x0c38 length: 249 > 2
[  436.709651][ T4612] Bluetooth: hci12: command tx timeout
[  436.786018][ T4612] Bluetooth: hci13: command tx timeout
[  437.179591][ T4612] Bluetooth: hci14: command tx timeout
[  438.780703][ T4612] Bluetooth: hci12: command tx timeout
[  438.859700][ T4612] Bluetooth: hci13: command tx timeout
[  439.263364][ T4612] Bluetooth: hci14: command tx timeout
[  439.503240][ T1259] ieee802154 phy0 wpan0: encryption failed: -22
[  439.518863][ T1259] ieee802154 phy1 wpan1: encryption failed: -22
[  441.342373][ T4612] Bluetooth: hci14: command tx timeout
[  443.419612][ T4612] Bluetooth: hci14: command tx timeout
[  451.825956][   T53] Bluetooth: hci5: command 0x0406 tx timeout
[  474.743343][   T53] Bluetooth: hci15: unexpected cc 0x0c03 length: 249 > 1
[  474.753815][   T53] Bluetooth: hci15: unexpected cc 0x1003 length: 249 > 9
[  474.762997][   T53] Bluetooth: hci15: unexpected cc 0x1001 length: 249 > 9
[  474.780145][   T53] Bluetooth: hci15: unexpected cc 0x0c23 length: 249 > 4
[  474.789757][   T53] Bluetooth: hci15: unexpected cc 0x0c25 length: 249 > 3
[  474.800425][   T53] Bluetooth: hci15: unexpected cc 0x0c38 length: 249 > 2
[  476.859639][   T53] Bluetooth: hci15: command tx timeout
[  478.939530][   T53] Bluetooth: hci15: command tx timeout
[  481.019538][   T53] Bluetooth: hci15: command tx timeout
[  482.547522][   T53] Bluetooth: hci2: command 0x0406 tx timeout
[  483.099505][ T4612] Bluetooth: hci15: command tx timeout
[  485.776711][ T5225] Bluetooth: hci16: unexpected cc 0x0c03 length: 249 > 1
[  485.786173][ T5225] Bluetooth: hci16: unexpected cc 0x1003 length: 249 > 9
[  485.794142][ T5225] Bluetooth: hci16: unexpected cc 0x1001 length: 249 > 9
[  485.811626][ T5225] Bluetooth: hci16: unexpected cc 0x0c23 length: 249 > 4
[  485.819474][ T5225] Bluetooth: hci16: unexpected cc 0x0c25 length: 249 > 3
[  485.827190][ T5225] Bluetooth: hci16: unexpected cc 0x0c38 length: 249 > 2
[  487.184742][   T53] Bluetooth: hci17: unexpected cc 0x0c03 length: 249 > 1
[  487.193486][   T53] Bluetooth: hci17: unexpected cc 0x1003 length: 249 > 9
[  487.202840][   T53] Bluetooth: hci17: unexpected cc 0x1001 length: 249 > 9
[  487.211936][   T53] Bluetooth: hci17: unexpected cc 0x0c23 length: 249 > 4
[  487.220290][   T53] Bluetooth: hci17: unexpected cc 0x0c25 length: 249 > 3
[  487.227633][   T53] Bluetooth: hci17: unexpected cc 0x0c38 length: 249 > 2
[  487.659860][ T5225] Bluetooth: hci3: command 0x0406 tx timeout
[  487.899587][ T4612] Bluetooth: hci16: command tx timeout
[  489.339816][ T4612] Bluetooth: hci17: command tx timeout
[  489.979542][ T4612] Bluetooth: hci16: command tx timeout
[  491.005168][T11068] Bluetooth: hci18: unexpected cc 0x0c03 length: 249 > 1
[  491.014012][T11068] Bluetooth: hci18: unexpected cc 0x1003 length: 249 > 9
[  491.022343][T11068] Bluetooth: hci18: unexpected cc 0x1001 length: 249 > 9
[  491.030613][T11068] Bluetooth: hci18: unexpected cc 0x0c23 length: 249 > 4
[  491.038356][T11068] Bluetooth: hci18: unexpected cc 0x0c25 length: 249 > 3
[  491.046179][T11068] Bluetooth: hci18: unexpected cc 0x0c38 length: 249 > 2
[  491.076451][T11064] Bluetooth: hci19: unexpected cc 0x0c03 length: 249 > 1
[  491.085411][T11064] Bluetooth: hci19: unexpected cc 0x1003 length: 249 > 9
[  491.093808][T11064] Bluetooth: hci19: unexpected cc 0x1001 length: 249 > 9
[  491.105479][T11064] Bluetooth: hci19: unexpected cc 0x0c23 length: 249 > 4
[  491.130087][T11064] Bluetooth: hci19: unexpected cc 0x0c25 length: 249 > 3
[  491.138885][T11064] Bluetooth: hci19: unexpected cc 0x0c38 length: 249 > 2
[  491.419584][T11064] Bluetooth: hci17: command tx timeout
[  492.059544][T11064] Bluetooth: hci16: command tx timeout
[  492.807554][T11068] Bluetooth: hci4: command 0x0406 tx timeout
[  492.815095][T11068] Bluetooth: hci6: command 0x0406 tx timeout
[  492.821218][T11064] Bluetooth: hci8: command 0x0406 tx timeout
[  493.099745][ T4612] Bluetooth: hci18: command tx timeout
[  493.182855][ T4612] Bluetooth: hci19: command tx timeout
[  493.499658][ T4612] Bluetooth: hci17: command tx timeout
[  494.139527][ T4612] Bluetooth: hci16: command tx timeout
[  495.143368][   T53] Bluetooth: hci20: unexpected cc 0x0c03 length: 249 > 1
[  495.154459][   T53] Bluetooth: hci20: unexpected cc 0x1003 length: 249 > 9
[  495.163648][   T53] Bluetooth: hci20: unexpected cc 0x1001 length: 249 > 9
[  495.174110][   T53] Bluetooth: hci20: unexpected cc 0x0c23 length: 249 > 4
[  495.181462][ T5225] Bluetooth: hci18: command tx timeout
[  495.188397][   T53] Bluetooth: hci20: unexpected cc 0x0c25 length: 249 > 3
[  495.196777][   T53] Bluetooth: hci20: unexpected cc 0x0c38 length: 249 > 2
[  495.259551][ T4612] Bluetooth: hci19: command tx timeout
[  495.583510][ T4612] Bluetooth: hci17: command tx timeout
[  497.259941][ T4612] Bluetooth: hci20: command tx timeout
[  497.266701][ T4612] Bluetooth: hci18: command tx timeout
[  497.346394][ T4612] Bluetooth: hci19: command tx timeout
[  497.906088][ T4612] Bluetooth: hci9: command 0x0406 tx timeout
[  499.339844][ T4612] Bluetooth: hci20: command tx timeout
[  499.346843][   T53] Bluetooth: hci18: command tx timeout
[  499.425992][   T53] Bluetooth: hci19: command tx timeout
[  500.949906][ T1259] ieee802154 phy0 wpan0: encryption failed: -22
[  500.956240][ T1259] ieee802154 phy1 wpan1: encryption failed: -22
[  501.419847][   T53] Bluetooth: hci20: command tx timeout
[  503.506445][   T53] Bluetooth: hci20: command tx timeout
[  508.620043][   T30] INFO: task kworker/u8:2:33 blocked for more than 143 seconds.
