last executing test programs:

5.258034515s ago: executing program 1 (id=1073):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x88800, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f00000003c0)={0xc, 0x0, <r1=>0x0})
ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f0000000040)={0x28, 0x7, r1, 0x0, &(0x7f0000800000/0x800000)=nil, 0x800000})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r0, 0x3ba0, &(0x7f0000000340)={0x48, 0x5, r1, 0x0, <r2=>0xffffffffffffffff, 0x1})
ioctl$IOMMU_TEST_OP_ACCESS_PAGES$syz(r0, 0x3ba0, &(0x7f0000000100)={0x48, 0x7, r2, 0x0, 0x0, 0x0, 0x40000, 0x0, 0x334e8b})
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
close_range(r3, 0xffffffffffffffff, 0x0)

4.315027495s ago: executing program 1 (id=1077):
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="9feb01001800000000000000180000001800000004000000020000000100000c02000000000000000000000d00"], 0x0, 0x34}, 0x28)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB="180000000100000000000000801800009500000000000000"], &(0x7f0000000000)='GPL\x00', 0xc, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r0, 0x8, &(0x7f00000000c0)={0x0, 0x1}, 0x1}, 0x94)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000500)=@bpf_ext={0x1a, 0x3, &(0x7f0000001a40)=@framed={{0x18, 0x0, 0x0, 0x0, 0xc4f, 0x0, 0x0, 0x0, 0xfffffffc}}, &(0x7f0000000180)='syzkaller\x00', 0x7, 0x0, 0x0, 0x41000, 0x20, '\x00', 0x0, 0x3a, r0, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x167c1, r1, 0x0, 0x0, 0x0, 0x10, 0x4a7}, 0x94)

4.237051969s ago: executing program 0 (id=1079):
ioctl$PPPIOCNEWUNIT(0xffffffffffffffff, 0xc004743e, 0x0)
r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000880)=@newqdisc={0x6c, 0x24, 0x4ee4e6a52ff56541, 0x1001, 0x25dfdbfc, {0x0, 0x0, 0x0, r2, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x40, 0x2, [@TCA_TBF_PRATE64={0xc, 0x5, 0xc2240edb8ac75ac9}, @TCA_TBF_BURST={0x8, 0x6, 0xff}, @TCA_TBF_PARMS={0x28, 0x1, {{0x59, 0x2, 0x84a, 0x9, 0x1, 0x800}, {0x8c, 0x1, 0xfffc, 0x7fff, 0x4, 0xb}, 0x5, 0x34, 0x91f}}]}}]}, 0x6c}, 0x1, 0x0, 0x0, 0x40088c1}, 0x50)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r3)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000580)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70b926, 0x25dfdbfc, {0x0, 0x0, 0x0, r5, {0x0, 0x8}, {0x1, 0xb}, {0xffff, 0xffe0}}, [@qdisc_kind_options=@q_gred={{0x9}, {0x14, 0x2, [@TCA_GRED_DPS={0x10, 0x3, {0x8, 0x2, 0x0, 0x1}}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x40000b0}, 0x4890)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r6 = socket$packet(0x11, 0x3, 0x300)
sendto$packet(r6, &(0x7f00000001c0)="87", 0x1, 0x81, &(0x7f0000000280)={0x11, 0xc, r5, 0x1, 0x5, 0x6, @broadcast}, 0x14)

4.165047062s ago: executing program 1 (id=1080):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = socket$inet_smc(0x2b, 0x1, 0x0)
connect$inet(r2, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x6, 0x8, 0x3, 0x0, 0x9, 0x1, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
unshare(0x8040480)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0xfffffffffcffffff, 0x20031, 0xffffffffffffffff, 0xbe9f5000)
r4 = syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r4, 0xc04064a0, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r4, 0xc05064a7, 0x0)
sendmsg$DEVLINK_CMD_SB_POOL_GET(r3, 0x0, 0x40080)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000b, 0x12, 0xffffffffffffffff, 0x2000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x17)

3.205025693s ago: executing program 0 (id=1083):
socket$packet(0x11, 0x2, 0x300)
r0 = openat$procfs(0xffffffffffffff9c, 0x0, 0x1800, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x46)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SET_IO_FLUSHER(0x39, 0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = socket$inet_sctp(0x2, 0x5, 0x84)
getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(r3, 0x84, 0x1a, 0x0, &(0x7f0000000080))
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0xc, 0x4, 0xffffbe0000000001, 0x8, 0xffffffff}, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$TIPC_NL_MEDIA_SET(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40408c1}, 0x40)
setsockopt$sock_attach_bpf(r3, 0x1, 0x32, &(0x7f00000001c0)=r0, 0x4)
r6 = syz_open_dev$evdev(&(0x7f0000000000), 0x2, 0x8a2b81)
write$char_usb(r6, &(0x7f0000000040), 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000780)={'netdevsim0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f00000012c0)={0x0, 0x3f, &(0x7f0000000580)={&(0x7f0000000140)=@newqdisc={0x40, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_clsact={0xb}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0x8}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0x8}]}, 0x40}}, 0x0)