[  508.627732][   T30]       Not tainted 6.11.0-syzkaller-08833-gde5cb0dcb74c #0
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  508.670276][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  508.703142][   T30] task:kworker/u8:2    state:D stack:18960 pid:33    tgid:33    ppid:2      flags:0x00004000
[  508.755573][   T30] Workqueue: netns cleanup_net
[  508.827918][   T30] Call Trace:
[  508.849426][   T30]  <TASK>
[  508.852398][   T30]  __schedule+0x1895/0x4b30
[  508.856963][   T30]  ? __pfx___schedule+0x10/0x10
[  508.965992][   T30]  ? __pfx_lock_release+0x10/0x10
[  509.006768][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  509.017516][   T30]  ? kthread_data+0x52/0xd0
[  509.049469][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  509.055154][   T30]  ? wq_worker_sleeping+0x66/0x240
[  509.119673][   T30]  ? schedule+0x90/0x320
[  509.123977][   T30]  schedule+0x14b/0x320
[  509.128174][   T30]  schedule_timeout+0xb0/0x310
[  509.188020][   T30]  ? __pfx_schedule_timeout+0x10/0x10
[  509.215622][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  509.224784][   T30]  ? wait_for_completion+0x2fe/0x620
[  509.236438][   T30]  ? wait_for_completion+0x2fe/0x620
[  509.242063][   T30]  ? _raw_spin_unlock_irq+0x23/0x50
[  509.247300][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  509.259835][   T30]  ? lockdep_hardirqs_on+0x99/0x150
[  509.265080][   T30]  ? wait_for_completion+0x2fe/0x620
[  509.279709][   T30]  wait_for_completion+0x355/0x620
[  509.284862][   T30]  ? rcu_is_watching+0x15/0xb0
[  509.296459][   T30]  ? __pfx_wait_for_completion+0x10/0x10
[  509.307138][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  509.319668][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  509.325839][   T30]  ? __rcu_read_unlock+0xa1/0x110
[  509.338772][   T30]  __flush_work+0xa37/0xc50
[  509.344848][   T30]  ? lockdep_hardirqs_on+0x99/0x150
[  509.355962][   T30]  ? __flush_work+0xe7/0xc50
[  509.362057][   T30]  ? __pfx___flush_work+0x10/0x10
[  509.367138][   T30]  ? __pfx_wq_barrier_func+0x10/0x10
[  509.378395][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  509.385466][   T30]  ? preempt_schedule_thunk+0x1a/0x30
[  509.398232][   T30]  unregister_netdevice_many_notify+0x87b/0x1da0
[  509.408324][   T30]  ? net_generic+0x1f/0x240
[  509.418985][   T30]  ? __pfx_unregister_netdevice_many_notify+0x10/0x10
[  509.428381][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  509.439647][   T30]  ? unregister_netdevice_queue+0x26b/0x370
[  509.445601][   T30]  ? __pfx_unregister_netdevice_queue+0x10/0x10
[  509.460026][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  509.465723][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  509.478398][   T30]  ? nexthop_net_exit_batch_rtnl+0x100/0x150
[  509.484792][   T30]  cleanup_net+0x75d/0xcc0
[  509.489266][   T30]  ? __pfx_cleanup_net+0x10/0x10
[  509.499433][   T30]  ? process_scheduled_works+0x976/0x1850
[  509.515376][   T30]  process_scheduled_works+0xa65/0x1850
[  509.524537][   T30]  ? __pfx_process_scheduled_works+0x10/0x10
[  509.535358][   T30]  ? assign_work+0x364/0x3d0
[  509.542750][   T30]  worker_thread+0x870/0xd30
[  509.547401][   T30]  ? __kthread_parkme+0x169/0x1d0
[  509.557393][   T30]  ? __pfx_worker_thread+0x10/0x10
[  509.565068][   T30]  kthread+0x2f2/0x390
[  509.569173][   T30]  ? __pfx_worker_thread+0x10/0x10
[  509.579526][   T30]  ? __pfx_kthread+0x10/0x10
[  509.584149][   T30]  ret_from_fork+0x4d/0x80
[  509.588604][   T30]  ? __pfx_kthread+0x10/0x10
[  509.600846][   T30]  ret_from_fork_asm+0x1a/0x30
[  509.605678][   T30]  </TASK>
[  509.617211][   T30] INFO: task jbd2/sda1-8:4636 blocked for more than 144 seconds.
[  509.626348][   T30]       Not tainted 6.11.0-syzkaller-08833-gde5cb0dcb74c #0
[  509.639756][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  509.648447][   T30] task:jbd2/sda1-8     state:D stack:23888 pid:4636  tgid:4636  ppid:2      flags:0x00004000
[  509.664849][   T30] Call Trace:
[  509.668162][   T30]  <TASK>
[  509.672628][   T30]  __schedule+0x1895/0x4b30
[  509.677198][   T30]  ? __pfx___schedule+0x10/0x10
[  509.688028][   T30]  ? __pfx_lock_release+0x10/0x10
[  509.696222][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  509.708031][   T30]  ? schedule+0x90/0x320
[  509.716100][   T30]  schedule+0x14b/0x320
[  509.726325][   T30]  io_schedule+0x8d/0x110
[  509.732573][   T30]  bit_wait_io+0x12/0xd0
[  509.736857][   T30]  __wait_on_bit+0xb2/0x2f0
[  509.747456][   T30]  ? __pfx_bit_wait_io+0x10/0x10
[  509.755504][   T30]  out_of_line_wait_on_bit+0x1d5/0x260
[  509.766644][   T30]  ? __pfx_bit_wait_io+0x10/0x10
[  509.776271][   T30]  ? __pfx_out_of_line_wait_on_bit+0x10/0x10
[  509.788007][   T30]  ? __pfx_wake_bit_function+0x10/0x10
[  509.794861][   T30]  jbd2_journal_commit_transaction+0x3df6/0x67e0
[  509.806915][   T30]  ? __pfx_jbd2_journal_commit_transaction+0x10/0x10
[  509.818966][   T30]  ? lockdep_hardirqs_on+0x99/0x150
[  509.829445][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  509.836299][   T30]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  509.848035][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  509.855057][   T30]  ? __try_to_del_timer_sync+0x2ad/0x340
[  509.866986][   T30]  ? __timer_delete_sync+0x15c/0x310
[  509.875305][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  509.886666][   T30]  ? __timer_delete_sync+0x25d/0x310
[  509.893417][   T30]  ? __pfx___timer_delete_sync+0x10/0x10
[  509.899095][   T30]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  509.911757][   T30]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  509.925914][   T30]  ? prepare_to_wait+0x186/0x210
[  509.936022][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  509.945924][   T30]  ? finish_wait+0xd4/0x1e0
[  509.954459][   T30]  kjournald2+0x41c/0x7b0
[  509.958927][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  509.969257][   T30]  ? __pfx_kjournald2+0x10/0x10
[  509.978240][   T30]  ? __pfx_autoremove_wake_function+0x10/0x10
[  509.988256][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  509.997794][   T30]  ? __kthread_parkme+0x169/0x1d0
[  510.007724][   T30]  ? __pfx_kjournald2+0x10/0x10
[  510.017368][   T30]  kthread+0x2f2/0x390
[  510.026370][   T30]  ? __pfx_kjournald2+0x10/0x10
[  510.033910][   T30]  ? __pfx_kthread+0x10/0x10
[  510.038535][   T30]  ret_from_fork+0x4d/0x80
[  510.048349][   T30]  ? __pfx_kthread+0x10/0x10
[  510.057453][   T30]  ret_from_fork_asm+0x1a/0x30
[  510.067137][   T30]  </TASK>
[  510.072838][   T30] INFO: task dhcpcd:4887 blocked for more than 144 seconds.