2.649002957s ago: executing program 2 (id=1086):
syz_mount_image$minix(&(0x7f0000000100), &(0x7f0000000a40)='./file0\x00', 0x2004000, &(0x7f0000001180)=ANY=[], 0x9, 0x200, &(0x7f0000000140)="$eJzs28tOE1Ecx/HfDNMLeL9t3GiiiW5ssTSp7OQBfAF3pAyEOIihbkpMKBvfw8dw55u4dSGJPsGYmc4UWnvm0mJnKt9PUnqY9HfOnxP+5QwBAbiybocfLVmqhCPf908eS3r7RpKTGK0upEAA/4xvDZvepDr9cj05BWA5rPyafr1mbPCv8cDmXQBYZmdbK+E54Jslff/9qfszelQynh/OtmwpmGIw/DzOV6V6pvypFT4/dM6zwaOm8QmsgeH88mWYf6bx/GrW+qP11ybya2nB4JYpcGqHT8+fjOevSbou6Yakm5JuRfdadyTdjWfQYLT+zsT6DzLWD8wj+O5rjF1JbtvatHwjR2BC0D27+567nlaoQSXKv8yReXphXI3yrdQqp4vzGznWv6gW5RvdQ2/H+KrXM84OJLP/6v98Uvvf5LAzGs7T/84M/Q9gqNe3nG3Pc496/eN3+Qb2TKnyDPzoaOIe9eqj3SisnpOybMulbUK8qcEVxx8oPfV5prUeResUv3V5BqvlKMM8KOLdCMAiNT8efGj2+scv9g+299w9932rvfmqvdFqdzabux3PXW/OczoHUGbnP/SlLL8zT/6TIAAAAAAAAAAAAAAAUIR7ku4XXQQAAACAhbic/xn60ZXMryn6awQAAAAAAAAAAAAAAAAAAAD+F38CAAD//4rhMmk=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2141, 0x59)
pwrite64(r0, &(0x7f0000000140)="f6", 0xffffff07, 0x8000c61)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)

2.412392556s ago: executing program 2 (id=1088):
mknodat$null(0xffffffffffffff9c, 0x0, 0x408, 0x103)
r0 = socket$packet(0x11, 0xa, 0x300)
socket$inet6_tcp(0xa, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100000008e}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r4, &(0x7f0000000140), 0x10)
sendmsg$can_bcm(r4, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
close_range(r5, 0xffffffffffffffff, 0x200000000000000)
r6 = socket$inet6(0xa, 0x3, 0x3c)
connect$inet6(r6, &(0x7f0000000000)={0xa, 0x5000, 0x80000001, @remote, 0x7}, 0x1c)
getsockname$packet(r0, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000180)=0x14)
r7 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSTI(r7, 0x5412, &(0x7f0000000000)=0x13)
prlimit64(r1, 0x1, &(0x7f0000000040)={0x5, 0xa3}, 0x0)
ioctl$TIOCSTI(r7, 0x5412, &(0x7f00000000c0))
ioctl$TCSETSW2(r7, 0x402c542c, 0x0)
writev(r6, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)

2.34781404s ago: executing program 3 (id=1089):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000340)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x1, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x3, 0x3, 0x6361, 0x7, 0xffffffff, 0x3}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40088c1}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000001040)=@newqdisc={0x3c, 0x24, 0x4ee4e6a52ff56541, 0x70b926, 0x25dfdc01, {0x0, 0x0, 0x0, r3, {0x0, 0xd}, {0xffff, 0xb}, {0xffff, 0xffe0}}, [@qdisc_kind_options=@q_codel={{0xa}, {0xc, 0x2, [@TCA_CODEL_CE_THRESHOLD={0x8, 0x5, 0x4}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x240040e0}, 0x4890)
r4 = socket$packet(0x11, 0x3, 0x300)
sendto$packet(r4, &(0x7f00000005c0)="bad330fbc9b55400040000ea0756a85d86", 0x11, 0x200000c1, &(0x7f00000001c0)={0x11, 0x8100, r3, 0x1, 0x58, 0x6, @multicast}, 0x14)

1.329888893s ago: executing program 2 (id=1090):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
ioctl$sock_SIOCINQ(r0, 0x541b, &(0x7f0000000180))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1e, 0x0, 0x0, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback=0x27}, 0x94)
read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102392, 0x18ff8)
sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x1c800)
r1 = socket$inet6(0xa, 0x2, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, 0x0)
setsockopt$inet6_opts(r1, 0x29, 0x36, &(0x7f0000000000)=@fragment={0x3c, 0x0, 0x5, 0x1, 0x0, 0x1, 0x8000064}, 0x8)
connect$inet6(r1, &(0x7f00000002c0)={0xa, 0x4e24}, 0x1c)
sendmmsg(r1, &(0x7f00000092c0), 0x4ff, 0x0)
syz_open_dev$usbmon(&(0x7f0000000080), 0xfd, 0x2040)
r2 = syz_usb_connect(0x1, 0x36, 0x0, 0x0)
syz_usb_ep_write$ath9k_ep2(r2, 0x83, 0x8, &(0x7f0000000080)=ANY=[])

1.080878764s ago: executing program 3 (id=1091):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x0, &(0x7f0000000100)})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}})
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000003, 0x28011, r2, 0x0)
preadv(r2, &(0x7f00000015c0)=[{0x0}], 0x1, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x44, 0x0, 0x0)
ioctl$KVM_SET_FPU(r2, 0x41a0ae8d, &(0x7f0000000240)={'\x00', 0x4, 0x9, 0xbd, 0x0, 0xffff, 0x2, 0x2, '\x00', 0x654})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

918.097371ms ago: executing program 1 (id=1092):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000900)={&(0x7f0000000140)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0xffffffff, {0x0, 0x0, 0x0, r5, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xe}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_FSC={0x10, 0x2, {0x5, 0x7, 0xb3}}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000400)=@newtfilter={0x24, 0x2c, 0xd27, 0x30bd29, 0x25dfdc00, {0x0, 0x0, 0x0, r6, {0x0, 0x7}, {}, {0x8}}}, 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0x20000000)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
close(r7)
socket$unix(0x1, 0x2, 0x0)
ioctl$SIOCSIFHWADDR(r7, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r8 = socket$kcm(0x11, 0x3, 0x0)
setsockopt$sock_attach_bpf(r8, 0x107, 0xf, &(0x7f0000000600), 0x56)
sendmsg$kcm(r8, &(0x7f00000000c0)={&(0x7f0000000380)=@xdp={0x2c, 0x0, r6, 0xc}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000180)="27030200590214000600002fb96dbcf706e10500000086ddffff1144ee163cd4b8bf", 0x22}, {&(0x7f0000000c00)="4307ed2e", 0x4}], 0x2}, 0x4)

809.783005ms ago: executing program 3 (id=1093):
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x141080)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r1, 0xc4c85513, &(0x7f0000000840)={{0x6, 0x6, 0x1, 0x0, 'syz1\x00', 0x4}, 0x0, [0x3, 0x1, 0x3, 0x5, 0x1, 0x3, 0x0, 0x5, 0x1, 0x1, 0x4b, 0x4, 0x9, 0xf52, 0x21f4, 0xa44, 0xcd, 0xfffffffffffffffb, 0x401, 0x7fff, 0x4, 0x3, 0x7, 0xc000000000, 0xb402, 0x101, 0x0, 0xfffffffffffffff9, 0x2, 0x2, 0x5, 0x9, 0x1a, 0x100, 0x6, 0x0, 0x8, 0xe, 0x3, 0xfffffffffffffffa, 0x7, 0x55, 0x1, 0xffffffbffffffffb, 0x7a, 0x2, 0x3, 0x9, 0x6, 0x0, 0x8, 0x22, 0x3, 0x0, 0x2, 0x2, 0xa, 0x3, 0x6, 0x2, 0x6, 0x1ff, 0x8000000000000000, 0xf24, 0x2, 0x2, 0x0, 0xf40d, 0xffffffff, 0x7, 0x7, 0x7fffffff, 0x3, 0x80000001, 0x4, 0x9, 0x5, 0x15, 0xf6e, 0x10000, 0x8, 0x6, 0xfffffffffffffff7, 0xfffffffffffffffe, 0x7fff, 0xa, 0x3, 0x3, 0x7fff, 0x40, 0x401, 0x3, 0x8, 0x1ff, 0x1, 0x5, 0x7f, 0x6, 0xf, 0x7fff, 0x1, 0x1f, 0x10, 0x29, 0x5, 0x1ff, 0x4cfaaa8f, 0x8, 0x0, 0x7ff, 0x4, 0x8, 0x1, 0x1, 0x8, 0x0, 0x7, 0x3ecc00000000, 0x400, 0xb, 0x385, 0x6, 0xfffffffffffffff8, 0x800, 0x7, 0x8000000000000000, 0x9, 0x4]})
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r1, 0x40045532, &(0x7f0000000200)=0x5)
openat$audio(0xffffffffffffff9c, &(0x7f0000000100), 0x80002, 0x0)
syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x0, 0xa2c65)

715.053689ms ago: executing program 0 (id=1094):
sched_setaffinity(0x0, 0x0, 0x0)
sendmsg$NL80211_CMD_REGISTER_BEACONS(0xffffffffffffffff, 0x0, 0x4010)
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100))
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000004a80)={0x73622a85, 0x100, 0x1})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000004c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000fc0)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, 0x18, &(0x7f0000000300)={@flat=@weak_binder={0x77622a85, 0x100a, 0x8000000000}, @flat=@weak_binder={0x77622a85, 0x1100, 0x3}}, &(0x7f0000000200)={0x0, 0x18, 0x30}}}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000004a40)={0x8, 0x0, &(0x7f00000049c0)=[@increfs={0x40046304, 0x3}], 0x0, 0x0, 0x0})

620.976953ms ago: executing program 3 (id=1095):
inotify_init()
utimensat(0xffffffffffffffff, 0x0, 0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
bind$netlink(r1, &(0x7f0000000100)={0x10, 0x0, 0x25dfdbfd, 0x400}, 0xc)
getsockname$packet(r1, &(0x7f0000000600)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
sendmsg$nl_route(r0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)=@newlink={0x3c, 0x10, 0x40d, 0x70bd2a, 0x0, {0x0, 0x0, 0x0, r2, 0x1, 0xc000}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bond={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BOND_MODE={0x5, 0x1, 0x6}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x404c084}, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r3 = socket$kcm(0x10, 0x2, 0x0)
r4 = socket$inet(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000300)={'bond0\x00', <r5=>0x0})
socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000e00)=ANY=[@ANYBLOB="44000000100001042abd70000000000000000000", @ANYRES32=r5, @ANYBLOB="0028000000000000140012800c0001006d6163766c616e00", @ANYRES32=r5, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r7], 0x44}, 0x1, 0x0, 0x0, 0x4}, 0x0)
sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000040)="d8000000100081044e81f782db44b904021d006a0f000000e8fe55a1290015000600142603600e120900040044000000a80016000a0003402e60000000000000b94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a985162f7ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d3220a7c9f8775730d16a4683f1aeb4edbb57a5025ccca9e00360db70100000040fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9701", 0xd8}], 0x1}, 0x60044084)

599.761585ms ago: executing program 2 (id=1096):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000003c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_CHANNEL_SWITCH(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000400)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010008020000001800006600000008000300", @ANYRES32=r2, @ANYBLOB="08002600940900000800b70099"], 0x2c}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)

593.098605ms ago: executing program 0 (id=1097):
r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)
close(r0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000380)=ANY=[@ANYRES32=r4, @ANYRES32=r3, @ANYBLOB='&'], 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r4}, &(0x7f0000000000), 0x0}, 0x20)
close(r4)
recvmsg$unix(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000006c0)=""/179, 0x33fe0}], 0x1}, 0x0)
sendmsg$inet(r2, &(0x7f0000000500)={0x0, 0x0, 0x0}, 0x0)

490.411849ms ago: executing program 1 (id=1098):
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="04230d80c9"], 0x10)