[  510.085488][   T30]       Not tainted 6.11.0-syzkaller-08833-gde5cb0dcb74c #0
[  510.095429][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  510.109420][   T30] task:dhcpcd          state:D stack:20128 pid:4887  tgid:4887  ppid:4886   flags:0x00000002
[  510.130917][   T30] Call Trace:
[  510.134228][   T30]  <TASK>
[  510.137181][   T30]  __schedule+0x1895/0x4b30
[  510.149524][   T30]  ? __pfx___schedule+0x10/0x10
[  510.154426][   T30]  ? __pfx_lock_release+0x10/0x10
[  510.166368][   T30]  ? __mutex_trylock_common+0x92/0x2e0
[  510.172337][   T30]  ? schedule+0x90/0x320
[  510.176737][   T30]  schedule+0x14b/0x320
[  510.189196][   T30]  schedule_preempt_disabled+0x13/0x30
[  510.195524][   T30]  __mutex_lock+0x6a7/0xd70
[  510.206906][   T30]  ? __mutex_lock+0x52a/0xd70
[  510.211923][   T30]  ? devinet_ioctl+0x2ce/0x1aa0
[  510.216824][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  510.239436][   T30]  ? apparmor_capable+0x13b/0x1b0
[  510.244515][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  510.260637][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  510.266332][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  510.278953][   T30]  devinet_ioctl+0x2ce/0x1aa0
[  510.283977][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  510.296522][   T30]  ? get_user_ifreq+0x1bb/0x200
[  510.303025][   T30]  inet_ioctl+0x3d7/0x4f0
[  510.307398][   T30]  ? __pfx_inet_ioctl+0x10/0x10
[  510.321634][   T30]  ? lockdep_hardirqs_on+0x99/0x150
[  510.334435][   T30]  sock_do_ioctl+0x15a/0x460
[  510.339082][   T30]  ? __pfx_sock_do_ioctl+0x10/0x10
[  510.347497][   T30]  ? __pfx_lock_release+0x10/0x10
[  510.359126][   T30]  sock_ioctl+0x626/0x8e0
[  510.365954][   T30]  ? __pfx_sock_ioctl+0x10/0x10
[  510.375542][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  510.386382][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  510.397157][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  510.405979][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  510.416344][   T30]  ? __pfx_sock_ioctl+0x10/0x10
[  510.428867][   T30]  __se_sys_ioctl+0xfb/0x170
[  510.438270][   T30]  do_syscall_64+0xf3/0x230
[  510.445287][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  510.454980][   T30] RIP: 0033:0x7f00e8720d49
[  510.468867][   T30] RSP: 002b:00007ffdbd6b9a28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  510.482764][   T30] RAX: ffffffffffffffda RBX: 00007f00e86526c0 RCX: 00007f00e8720d49
[  510.495417][   T30] RDX: 00007ffdbd6c9c18 RSI: 0000000000008914 RDI: 0000000000000015
[  510.505846][   T30] RBP: 00007ffdbd6d9dd8 R08: 00007ffdbd6c9bd8 R09: 00007ffdbd6c9b88
[  510.519054][   T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  510.536431][   T30] R13: 00007ffdbd6c9c18 R14: 0000000000000028 R15: 0000000000008914
[  510.546410][   T30]  </TASK>
[  510.557159][   T30] INFO: task syz-executor:9693 blocked for more than 145 seconds.
[  510.565255][   T30]       Not tainted 6.11.0-syzkaller-08833-gde5cb0dcb74c #0
[  510.579283][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  510.588240][   T30] task:syz-executor    state:D stack:20528 pid:9693  tgid:9693  ppid:1      flags:0x00004002
[  510.608331][   T30] Call Trace:
[  510.611841][   T30]  <TASK>
[  510.614801][   T30]  __schedule+0x1895/0x4b30
[  510.619361][   T30]  ? __pfx___schedule+0x10/0x10
[  510.634456][   T30]  ? __pfx_lock_release+0x10/0x10
[  510.646250][   T30]  ? __mutex_trylock_common+0x92/0x2e0
[  510.652633][   T30]  ? schedule+0x90/0x320
[  510.656914][   T30]  schedule+0x14b/0x320
[  510.668434][   T30]  schedule_preempt_disabled+0x13/0x30
[  510.675193][   T30]  __mutex_lock+0x6a7/0xd70
[  510.686600][   T30]  ? __mutex_lock+0x52a/0xd70
[  510.691415][   T30]  ? tun_chr_close+0x3b/0x1b0
[  510.696142][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  510.708368][   T30]  ? __pfx_call_rcu+0x10/0x10
[  510.718079][   T30]  tun_chr_close+0x3b/0x1b0
[  510.729429][   T30]  ? __pfx_tun_chr_close+0x10/0x10
[  510.736918][   T30]  __fput+0x241/0x880
[  510.749443][   T30]  task_work_run+0x251/0x310
[  510.754239][   T30]  ? kasan_quarantine_put+0xdc/0x230
[  510.766908][   T30]  ? __pfx_task_work_run+0x10/0x10
[  510.772337][   T30]  ? do_exit+0xa2a/0x28e0
[  510.776695][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  510.789412][   T30]  ? kmem_cache_free+0x1a2/0x420
[  510.794395][   T30]  ? do_exit+0xa2a/0x28e0
[  510.798752][   T30]  do_exit+0xa2f/0x28e0
[  510.811610][   T30]  ? __pfx_do_exit+0x10/0x10
[  510.816230][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  510.829211][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  510.838310][   T30]  ? _raw_spin_unlock_irq+0x23/0x50
[  510.850444][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  510.856133][   T30]  ? lockdep_hardirqs_on+0x99/0x150
[  510.868432][   T30]  do_group_exit+0x207/0x2c0
[  510.873832][   T30]  __x64_sys_exit_group+0x3f/0x40
[  510.878888][   T30]  x64_sys_call+0x2634/0x2640
[  510.889764][   T30]  do_syscall_64+0xf3/0x230
[  510.894660][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  510.907501][   T30] RIP: 0033:0x7f37f257def9
[  510.912826][   T30] RSP: 002b:00007fff367ae7e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[  510.928173][   T30] RAX: ffffffffffffffda RBX: 00007f37f25f0a86 RCX: 00007f37f257def9
[  510.936474][   T30] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
[  510.953663][   T30] RBP: 0000000000000010 R08: 00007fff367ac586 R09: 00007fff367afaa0
[  510.964074][   T30] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fff367afaa0
[  510.979108][   T30] R13: 00007f37f25f0a14 R14: 000055557a2b24a8 R15: 00007fff367b0b60
[  510.989125][   T30]  </TASK>
[  510.997874][   T30] INFO: task syz-executor:10917 blocked for more than 145 seconds.
[  511.007198][   T30]       Not tainted 6.11.0-syzkaller-08833-gde5cb0dcb74c #0
[  511.019631][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  511.028982][   T30] task:syz-executor    state:D stack:21728 pid:10917 tgid:10917 ppid:1      flags:0x00004004
[  511.051682][   T30] Call Trace:
[  511.054986][   T30]  <TASK>
[  511.057933][   T30]  __schedule+0x1895/0x4b30
[  511.069177][   T30]  ? __pfx___schedule+0x10/0x10
[  511.074439][   T30]  ? __pfx_lock_release+0x10/0x10
[  511.086238][   T30]  ? __mutex_trylock_common+0x92/0x2e0
[  511.094523][   T30]  ? schedule+0x90/0x320
[  511.098826][   T30]  schedule+0x14b/0x320
[  511.109418][   T30]  schedule_preempt_disabled+0x13/0x30
[  511.114940][   T30]  __mutex_lock+0x6a7/0xd70
[  511.126009][   T30]  ? __mutex_lock+0x52a/0xd70
[  511.131487][   T30]  ? rtnl_newlink+0xab7/0x20a0
[  511.136299][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  511.149423][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  511.155100][   T30]  ? __asan_memset+0x23/0x50
[  511.166987][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  511.173416][   T30]  ? nla_strscpy+0x113/0x180
[  511.178129][   T30]  rtnl_newlink+0xab7/0x20a0
[  511.191444][   T30]  ? rtnl_newlink+0x4b1/0x20a0
[  511.196262][   T30]  ? rtnl_newlink+0x4b1/0x20a0
[  511.206349][   T30]  ? __pfx_rtnl_newlink+0x10/0x10
[  511.215173][   T30]  ? __pfx___mutex_trylock_common+0x10/0x10
[  511.225834][   T30]  ? __pfx_lock_release+0x10/0x10
[  511.233330][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  511.239013][   T30]  ? __pfx_rtnl_newlink+0x10/0x10
[  511.249462][   T30]  rtnetlink_rcv_msg+0x741/0xcf0
[  511.254434][   T30]  ? rtnetlink_rcv_msg+0x1a7/0xcf0
[  511.284397][   T30]  ? __lock_acquire+0x1384/0x2050
[  511.294168][   T30]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  511.303223][   T30]  netlink_rcv_skb+0x1e5/0x430
[  511.308033][   T30]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  511.317669][   T30]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  511.326607][   T30]  ? netlink_deliver_tap+0x2e/0x1b0
[  511.337389][   T30]  netlink_unicast+0x7f8/0x990
[  511.349655][   T30]  ? __pfx_netlink_unicast+0x10/0x10
[  511.354979][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  511.366875][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  511.373287][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  511.378963][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  511.393313][   T30]  ? __check_object_size+0x48e/0x900
[  511.398644][   T30]  netlink_sendmsg+0x8e4/0xcb0
[  511.408239][   T30]  ? __pfx_netlink_sendmsg+0x10/0x10
[  511.415989][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  511.426738][   T30]  ? aa_sock_msg_perm+0x91/0x160
[  511.434162][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  511.446597][   T30]  ? __pfx_netlink_sendmsg+0x10/0x10
[  511.456550][   T30]  __sock_sendmsg+0x223/0x270
[  511.465854][   T30]  __sys_sendto+0x398/0x4f0
[  511.473286][   T30]  ? __pfx___sys_sendto+0x10/0x10
[  511.478387][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  511.489182][   T30]  ? blkcg_maybe_throttle_current+0x1ab/0xb80
[  511.497857][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  511.509427][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  511.515726][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  511.528102][   T30]  __x64_sys_sendto+0xde/0x100
[  511.533695][   T30]  do_syscall_64+0xf3/0x230
[  511.538258][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  511.549412][   T30] RIP: 0033:0x7f410377fd8c
[  511.558074][   T30] RSP: 002b:00007ffc511cfb90 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
[  511.572100][   T30] RAX: ffffffffffffffda RBX: 00007f4104464620 RCX: 00007f410377fd8c
[  511.586540][   T30] RDX: 000000000000003c RSI: 00007f4104464670 RDI: 0000000000000003
[  511.594833][   T30] RBP: 0000000000000000 R08: 00007ffc511cfbe4 R09: 000000000000000c
[  511.609602][   T30] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003
[  511.617604][   T30] R13: 0000000000000000 R14: 00007f4104464670 R15: 0000000000000000
[  511.632967][   T30]  </TASK>
[  511.636086][   T30] INFO: task syz.1.1663:10991 blocked for more than 146 seconds.
[  511.651803][   T30]       Not tainted 6.11.0-syzkaller-08833-gde5cb0dcb74c #0
[  511.666055][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  511.678520][   T30] task:syz.1.1663      state:D stack:27360 pid:10991 tgid:10990 ppid:8616   flags:0x00000004
[  511.696213][   T30] Call Trace:
[  511.699825][   T30]  <TASK>
[  511.702783][   T30]  __schedule+0x1895/0x4b30
[  511.707347][   T30]  ? __pfx___schedule+0x10/0x10
[  511.719283][   T30]  ? __pfx_lock_release+0x10/0x10
[  511.724956][   T30]  ? __mutex_trylock_common+0x92/0x2e0
[  511.737210][   T30]  ? schedule+0x90/0x320
[  511.743669][   T30]  schedule+0x14b/0x320
[  511.747866][   T30]  schedule_preempt_disabled+0x13/0x30
[  511.759316][   T30]  __mutex_lock+0x6a7/0xd70
[  511.763917][   T30]  ? __mutex_lock+0x52a/0xd70
[  511.768629][   T30]  ? __tun_chr_ioctl+0x48c/0x2400
[  511.780058][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  511.785132][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  511.797581][   T30]  ? __might_fault+0xc6/0x120
[  511.805480][   T30]  __tun_chr_ioctl+0x48c/0x2400
[  511.816238][   T30]  ? __pfx___tun_chr_ioctl+0x10/0x10
[  511.823503][   T30]  ? __fget_files+0x3f3/0x470
[  511.828230][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  511.841282][   T30]  ? __pfx_tun_chr_ioctl+0x10/0x10
[  511.846451][   T30]  __se_sys_ioctl+0xfb/0x170
[  511.857579][   T30]  do_syscall_64+0xf3/0x230
[  511.867268][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  511.877795][   T30] RIP: 0033:0x7f4e0397def9
[  511.885161][   T30] RSP: 002b:00007f4e046bf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  511.898224][   T30] RAX: ffffffffffffffda RBX: 00007f4e03b35f80 RCX: 00007f4e0397def9
[  511.908905][   T30] RDX: 00000000200000c0 RSI: 00000000400454ca RDI: 0000000000000003
[  511.920606][   T30] RBP: 00007f4e039f0b76 R08: 0000000000000000 R09: 0000000000000000
[  511.928607][   T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  511.943402][   T30] R13: 0000000000000000 R14: 00007f4e03b35f80 R15: 00007ffd3a0e98c8
[  511.953904][   T30]  </TASK>
[  511.957021][   T30] INFO: task syz.1.1663:10992 blocked for more than 146 seconds.
[  511.974430][   T30]       Not tainted 6.11.0-syzkaller-08833-gde5cb0dcb74c #0
[  511.985516][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  512.003426][   T30] task:syz.1.1663      state:D stack:27392 pid:10992 tgid:10990 ppid:8616   flags:0x00000004
[  512.018343][   T30] Call Trace:
[  512.024163][   T30]  <TASK>
[  512.027122][   T30]  __schedule+0x1895/0x4b30
[  512.037956][   T30]  ? __pfx___schedule+0x10/0x10
[  512.045505][   T30]  ? __pfx_lock_release+0x10/0x10
[  512.055497][   T30]  ? __mutex_trylock_common+0x92/0x2e0
[  512.066413][   T30]  ? schedule+0x90/0x320
[  512.076521][   T30]  schedule+0x14b/0x320
[  512.081615][   T30]  schedule_preempt_disabled+0x13/0x30
[  512.087119][   T30]  __mutex_lock+0x6a7/0xd70
[  512.095423][   T30]  ? __mutex_lock+0x52a/0xd70
[  512.106332][   T30]  ? vlan_ioctl_handler+0x112/0x9d0
[  512.113459][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  512.118544][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  512.129797][   T30]  ? __might_fault+0xc6/0x120
[  512.134540][   T30]  vlan_ioctl_handler+0x112/0x9d0
[  512.145845][   T30]  ? sock_ioctl+0x661/0x8e0
[  512.151143][   T30]  ? __pfx_vlan_ioctl_handler+0x10/0x10
[  512.156741][   T30]  ? __pfx_vlan_ioctl_handler+0x10/0x10
[  512.168812][   T30]  sock_ioctl+0x682/0x8e0
[  512.177614][   T30]  ? __pfx_sock_ioctl+0x10/0x10
[  512.185086][   T30]  ? __fget_files+0x29/0x470
[  512.195298][   T30]  ? __fget_files+0x3f3/0x470
[  512.202510][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  512.208186][   T30]  ? __pfx_sock_ioctl+0x10/0x10
[  512.219067][   T30]  __se_sys_ioctl+0xfb/0x170
[  512.227367][   T30]  do_syscall_64+0xf3/0x230
[  512.236572][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  512.245065][   T30] RIP: 0033:0x7f4e0397def9
[  512.254144][   T30] RSP: 002b:00007f4e0469e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  512.265032][   T30] RAX: ffffffffffffffda RBX: 00007f4e03b36058 RCX: 00007f4e0397def9
[  512.279552][   T30] RDX: 0000000020000300 RSI: 0000000000008983 RDI: 0000000000000005
[  512.287551][   T30] RBP: 00007f4e039f0b76 R08: 0000000000000000 R09: 0000000000000000
[  512.319824][   T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  512.327843][   T30] R13: 0000000000000000 R14: 00007f4e03b36058 R15: 00007ffd3a0e98c8
[  512.343964][   T30]  </TASK>
[  512.347090][   T30] INFO: task syz.1.1663:10993 blocked for more than 147 seconds.