442.990321ms ago: executing program 2 (id=1099):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000340)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x1, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x3, 0x3, 0x6361, 0x7, 0xffffffff, 0x3}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40088c1}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000001040)=@newqdisc={0x3c, 0x24, 0x4ee4e6a52ff56541, 0x70b926, 0x25dfdc01, {0x0, 0x0, 0x0, r3, {0x0, 0xd}, {0xffff, 0xb}, {0xffff, 0xffe0}}, [@qdisc_kind_options=@q_codel={{0xa}, {0xc, 0x2, [@TCA_CODEL_CE_THRESHOLD={0x8, 0x5, 0x4}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x240040e0}, 0x4890)
r4 = socket$packet(0x11, 0x3, 0x300)
sendto$packet(r4, &(0x7f00000005c0)="bad330fbc9b55400040000ea0756a85d86", 0x11, 0x200000c1, &(0x7f00000001c0)={0x11, 0x8100, r3, 0x1, 0x58, 0x6, @multicast}, 0x14)

389.418593ms ago: executing program 3 (id=1100):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000340)='GPL\x00', 0x6, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3a}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
r1 = socket(0x15, 0x5, 0x0)
getsockopt(r1, 0x200000000114, 0x2711, 0x0, &(0x7f0000000000))

388.299193ms ago: executing program 0 (id=1101):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x0, &(0x7f0000000100)})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}})
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000003, 0x28011, r2, 0x0)
preadv(r2, &(0x7f00000015c0)=[{0x0}], 0x1, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x44, 0x0, 0x0)
ioctl$KVM_SET_FPU(r2, 0x41a0ae8d, &(0x7f0000000240)={'\x00', 0x4, 0x9, 0xbd, 0x0, 0xffff, 0x2, 0x2, '\x00', 0x654})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