[  512.361962][   T30]       Not tainted 6.11.0-syzkaller-08833-gde5cb0dcb74c #0
[  512.369272][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  512.389819][   T30] task:syz.1.1663      state:D stack:27392 pid:10993 tgid:10990 ppid:8616   flags:0x00004004
[  512.408011][   T30] Call Trace:
[  512.412056][   T30]  <TASK>
[  512.415016][   T30]  __schedule+0x1895/0x4b30
[  512.426397][   T30]  ? __pfx___schedule+0x10/0x10
[  512.431544][   T30]  ? __pfx_lock_release+0x10/0x10
[  512.436617][   T30]  ? __mutex_trylock_common+0x92/0x2e0
[  512.449214][   T30]  ? schedule+0x90/0x320
[  512.453792][   T30]  schedule+0x14b/0x320
[  512.457988][   T30]  schedule_preempt_disabled+0x13/0x30
[  512.474956][   T30]  __mutex_lock+0x6a7/0xd70
[  512.480737][   T30]  ? __mutex_lock+0x52a/0xd70
[  512.485462][   T30]  ? devinet_ioctl+0x2ce/0x1aa0
[  512.496296][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  512.502370][   T30]  ? apparmor_capable+0x13b/0x1b0
[  512.507449][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  512.524318][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  512.533506][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  512.539187][   T30]  devinet_ioctl+0x2ce/0x1aa0
[  512.547959][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  512.557376][   T30]  ? get_user_ifreq+0x1bb/0x200
[  512.565900][   T30]  inet_ioctl+0x3d7/0x4f0
[  512.573762][   T30]  ? __pfx_inet_ioctl+0x10/0x10
[  512.586518][   T30]  ? lockdep_hardirqs_on+0x99/0x150
[  512.595280][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  512.604948][   T30]  ? packet_ioctl+0x26b/0x350
[  512.613167][   T30]  sock_do_ioctl+0x15a/0x460
[  512.617797][   T30]  ? __pfx_sock_do_ioctl+0x10/0x10
[  512.626754][   T30]  sock_ioctl+0x626/0x8e0
[  512.635097][   T30]  ? __pfx_sock_ioctl+0x10/0x10
[  512.644612][   T30]  ? __fget_files+0x29/0x470
[  512.649240][   T30]  ? __fget_files+0x3f3/0x470
[  512.657663][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  512.667410][   T30]  ? __pfx_sock_ioctl+0x10/0x10
[  512.675785][   T30]  __se_sys_ioctl+0xfb/0x170
[  512.686198][   T30]  do_syscall_64+0xf3/0x230
[  512.697099][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  512.706057][   T30] RIP: 0033:0x7f4e0397def9
[  512.715373][   T30] RSP: 002b:00007f4e033ff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  512.725239][   T30] RAX: ffffffffffffffda RBX: 00007f4e03b36130 RCX: 00007f4e0397def9
[  512.738988][   T30] RDX: 0000000020000180 RSI: 0000000000008914 RDI: 0000000000000004
[  512.748891][   T30] RBP: 00007f4e039f0b76 R08: 0000000000000000 R09: 0000000000000000
[  512.765148][   T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  512.775653][   T30] R13: 0000000000000001 R14: 00007f4e03b36130 R15: 00007ffd3a0e98c8
[  512.792977][   T30]  </TASK>
[  512.796091][   T30] INFO: task syz-executor:10998 blocked for more than 147 seconds.
[  512.807191][   T30]       Not tainted 6.11.0-syzkaller-08833-gde5cb0dcb74c #0
[  512.823233][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  512.836540][   T30] task:syz-executor    state:D stack:24128 pid:10998 tgid:10998 ppid:1      flags:0x00000004
[  512.849249][   T30] Call Trace:
[  512.857649][   T30]  <TASK>
[  512.862833][   T30]  __schedule+0x1895/0x4b30
[  512.867399][   T30]  ? __pfx___schedule+0x10/0x10
[  512.879256][   T30]  ? __pfx_lock_release+0x10/0x10
[  512.889025][   T30]  ? __mutex_trylock_common+0x92/0x2e0
[  512.899119][   T30]  ? schedule+0x90/0x320
[  512.906005][   T30]  schedule+0x14b/0x320
[  512.915221][   T30]  schedule_preempt_disabled+0x13/0x30
[  512.923125][   T30]  __mutex_lock+0x6a7/0xd70
[  512.927683][   T30]  ? __mutex_lock+0x52a/0xd70
[  512.939052][   T30]  ? rtnetlink_rcv_msg+0x6e6/0xcf0
[  512.947017][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  512.956814][   T30]  rtnetlink_rcv_msg+0x6e6/0xcf0
[  512.964708][   T30]  ? rtnetlink_rcv_msg+0x1a7/0xcf0
[  512.974470][   T30]  ? __lock_acquire+0x1384/0x2050
[  512.981954][   T30]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  512.995703][   T30]  netlink_rcv_skb+0x1e5/0x430
[  513.002955][   T30]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  513.008448][   T30]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  513.018994][   T30]  ? netlink_deliver_tap+0x2e/0x1b0
[  513.027113][   T30]  netlink_unicast+0x7f8/0x990
[  513.036540][   T30]  ? __pfx_netlink_unicast+0x10/0x10
[  513.044287][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  513.055960][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  513.064086][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  513.074838][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  513.083206][   T30]  ? __check_object_size+0x48e/0x900
[  513.091260][   T30]  netlink_sendmsg+0x8e4/0xcb0
[  513.096088][   T30]  ? __pfx_netlink_sendmsg+0x10/0x10
[  513.109419][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  513.121148][   T30]  ? aa_sock_msg_perm+0x91/0x160
[  513.126127][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  513.140168][   T30]  ? __pfx_netlink_sendmsg+0x10/0x10
[  513.145581][   T30]  __sock_sendmsg+0x223/0x270
[  513.156081][   T30]  __sys_sendto+0x398/0x4f0
[  513.162039][   T30]  ? __pfx___sys_sendto+0x10/0x10
[  513.167135][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  513.179974][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  513.186008][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  513.201814][   T30]  ? exc_page_fault+0x590/0x8c0
[  513.206715][   T30]  __x64_sys_sendto+0xde/0x100
[  513.216677][   T30]  do_syscall_64+0xf3/0x230
[  513.224986][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  513.235479][   T30] RIP: 0033:0x7f733837fd8c
[  513.242480][   T30] RSP: 002b:00007ffcaecdb360 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
[  513.255494][   T30] RAX: ffffffffffffffda RBX: 00007f7339064620 RCX: 00007f733837fd8c
[  513.267148][   T30] RDX: 0000000000000028 RSI: 00007f7339064670 RDI: 0000000000000003
[  513.279513][   T30] RBP: 0000000000000000 R08: 00007ffcaecdb3b4 R09: 000000000000000c
[  513.287521][   T30] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003
[  513.305647][   T30] R13: 0000000000000000 R14: 00007f7339064670 R15: 0000000000000000
[  513.315555][   T30]  </TASK>
[  513.318685][   T30] 
[  513.318685][   T30] Showing all locks held in the system:
[  513.359449][   T30] 3 locks held by kworker/0:1/9:
[  513.364427][   T30]  #0: ffff88801ac78948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850
[  513.381511][   T30]  #1: ffffc900000e7d00 (deferred_process_work){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850
[  513.399974][   T30]  #2: ffffffff8fccbcc8 (rtnl_mutex){+.+.}-{3:3}, at: switchdev_deferred_process_work+0xe/0x20
[  513.418843][   T30] 1 lock held by khungtaskd/30:
[  513.428198][   T30]  #0: ffffffff8e937ee0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0
[  513.445017][   T30] 5 locks held by kworker/u8:2/33:
[  513.450467][   T30]  #0: ffff88801bae5948 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850
[  513.469470][   T30]  #1: ffffc90000a97d00 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850
[  513.486455][   T30]  #2: ffffffff8fcbf1d0 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0x16a/0xcc0
[  513.496217][   T30]  #3: ffffffff8fccbcc8 (rtnl_mutex){+.+.}-{3:3}, at: cleanup_net+0x6af/0xcc0
[  513.514549][   T30]  #4: ffffffff8e7d1dd0 (cpu_hotplug_lock){++++}-{0:0}, at: unregister_netdevice_many_notify+0x5ea/0x1da0
[  513.535106][   T30] 3 locks held by kworker/u8:3/51:
[  513.541680][   T30]  #0: ffff88814bf37148 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850
[  513.559290][   T30]  #1: ffffc90000bc7d00 ((work_completion)(&(&net->ipv6.addr_chk_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850
[  513.579500][   T30]  #2: ffffffff8fccbcc8 (rtnl_mutex){+.+.}-{3:3}, at: addrconf_verify_work+0x19/0x30
[  513.589096][   T30] 6 locks held by kworker/1:2/1840:
[  513.605242][   T30] 1 lock held by dhcpcd/4887:
[  513.615606][   T30]  #0: ffffffff8fccbcc8 (rtnl_mutex){+.+.}-{3:3}, at: devinet_ioctl+0x2ce/0x1aa0
[  513.626730][   T30] 2 locks held by getty/4973:
[  513.639509][   T30]  #0: ffff88814c25b0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  513.649357][   T30]  #1: ffffc90002f062f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6a6/0x1e00
[  513.666700][   T30] 3 locks held by kworker/0:6/5283:
[  513.678781][   T30]  #0: ffff88801ac79948 ((wq_completion)events_power_efficient){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850
[  513.698073][   T30]  #1: ffffc900044c7d00 ((reg_check_chans).work){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850
[  513.713611][   T30]  #2: ffffffff8fccbcc8 (rtnl_mutex){+.+.}-{3:3}, at: reg_check_chans_work+0x99/0xfd0
[  513.729431][   T30] 2 locks held by kworker/u8:11/9476:
[  513.734830][   T30] 1 lock held by syz-executor/9693:
[  513.747053][   T30]  #0: ffffffff8fccbcc8 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x3b/0x1b0
[  513.757385][   T30] 1 lock held by syz-executor/10917:
[  513.769513][   T30]  #0: ffffffff8fccbcc8 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_newlink+0xab7/0x20a0
[  513.778665][   T30] 1 lock held by syz.4.1658/10959:
[  513.789409][   T30]  #0: ffffffff8fccbcc8 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x3b/0x1b0
[  513.798475][   T30] 1 lock held by syz.1.1663/10991:
[  513.812909][   T30]  #0: ffffffff8fccbcc8 (rtnl_mutex){+.+.}-{3:3}, at: __tun_chr_ioctl+0x48c/0x2400
[  513.826199][   T30] 2 locks held by syz.1.1663/10992:
[  513.835394][   T30]  #0: ffffffff8fcb07e8 (vlan_ioctl_mutex){+.+.}-{3:3}, at: sock_ioctl+0x661/0x8e0
[  513.848447][   T30]  #1: ffffffff8fccbcc8 (rtnl_mutex){+.+.}-{3:3}, at: vlan_ioctl_handler+0x112/0x9d0
[  513.865419][   T30] 1 lock held by syz.1.1663/10993:
[  513.872766][   T30]  #0: ffffffff8fccbcc8 (rtnl_mutex){+.+.}-{3:3}, at: devinet_ioctl+0x2ce/0x1aa0
[  513.888927][   T30] 1 lock held by syz-executor/10998:
[  513.894493][   T30]  #0: ffffffff8fccbcc8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0
[  513.909824][   T30] 1 lock held by syz-executor/11001:
[  513.915149][   T30]  #0: ffffffff8fccbcc8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0
[  513.932853][   T30] 1 lock held by syz-executor/11005:
[  513.938259][   T30]  #0: ffffffff8fccbcc8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0
[  513.954718][   T30] 1 lock held by syz-executor/11009:
[  513.961504][   T30]  #0: ffffffff8fccbcc8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0
[  513.977242][   T30] 1 lock held by syz-executor/11012:
[  513.985390][   T30]  #0: ffffffff8fccbcc8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0
[  513.999493][   T30] 1 lock held by syz-executor/11017:
[  514.004799][   T30]  #0: ffffffff8fccbcc8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0
[  514.022582][   T30] 1 lock held by syz-executor/11023:
[  514.027899][   T30]  #0: ffffffff8fccbcc8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0
[  514.046492][   T30] 1 lock held by syz-executor/11029:
[  514.053195][   T30]  #0: ffffffff8fccbcc8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0
[  514.068566][   T30] 1 lock held by syz-executor/11033:
[  514.075232][   T30]  #0: ffffffff8fccbcc8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0
[  514.089431][   T30] 1 lock held by syz-executor/11034:
[  514.094735][   T30]  #0: ffffffff8fccbcc8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0
[  514.114899][   T30] 1 lock held by syz-executor/11041:
[  514.126010][   T30]  #0: ffffffff8fccbcc8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0
[  514.138685][   T30] 1 lock held by syz-executor/11048:
[  514.150824][   T30]  #0: ffffffff8fccbcc8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0
[  514.166389][   T30] 1 lock held by syz-executor/11054:
[  514.174198][   T30]  #0: ffffffff8fccbcc8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0
[  514.188326][   T30] 1 lock held by syz-executor/11059:
[  514.196525][   T30]  #0: ffffffff8fccbcc8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0
[  514.213029][   T30] 1 lock held by syz-executor/11065:
[  514.225241][   T30]  #0: ffffffff8fccbcc8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0
[  514.242071][   T30] 1 lock held by syz-executor/11066:
[  514.247374][   T30]  #0: ffffffff8fccbcc8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0
[  514.263811][   T30] 1 lock held by syz-executor/11075:
[  514.269116][   T30]  #0: ffffffff8fccbcc8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0