338.970706ms ago: executing program 1 (id=1102):
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
syz_mount_image$f2fs(&(0x7f0000000100), &(0x7f0000000040)='./bus\x00', 0x2000410, &(0x7f0000000340)=ANY=[@ANYBLOB="66617374626f6f742c71756f7461000000000000003b814e50a959736d65720f73ec0000000000000000a88f723cb005aeff24212c651baef614d442ae89412ad3dcd0b7586d02002a6d6d65cacd4fc5002207ce994dda65c4b1d23a9bd5ba0f4ce5c2b5a5718c6aa918080002223d2753a5cac974110144cd0a1e368652324a41b31e1eb3b32dccbdf8f68bd96a45a75427a5f789d267fd92f6a5540200b81d5b9fa9b40fe4d7fbd50a6afc3a989c6d60045663c59cbdc4c700000000bc7f6b22df0191acf5912afdcc1c061835177068c40f757dd123d2600b1c544f1525aa8d00000000000000000000002e8b5c733d362417c17f527c0bfebec112d57fc69fabb9b31ef97b2147931ff60cdf666c25244218b1f1a6010000000100000020563b835d0e8e9a09070ef1691fcb2f37bda5d4e3d9d7a2d0ac82b45a53001057f321acc45d5e065a461de90100000077d200000000000040b78f0dd3836f5ab2f6a1a5b798bb7752f192c6b48e568973a59cd9c74bd9a14721856c5499cd8f93f8beaa9cf76718ce7244c84268030000000000000208886b313bd01a22d576e414011a4f0a897515329f86d4585fa0ea17068f8af349696da4a2b3e24310ca52ec51bc23b57897cb55a2d513e6a00765ee3f58b471c54dd57f0af584afe4a21f92b515d7f2fa6fbb273ca0f751e684584320534667aea39ad7222c8ef531f514939177a47395e94c1723abb3fd44fd64fde4b45cc2f55f4ae05ff48648a4c998257856bcdcf2fa02010000001f54fb936570450e91c8d55abad76a7b7a000016f81ec9da9ccc1191c211632266d907e4d9b23496ae19bac24dc23c43f514f1b4af19988bbe61ee29a368a999435d6872d01b79c7821e875859dfbf3c57e4f1fb0be46cb5f7a0fa13516c0926d19dd2d5862085e1e4cb8279be17cba17ee4d06adb7b4ca282e73ea142b01b4a742fa11c0927ba811dd60903d575db449d775021b542db617086b3ed42e6e60fe043cff79b0c067c584bbf82657974c3736912b4b522052b9467d0da116ccc1652d861a420f09aaf67d3e9f6160100000001000000ae6335ad9896abd3cc00413638cb9bc62ab8054325d72e9144cf4f88702f586507e3147198e0bc4060a7c8f4dce73b653177ecf8228e6e6fae02040000000000000000000000000000f43739fdd2d24e50e0233acfe1c8639070fe00f40b0d01f8a0a35fcfe3ea10faf9c24b8488ed4ed83fb06a9a7c57442ede9e1fc2853b8f4d2241cff61d0125b7750e3fdae6a4ab9c776a191ed8098a780ea2bbaa64978cd3a6458fcc6b949bcbca0dceb7361f66e46731eba4f3aed335e7c8c541e82453218a19d39489e1525466ac93759787e767f601931d94c9c426489b741a6bc8abf475e4bf859e1ce7f7227069e9f51e25fa3d1b18dc565180a1af464a1dd697db85e2b27b90f6bd7cf1b6bc0bcd8ba552ced3d3cfbf9c9bc04f6505003cb40173b4bdc393d47e5da95b63a40ac18daf11e8d0706b47795fbe2b56d0ea7ffc5a59ede88621a08b25ca6ebe041317b62373a60951af33eb7954a9731aaa125add0913ed2435a207439e9122512d77096746a4b404459cebc8faff8f7a31758e630c75a1ff90402754d339dc21cf6b8e04e1aedf14df0b4aaf0e03194df3eb41ba066bc343b323a3162d7e7ba687633c2faa8f28b42364b72e3a457476fd6b2a54e670ba798172c44c4390f73fdab743a4cac88b2bd0545b8483f2e2f9846b138a4d8a7332978da70e9050417087c5ae034a735e8b448dd970140495fde085", @ANYRESOCT=0x0], 0x1, 0x555e, &(0x7f0000005f80)="$eJzs3EtvG1UUAOA7TpPSJxFiwa4jVUiJVFt12lSwC9CKh0gV8ViwAsd2LLe2J4odJ2SFBEvEgn+CQGLFkt/AgjU7xALEDgnkuWNKKKhJ48R9fJ80PjPX12fusUaRzkzkADy15tPff03CxXAmhDATQjifhHw/KbbcSgwvhBAuhRBK/9iSYvzvgbkQwtkQwsVR8pgzKd768srw8vIvb/323Q+nT5376tsfp1c1MG0vhhC6m3F/pxtj1orxTjFeG7bz2L0+LGJ8o3u3OM5i3Gmu5xl2auN5tTxea8X52eZ2fxQ3OrX6KLbaG/n4Zi+esD9sjfPkH7hT28qPG831PLb7WR5be3Fdu3vxb9tefxDzNIp8H+fpw2AwjnG8uduM9WzezWO9NyjGY96s0dwdxWERi9OFetZp5OtYP8o3/Wh7u93b3k2Hza1+O+uly5XqS5XqjXJ1K2s0B83r5Vq3ceN6utDqjKaVB81ad6WVZa1Os1LPuovpQqteL1er6cLN5nq71kur1cq1ytXy8mKxdyV9/fb7aaeRLoziq+3e9ly70083sq00fmIxXapce3kxvVxN311dS9feuXVrde29D29+cPuV1TdfKybdt6x0Yenq0lK5erW8VF18cI1zx13/6AQHrH9wlPo/KxZ9iPqTQ10NcEguMIBDu6//D/p/4OFdPOC8x73/D5Ps/0ctlf7/wf1v6ej9/5H634fs/ydW/wTufzxq9cOR6P8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ5aP81+/Ua+Mx+PzxXjF4qh54rjJIRQCiH8+R9mwty+nDNFntn/mT/7rzV8n4Q8w+gcp4vtbAhhpdj+ePa4vwUAAAB4cn3zyaUvYrceX+anvSBOUrxpUzr/0YTyJSGE2fmfJ5StNHp5fkLJ8uv7VNidULb8BtYzE0oWb7mdmlS2A5kZh08v3BvMC0piKJ3ocgAAgBMxsy+cbBcCAADASfp82gtgOpIwfpQ5fhac/+f9vUebZ/a9BwAAADyGkmkvAAAAADh2ef/v9/8AAADgyRZ//w8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPiLnbvJWRqI4wD8b/uWDz8iMe69ijs4hkdw6VI4gJfgCHgFL8AZcOcRDDW0E5IqJMZObSTPk3TKtOQ3M9DNTJMBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAMX2rD5svn95+HppzbobJMxoAAADgllN92LQfVl39ebr+Ml16nepFRJQR8fvMfRlVzHqZVcqpb36/aepf+vA1ok24tDFPx7OIeJeO6tXYvwIAAAA8ruNuv+5m612xmrpD/Evdok354n2mvCIi6tX3TGnlpXiTKax9vp/iY6a0dgFrkSmsW3J7un1vlquRvqp3SiNZbNs/sa2V47QLAABMqT8TuDMLAQAA4AF8mLoDTKO4Ftf3jPPulF4ILns1AAAA4D9UTN0BAAAAYHTt/H/4/n9NM/b+fz/s/wcAAAB/rdv/DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgDGd6sPmuNuv793f/mHOuRkm34gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+Mn+vKNACIRBGOxd35nM/Q8rDRoam1SB8PE3BgMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvPndX/5PTI0zydxrY+l5JFk7NbZOjb1z4+gP4+vXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF/vzkgIhEARRMGf876Tvf1hJ0DOIEAENjypq0QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABf9Ltf/k9MjTPJ3Glj6XgkWbtqbF019h40jh6Mt38DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFzv38xtFFQcA/Ls7O0tBibWaHqoGEw96kXZBkKMeNI0H/wSTpmyxuogCByGNphc9mZ5J1OjRGBNNvfE/cKYJF7xx6KEmnjXzqww/lA2pM0v7+SRv3nd2J+993+yG8O2bFgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKttvx4vdMk6yw3QRV6/d3Flbzvqt+/rM9Y1bc1nL4s6jJvr6rb1PfrK9VD85Nls7+bL5ZAAAADgYkqq+j4jb6eZi1nen8/o/ra7Jav4fjhZxVc/fX/dv7axNlW/NVfX/77/deX53oulinmzQldXRcOHBVHr/0xIn3jOPvKKX3/n8Zy9J/oF031t/bjvN72fnmxs33unn4aEmsgUAHsfxqi+D6v9DWT9oMzEADoxerfCu6v9kut2cAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJqwvR5PVXEnIuZ6d+PM1s7a8sP66xu35qp2+tq1jfqY2RBpRKysjoZpg2uZdJeuXP14aTQaXmw+OBYR7c1eBh+McU3Ef19Tfj2jvVX8e9CZjDRaDbrl5zMp+exlUH339n7klv5BAgBgH0qORlmPp2VdfzvdXMxe68xE/P3jvfX/q7U4xqz/73x4+mZ9xnr9P2hqmRPv2+8izn86f+nK1ddXzy+dG54bfvLGicGbg5NnTp06M5/dq4X5legOF9pOFAAAgCdYv2z1+r878+D+/5FaHGPW/599P/iiPlei/n+ou5t+bWcCAABwEPV3o2df/uvPTv2tqaLr9Pvx+dLlyxcHxXH3/ERxbDzlx3CobPX6P5lpOysAAACgCdvrnXv2/8/W4hhz///pn174pT5mEhGHIy5ExPD48oXR2eaWM9Ga+EXlfKJ+2ysFAACgLYfLVuz/9/L9/zR//r+7+8hDNyJee6WIq791NU79n7z71c/1uerP/59sbokTqTtb3I+8n43ozbadEQAAAPvZVNmyYv+PdHPxo1+PvN/3/D8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA0/4JAAD//880Myg=")
openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x88040, 0x0)
linkat(0xffffffffffffff9c, &(0x7f00000006c0)='./file1\x00', 0xffffffffffffff9c, &(0x7f0000000100)='./file7\x00', 0x0)