[  514.287749][   T30] 
[  514.290470][   T30] =============================================
[  514.290470][   T30] 
[  514.298903][   T30] NMI backtrace for cpu 0
[  514.303329][   T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.11.0-syzkaller-08833-gde5cb0dcb74c #0
[  514.313507][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  514.323576][   T30] Call Trace:
[  514.326869][   T30]  <TASK>
[  514.329821][   T30]  dump_stack_lvl+0x241/0x360
[  514.334543][   T30]  ? __pfx_dump_stack_lvl+0x10/0x10
[  514.339776][   T30]  ? __pfx__printk+0x10/0x10
[  514.344410][   T30]  nmi_cpu_backtrace+0x49c/0x4d0
[  514.349392][   T30]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  514.354892][   T30]  ? _printk+0xd5/0x120
[  514.359074][   T30]  ? __pfx__printk+0x10/0x10
[  514.363697][   T30]  ? __wake_up_klogd+0xcc/0x110
[  514.368580][   T30]  ? __pfx__printk+0x10/0x10
[  514.373198][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  514.378863][   T30]  ? __rcu_read_unlock+0xa1/0x110
[  514.383924][   T30]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  514.389935][   T30]  nmi_trigger_cpumask_backtrace+0x198/0x320
[  514.395953][   T30]  watchdog+0xff4/0x1040
[  514.400229][   T30]  ? watchdog+0x1ea/0x1040
[  514.404678][   T30]  ? __pfx_watchdog+0x10/0x10
[  514.409388][   T30]  kthread+0x2f2/0x390
[  514.413475][   T30]  ? __pfx_watchdog+0x10/0x10
[  514.418185][   T30]  ? __pfx_kthread+0x10/0x10
[  514.422801][   T30]  ret_from_fork+0x4d/0x80
[  514.427253][   T30]  ? __pfx_kthread+0x10/0x10
[  514.431862][   T30]  ret_from_fork_asm+0x1a/0x30
[  514.436680][   T30]  </TASK>
[  514.440964][   T30] Sending NMI from CPU 0 to CPUs 1:
[  514.446285][    C1] NMI backtrace for cpu 1
[  514.446300][    C1] CPU: 1 UID: 0 PID: 1840 Comm: kworker/1:2 Not tainted 6.11.0-syzkaller-08833-gde5cb0dcb74c #0
[  514.446326][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  514.446341][    C1] Workqueue: events nsim_dev_trap_report_work
[  514.446380][    C1] RIP: 0010:arch_stack_walk+0x100/0x150
[  514.446407][    C1] Code: 70 ff ff ff 4c 89 e6 4c 89 fa e8 1b bb 09 00 83 bd 70 ff ff ff 00 74 37 48 8d 9d 70 ff ff ff 48 89 df e8 c3 91 09 00 48 85 c0 <74> 23 4c 89 f7 48 89 c6 4d 89 eb e8 90 93 94 0a 84 c0 74 11 48 89
[  514.446426][    C1] RSP: 0018:ffffc90000a17c20 EFLAGS: 00000286
[  514.446445][    C1] RAX: ffffffff8991e60f RBX: ffffc90000a17c20 RCX: ffffffff917ac000
[  514.446463][    C1] RDX: ffffffff91959501 RSI: ffffc90000a11000 RDI: ffffffff8991e60f
[  514.446481][    C1] RBP: ffffc90000a17cb0 R08: ffffc90000a18990 R09: ffffc90000a17c70
[  514.446498][    C1] R10: dffffc0000000000 R11: fffff52000142f90 R12: ffff888028dbda00
[  514.446516][    C1] R13: ffffffff81806cf0 R14: ffffc90000a17d00 R15: 0000000000000000
[  514.446536][    C1] FS:  0000000000000000(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000
[  514.446555][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  514.446572][    C1] CR2: 000000002020fa70 CR3: 0000000031ef8000 CR4: 0000000000350ef0
[  514.446590][    C1] Call Trace:
[  514.446598][    C1]  <NMI>
[  514.446607][    C1]  ? nmi_cpu_backtrace+0x3c2/0x4d0
[  514.446645][    C1]  ? __pfx_lock_acquire+0x10/0x10
[  514.446682][    C1]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  514.446718][    C1]  ? nmi_handle+0x2a/0x5a0
[  514.446750][    C1]  ? nmi_cpu_backtrace_handler+0xc/0x20
[  514.446783][    C1]  ? nmi_handle+0x151/0x5a0
[  514.446805][    C1]  ? nmi_handle+0x2a/0x5a0
[  514.446829][    C1]  ? arch_stack_walk+0x100/0x150
[  514.446851][    C1]  ? default_do_nmi+0x63/0x160
[  514.446874][    C1]  ? exc_nmi+0x123/0x1f0
[  514.446896][    C1]  ? end_repeat_nmi+0xf/0x53
[  514.446927][    C1]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  514.446957][    C1]  ? __netif_receive_skb+0x2bf/0x650
[  514.446980][    C1]  ? __init_begin+0x41000/0x41000
[  514.447015][    C1]  ? no_hash_pointers_enable+0xd1/0xe0
[  514.447047][    C1]  ? __netif_receive_skb+0x2bf/0x650
[  514.447068][    C1]  ? arch_stack_walk+0x100/0x150
[  514.447092][    C1]  ? arch_stack_walk+0x100/0x150
[  514.447117][    C1]  ? no_hash_pointers_enable+0xd1/0xe0
[  514.447151][    C1]  ? arch_stack_walk+0x100/0x150
[  514.447175][    C1]  </NMI>
[  514.447182][    C1]  <IRQ>
[  514.447194][    C1]  ? __netif_receive_skb+0x2bf/0x650
[  514.447218][    C1]  stack_trace_save+0x118/0x1d0
[  514.447246][    C1]  ? __pfx_stack_trace_save+0x10/0x10
[  514.447274][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  514.447305][    C1]  ? __lock_acquire+0x1384/0x2050
[  514.447342][    C1]  ? __pfx_dst_destroy_rcu+0x10/0x10
[  514.447374][    C1]  kasan_save_stack+0x3f/0x60
[  514.447395][    C1]  ? kasan_save_stack+0x3f/0x60
[  514.447414][    C1]  ? __kasan_record_aux_stack+0xac/0xc0
[  514.447446][    C1]  ? call_rcu+0x167/0xa70
[  514.447470][    C1]  ? skb_release_head_state+0x73/0x250
[  514.447503][    C1]  ? consume_skb+0x60/0xf0
[  514.447532][    C1]  ? nft_synproxy_eval_v4+0x3d2/0x610
[  514.447561][    C1]  ? nft_synproxy_do_eval+0x362/0xa60
[  514.447588][    C1]  ? nft_do_chain+0x4af/0x1da0
[  514.447616][    C1]  ? nft_do_chain_inet+0x418/0x6b0
[  514.447643][    C1]  ? nf_hook_slow+0xc5/0x220
[  514.447665][    C1]  ? NF_HOOK+0x29e/0x450
[  514.447699][    C1]  ? NF_HOOK+0x3a6/0x450
[  514.447754][    C1]  ? __phys_addr+0xba/0x170
[  514.447778][    C1]  __kasan_record_aux_stack+0xac/0xc0
[  514.447811][    C1]  call_rcu+0x167/0xa70
[  514.447837][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  514.447873][    C1]  ? __pfx_call_rcu+0x10/0x10
[  514.447896][    C1]  ? rcuref_put+0x1e3/0x240
[  514.447926][    C1]  ? __pfx_rcuref_put+0x10/0x10
[  514.447964][    C1]  skb_release_head_state+0x73/0x250
[  514.447998][    C1]  consume_skb+0x60/0xf0
[  514.448029][    C1]  nft_synproxy_eval_v4+0x3d2/0x610
[  514.448062][    C1]  ? __pfx_nft_synproxy_eval_v4+0x10/0x10
[  514.448092][    C1]  ? nf_ip_checksum+0x13a/0x500
[  514.448127][    C1]  nft_synproxy_do_eval+0x362/0xa60
[  514.448160][    C1]  ? __pfx_nft_synproxy_do_eval+0x10/0x10
[  514.448187][    C1]  ? validate_chain+0x11e/0x5920
[  514.448212][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  514.448246][    C1]  ? __pfx_validate_chain+0x10/0x10