132.870314ms ago: executing program 2 (id=1103):
keyctl$reject(0x13, 0x0, 0xaad2, 0x201, 0x0)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x100, '\x00', 0x0, 0x0}, 0x50)
prlimit64(0x0, 0xe, &(0x7f0000000180)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x0, 0x0)
recvmmsg(r2, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000540)=ANY=[], 0x10)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000300)=@raw={'raw\x00', 0x3c1, 0x3, 0x298, 0x0, 0x2b8, 0xb0000010, 0x0, 0x5c8f0200, 0x210, 0x3a8, 0x3a8, 0x210, 0x3a8, 0x3, 0x0, {[{{@ipv6={@private1, @local, [], [0xff], 'vlan1\x00', 'veth0_to_team\x00', {}, {}, 0x0, 0x0, 0x7}, 0x0, 0xa8, 0xf0, 0x700}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x206, 'syz0\x00'}}}, {{@uncond, 0x0, 0xa8, 0xd8}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00', 0x1, {0xffff, 0x6, 0x4}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x2f8)
sendmsg$TIPC_CMD_SHOW_PORTS(r4, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x40004}, 0x4)
syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000016c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0xb, 0x1c, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r5}}, {}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x3, 0x3, 0xa, 0x9, 0xfe00}, {0x5, 0x0, 0xb, 0x9, 0x0, 0x8}, {0x3, 0x3, 0x3, 0xa, 0xa}, {0x6, 0x1, 0xb, 0x8, 0x9}, {0x4, 0x0, 0x0, 0x8}, {}, {}, {}, {0x18, 0x8, 0x2, 0x0, r0}, {}, {0x46, 0x0, 0x0, 0x76}}], {{}, {0x6, 0x0, 0x7, 0x8, 0x0, 0x0, 0x1fffffff}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

57.354468ms ago: executing program 0 (id=1104):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
ioctl$sock_SIOCINQ(r0, 0x541b, &(0x7f0000000180))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1e, 0x0, 0x0, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback=0x27}, 0x94)
read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102392, 0x18ff8)
sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x1c800)
r1 = socket$inet6(0xa, 0x2, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, 0x0)
setsockopt$inet6_opts(r1, 0x29, 0x36, &(0x7f0000000000)=@fragment={0x3c, 0x0, 0x5, 0x1, 0x0, 0x1, 0x8000064}, 0x8)
connect$inet6(r1, &(0x7f00000002c0)={0xa, 0x4e24}, 0x1c)
sendmmsg(r1, &(0x7f00000092c0), 0x4ff, 0x0)
syz_open_dev$usbmon(&(0x7f0000000080), 0xfd, 0x2040)
r2 = syz_usb_connect(0x1, 0x36, 0x0, 0x0)
syz_usb_ep_write$ath9k_ep2(r2, 0x83, 0x8, &(0x7f0000000080)=ANY=[])

0s ago: executing program 3 (id=1105):
pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x5)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
syz_io_uring_setup(0x8007b6, 0x0, &(0x7f0000000180), &(0x7f0000000140), 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000940)=@bpf_lsm={0x1d, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x41100, 0x9}, 0x94)
r0 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000100)={&(0x7f00000000c0)={{0xeb9f, 0x2, 0x0, 0x18, 0x0, 0x0, 0x0, 0x2}, {0x2}}, 0x0, 0x1a, 0x0, 0x2}, 0x28)
pipe(&(0x7f0000002680)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = fsopen(&(0x7f0000000080)='autofs\x00', 0x0)
fsconfig$FSCONFIG_SET_FD(r2, 0x5, &(0x7f00000005c0)='fd', 0x0, r1)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
r3 = fsmount(r2, 0x0, 0x2)
fchdir(r3)
r4 = open(&(0x7f0000000000)='.\x00', 0x0, 0x244)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r4, 0x9362, 0x0)

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.1.152' (ED25519) to the list of known hosts.
[   65.820860][ T5754] cgroup: Unknown subsys name 'net'
[   65.921632][ T5754] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   67.310922][ T5754] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   69.213490][ T5775] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   69.222015][ T5775] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   69.231440][ T5775] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   69.235705][ T5777] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   69.239523][ T5775] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   69.253670][ T5775] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   69.253846][ T5778] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   69.262636][ T5775] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   69.276865][ T5775] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   69.284593][ T5779] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   69.285451][ T5780] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   69.292621][ T5779] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   69.300092][ T5780] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   69.307030][ T5779] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   69.320356][ T5780] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   69.320392][ T5779] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   69.329031][ T5780] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   69.335493][ T5779] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[   69.342411][ T5780] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[   69.349531][ T5779] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   69.356100][ T5780] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   69.362946][ T5779] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   69.379333][ T5779] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[   69.387633][ T5779] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   69.760598][ T5766] chnl_net:caif_netlink_parms(): no params data found
[   69.849088][ T5769] chnl_net:caif_netlink_parms(): no params data found
[   69.897062][ T5767] chnl_net:caif_netlink_parms(): no params data found
[   69.964702][ T5766] bridge0: port 1(bridge_slave_0) entered blocking state
[   69.972612][ T5766] bridge0: port 1(bridge_slave_0) entered disabled state
[   69.980212][ T5766] bridge_slave_0: entered allmulticast mode
[   69.987814][ T5766] bridge_slave_0: entered promiscuous mode
[   69.996901][ T5766] bridge0: port 2(bridge_slave_1) entered blocking state
[   70.003996][ T5766] bridge0: port 2(bridge_slave_1) entered disabled state
[   70.011266][ T5766] bridge_slave_1: entered allmulticast mode
[   70.018045][ T5766] bridge_slave_1: entered promiscuous mode
[   70.030936][ T5768] chnl_net:caif_netlink_parms(): no params data found
[   70.118140][ T5767] bridge0: port 1(bridge_slave_0) entered blocking state
[   70.125478][ T5767] bridge0: port 1(bridge_slave_0) entered disabled state
[   70.132677][ T5767] bridge_slave_0: entered allmulticast mode
[   70.139728][ T5767] bridge_slave_0: entered promiscuous mode
[   70.160422][ T5766] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   70.180335][ T5767] bridge0: port 2(bridge_slave_1) entered blocking state
[   70.188389][ T5767] bridge0: port 2(bridge_slave_1) entered disabled state
[   70.195757][ T5767] bridge_slave_1: entered allmulticast mode
[   70.202441][ T5767] bridge_slave_1: entered promiscuous mode
[   70.209159][ T5769] bridge0: port 1(bridge_slave_0) entered blocking state
[   70.218608][ T5769] bridge0: port 1(bridge_slave_0) entered disabled state
[   70.225934][ T5769] bridge_slave_0: entered allmulticast mode
[   70.232553][ T5769] bridge_slave_0: entered promiscuous mode
[   70.241025][ T5769] bridge0: port 2(bridge_slave_1) entered blocking state
[   70.248299][ T5769] bridge0: port 2(bridge_slave_1) entered disabled state
[   70.255534][ T5769] bridge_slave_1: entered allmulticast mode
[   70.262196][ T5769] bridge_slave_1: entered promiscuous mode
[   70.270409][ T5766] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   70.343912][ T5767] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   70.361908][ T5769] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   70.374103][ T5766] team0: Port device team_slave_0 added
[   70.383951][ T5767] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   70.404669][ T5769] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   70.419012][ T5766] team0: Port device team_slave_1 added
[   70.465669][ T5768] bridge0: port 1(bridge_slave_0) entered blocking state
[   70.472826][ T5768] bridge0: port 1(bridge_slave_0) entered disabled state
[   70.480079][ T5768] bridge_slave_0: entered allmulticast mode
[   70.487757][ T5768] bridge_slave_0: entered promiscuous mode
[   70.497119][ T5767] team0: Port device team_slave_0 added
[   70.512085][ T5768] bridge0: port 2(bridge_slave_1) entered blocking state
[   70.519317][ T5768] bridge0: port 2(bridge_slave_1) entered disabled state
[   70.526649][ T5768] bridge_slave_1: entered allmulticast mode
[   70.533627][ T5768] bridge_slave_1: entered promiscuous mode
[   70.552750][ T5767] team0: Port device team_slave_1 added
[   70.561970][ T5769] team0: Port device team_slave_0 added
[   70.577905][ T5766] batman_adv: batadv0: Adding interface: batadv_slave_0
[   70.584881][ T5766] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   70.610995][ T5766] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   70.631223][ T5766] batman_adv: batadv0: Adding interface: batadv_slave_1
[   70.638320][ T5766] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   70.664349][ T5766] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   70.677417][ T5769] team0: Port device team_slave_1 added
[   70.707541][ T5767] batman_adv: batadv0: Adding interface: batadv_slave_0
[   70.714520][ T5767] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   70.743255][ T5767] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   70.766476][ T5768] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   70.778977][ T5768] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   70.809457][ T5767] batman_adv: batadv0: Adding interface: batadv_slave_1
[   70.816671][ T5767] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   70.842793][ T5767] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   70.876194][ T5768] team0: Port device team_slave_0 added
[   70.884966][ T5768] team0: Port device team_slave_1 added
[   70.907133][ T5769] batman_adv: batadv0: Adding interface: batadv_slave_0
[   70.914180][ T5769] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   70.940215][ T5769] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   70.994592][ T5769] batman_adv: batadv0: Adding interface: batadv_slave_1
[   71.001756][ T5769] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   71.027966][ T5769] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   71.044954][ T5768] batman_adv: batadv0: Adding interface: batadv_slave_0
[   71.053744][ T5768] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   71.079861][ T5768] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   71.093033][ T5768] batman_adv: batadv0: Adding interface: batadv_slave_1
[   71.100084][ T5768] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   71.126136][ T5768] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   71.141034][ T5766] hsr_slave_0: entered promiscuous mode
[   71.148119][ T5766] hsr_slave_1: entered promiscuous mode
[   71.158241][ T5767] hsr_slave_0: entered promiscuous mode
[   71.164716][ T5767] hsr_slave_1: entered promiscuous mode