[  514.448272][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  514.448308][    C1]  nft_do_chain+0x4af/0x1da0
[  514.448346][    C1]  ? __pfx_nft_do_chain+0x10/0x10
[  514.448374][    C1]  ? __local_bh_enable_ip+0x168/0x200
[  514.448409][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  514.448453][    C1]  ? __pfx_nf_nat_inet_fn+0x10/0x10
[  514.448489][    C1]  nft_do_chain_inet+0x418/0x6b0
[  514.448518][    C1]  ? __pfx_nft_do_chain_inet+0x10/0x10
[  514.448545][    C1]  ? ipt_do_table+0x312/0x1860
[  514.448584][    C1]  ? __pfx_nft_do_chain_inet+0x10/0x10
[  514.448611][    C1]  nf_hook_slow+0xc5/0x220
[  514.448635][    C1]  ? __pfx_ip_local_deliver_finish+0x10/0x10
[  514.448687][    C1]  ? __pfx_ip_local_deliver_finish+0x10/0x10
[  514.448723][    C1]  NF_HOOK+0x29e/0x450
[  514.448755][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  514.448790][    C1]  ? NF_HOOK+0x9a/0x450
[  514.448824][    C1]  ? __pfx_NF_HOOK+0x10/0x10
[  514.448859][    C1]  ? __pfx_ip_local_deliver_finish+0x10/0x10
[  514.448899][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  514.448931][    C1]  ? ip_rcv_finish+0x406/0x560
[  514.448967][    C1]  ? __pfx_ip_rcv_finish+0x10/0x10
[  514.449002][    C1]  NF_HOOK+0x3a6/0x450
[  514.449034][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  514.449066][    C1]  ? __lock_acquire+0x1384/0x2050
[  514.449101][    C1]  ? NF_HOOK+0x9a/0x450
[  514.449138][    C1]  ? __pfx_NF_HOOK+0x10/0x10
[  514.449171][    C1]  ? ip_rcv_core+0x801/0xd10
[  514.449206][    C1]  ? __pfx_ip_rcv_finish+0x10/0x10
[  514.449246][    C1]  ? __pfx_ip_rcv+0x10/0x10
[  514.449281][    C1]  __netif_receive_skb+0x2bf/0x650
[  514.449304][    C1]  ? __pfx_lock_acquire+0x10/0x10
[  514.449339][    C1]  ? __pfx___netif_receive_skb+0x10/0x10
[  514.449360][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  514.449402][    C1]  ? __pfx_lock_release+0x10/0x10
[  514.449438][    C1]  ? _raw_spin_lock_irq+0xdf/0x120
[  514.449474][    C1]  process_backlog+0x662/0x15b0
[  514.449502][    C1]  ? process_backlog+0x33b/0x15b0
[  514.449534][    C1]  ? __pfx_process_backlog+0x10/0x10
[  514.449560][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  514.449599][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  514.449639][    C1]  __napi_poll+0xcd/0x490
[  514.449665][    C1]  net_rx_action+0x89b/0x1240
[  514.449705][    C1]  ? __pfx_net_rx_action+0x10/0x10
[  514.449733][    C1]  ? __pfx_tmigr_handle_remote+0x10/0x10
[  514.449791][    C1]  handle_softirqs+0x2c7/0x980
[  514.449828][    C1]  ? do_softirq+0x11b/0x1e0
[  514.449861][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[  514.449897][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  514.449935][    C1]  do_softirq+0x11b/0x1e0
[  514.449965][    C1]  </IRQ>
[  514.449973][    C1]  <TASK>
[  514.449983][    C1]  ? __pfx_do_softirq+0x10/0x10
[  514.450016][    C1]  ? __pfx_lockdep_softirqs_on+0x10/0x10
[  514.450052][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  514.450088][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  514.450120][    C1]  ? rcu_is_watching+0x15/0xb0
[  514.450151][    C1]  __local_bh_enable_ip+0x1bb/0x200
[  514.450182][    C1]  ? nsim_dev_trap_report_work+0x75d/0xaa0
[  514.450216][    C1]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  514.450247][    C1]  ? do_raw_spin_unlock+0x13c/0x8b0
[  514.450277][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  514.450308][    C1]  ? nsim_dev_trap_report_work+0x6a7/0xaa0
[  514.450346][    C1]  nsim_dev_trap_report_work+0x75d/0xaa0
[  514.450389][    C1]  ? process_scheduled_works+0x976/0x1850
[  514.450421][    C1]  process_scheduled_works+0xa65/0x1850
[  514.450470][    C1]  ? __pfx_process_scheduled_works+0x10/0x10
[  514.450507][    C1]  ? assign_work+0x364/0x3d0
[  514.450540][    C1]  worker_thread+0x870/0xd30
[  514.450582][    C1]  ? __kthread_parkme+0x169/0x1d0
[  514.450617][    C1]  ? __pfx_worker_thread+0x10/0x10
[  514.450650][    C1]  kthread+0x2f2/0x390
[  514.450670][    C1]  ? __pfx_worker_thread+0x10/0x10
[  514.450703][    C1]  ? __pfx_kthread+0x10/0x10
[  514.450724][    C1]  ret_from_fork+0x4d/0x80
[  514.450757][    C1]  ? __pfx_kthread+0x10/0x10
[  514.450779][    C1]  ret_from_fork_asm+0x1a/0x30
[  514.450821][    C1]  </TASK>
[  515.294104][   T30] Kernel panic - not syncing: hung_task: blocked tasks
[  515.301250][   T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.11.0-syzkaller-08833-gde5cb0dcb74c #0
[  515.311421][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  515.321664][   T30] Call Trace:
[  515.324956][   T30]  <TASK>
[  515.327903][   T30]  dump_stack_lvl+0x241/0x360
[  515.332619][   T30]  ? __pfx_dump_stack_lvl+0x10/0x10
[  515.337850][   T30]  ? __pfx__printk+0x10/0x10
[  515.342464][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  515.348489][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  515.354156][   T30]  ? vscnprintf+0x5d/0x90
[  515.358524][   T30]  panic+0x349/0x880
[  515.362445][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  515.368113][   T30]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[  515.374314][   T30]  ? __pfx_panic+0x10/0x10
[  515.378757][   T30]  ? tick_nohz_tick_stopped+0x82/0xb0
[  515.384156][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  515.389816][   T30]  ? __irq_work_queue_local+0x137/0x410
[  515.395395][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  515.401057][   T30]  ? preempt_schedule_thunk+0x1a/0x30
[  515.406463][   T30]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[  515.412652][   T30]  ? nmi_trigger_cpumask_backtrace+0x2d4/0x320
[  515.418846][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  515.424512][   T30]  ? nmi_trigger_cpumask_backtrace+0x2d9/0x320
[  515.430707][   T30]  watchdog+0x1033/0x1040
[  515.435072][   T30]  ? watchdog+0x1ea/0x1040
[  515.439531][   T30]  ? __pfx_watchdog+0x10/0x10
[  515.444245][   T30]  kthread+0x2f2/0x390
[  515.448334][   T30]  ? __pfx_watchdog+0x10/0x10
[  515.453047][   T30]  ? __pfx_kthread+0x10/0x10
[  515.457659][   T30]  ret_from_fork+0x4d/0x80
[  515.462108][   T30]  ? __pfx_kthread+0x10/0x10
[  515.466726][   T30]  ret_from_fork_asm+0x1a/0x30
[  515.471542][   T30]  </TASK>
[  515.474681][   T30] Kernel Offset: disabled
[  515.478999][   T30] Rebooting in 86400 seconds..