[   71.171471][ T5767] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   71.179769][ T5767] Cannot create hsr debugfs directory
[   71.230953][ T5769] hsr_slave_0: entered promiscuous mode
[   71.237271][ T5769] hsr_slave_1: entered promiscuous mode
[   71.243423][ T5769] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   71.251149][ T5769] Cannot create hsr debugfs directory
[   71.328557][ T5768] hsr_slave_0: entered promiscuous mode
[   71.334889][ T5768] hsr_slave_1: entered promiscuous mode
[   71.342135][ T5768] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   71.349817][ T5768] Cannot create hsr debugfs directory
[   71.446227][ T5082] Bluetooth: hci2: command tx timeout
[   71.446238][ T5771] Bluetooth: hci3: command tx timeout
[   71.446534][ T5779] Bluetooth: hci0: command tx timeout
[   71.451949][   T51] Bluetooth: hci1: command tx timeout
[   71.611441][ T1280] ieee802154 phy0 wpan0: encryption failed: -22
[   71.618224][ T1280] ieee802154 phy1 wpan1: encryption failed: -22
[   71.686262][ T5767] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   71.700010][ T5767] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   71.713598][ T5767] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   71.723934][ T5767] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   71.788071][ T5766] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   71.810731][ T5766] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   71.833129][ T5766] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   71.853370][ T5766] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   71.897516][ T5769] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   71.913864][ T5769] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   71.937616][ T5769] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   71.967384][ T5769] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   72.024503][ T5768] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   72.035875][ T5768] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   72.067560][ T5767] 8021q: adding VLAN 0 to HW filter on device bond0
[   72.076359][ T5768] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   72.086175][ T5768] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   72.124234][ T5767] 8021q: adding VLAN 0 to HW filter on device team0
[   72.144325][   T41] bridge0: port 1(bridge_slave_0) entered blocking state
[   72.151636][   T41] bridge0: port 1(bridge_slave_0) entered forwarding state
[   72.192885][   T41] bridge0: port 2(bridge_slave_1) entered blocking state
[   72.200052][   T41] bridge0: port 2(bridge_slave_1) entered forwarding state
[   72.281424][ T5766] 8021q: adding VLAN 0 to HW filter on device bond0
[   72.310478][ T5767] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   72.331078][ T5769] 8021q: adding VLAN 0 to HW filter on device bond0
[   72.370287][ T5769] 8021q: adding VLAN 0 to HW filter on device team0
[   72.391746][ T5766] 8021q: adding VLAN 0 to HW filter on device team0
[   72.422251][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   72.429444][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   72.463880][ T1330] bridge0: port 1(bridge_slave_0) entered blocking state
[   72.471392][ T1330] bridge0: port 1(bridge_slave_0) entered forwarding state
[   72.504523][ T1330] bridge0: port 2(bridge_slave_1) entered blocking state
[   72.511654][ T1330] bridge0: port 2(bridge_slave_1) entered forwarding state
[   72.523920][ T1330] bridge0: port 2(bridge_slave_1) entered blocking state
[   72.531701][ T1330] bridge0: port 2(bridge_slave_1) entered forwarding state
[   72.586986][ T5768] 8021q: adding VLAN 0 to HW filter on device bond0
[   72.619419][ T5766] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   72.667889][ T5768] 8021q: adding VLAN 0 to HW filter on device team0
[   72.701601][ T5767] 8021q: adding VLAN 0 to HW filter on device batadv0
[   72.714713][ T1330] bridge0: port 1(bridge_slave_0) entered blocking state
[   72.721917][ T1330] bridge0: port 1(bridge_slave_0) entered forwarding state
[   72.750493][ T1330] bridge0: port 2(bridge_slave_1) entered blocking state
[   72.757688][ T1330] bridge0: port 2(bridge_slave_1) entered forwarding state
[   72.950297][ T5767] veth0_vlan: entered promiscuous mode
[   72.983176][ T5766] 8021q: adding VLAN 0 to HW filter on device batadv0
[   73.010626][ T5767] veth1_vlan: entered promiscuous mode
[   73.108350][ T5767] veth0_macvtap: entered promiscuous mode
[   73.140049][ T5767] veth1_macvtap: entered promiscuous mode
[   73.169317][ T5766] veth0_vlan: entered promiscuous mode
[   73.209034][ T5766] veth1_vlan: entered promiscuous mode
[   73.233863][ T5767] batman_adv: batadv0: Interface activated: batadv_slave_0
[   73.260341][ T5769] 8021q: adding VLAN 0 to HW filter on device batadv0
[   73.287629][ T5767] batman_adv: batadv0: Interface activated: batadv_slave_1
[   73.313341][ T5766] veth0_macvtap: entered promiscuous mode
[   73.329164][ T5766] veth1_macvtap: entered promiscuous mode
[   73.348147][ T5767] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   73.357320][ T5767] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   73.367635][ T5767] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   73.376439][ T5767] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   73.419095][ T5768] 8021q: adding VLAN 0 to HW filter on device batadv0
[   73.430054][ T5766] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   73.446856][ T5766] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   73.460516][ T5766] batman_adv: batadv0: Interface activated: batadv_slave_0
[   73.470658][ T5769] veth0_vlan: entered promiscuous mode
[   73.493489][ T5766] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   73.504186][ T5766] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   73.516866][ T5766] batman_adv: batadv0: Interface activated: batadv_slave_1
[   73.527713][   T51] Bluetooth: hci1: command tx timeout
[   73.527762][ T5779] Bluetooth: hci2: command tx timeout
[   73.533134][   T51] Bluetooth: hci0: command tx timeout
[   73.539145][ T5779] Bluetooth: hci3: command tx timeout
[   73.568619][ T5766] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   73.587294][ T5766] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   73.596166][ T5766] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   73.605040][ T5766] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   73.628542][ T5769] veth1_vlan: entered promiscuous mode
[   73.700498][ T1136] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   73.719331][ T1136] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   73.768929][ T5768] veth0_vlan: entered promiscuous mode
[   73.786121][ T5769] veth0_macvtap: entered promiscuous mode
[   73.803173][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   73.814409][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   73.818721][ T5769] veth1_macvtap: entered promiscuous mode
[   73.841269][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   73.867570][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   73.892183][ T5768] veth1_vlan: entered promiscuous mode
[   73.924211][ T5769] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   73.938385][ T5769] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   73.948378][ T5769] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   73.959597][ T5769] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   73.971729][ T5769] batman_adv: batadv0: Interface activated: batadv_slave_0
[   73.989845][ T5769] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   73.996556][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   74.000789][ T5769] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   74.015816][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   74.028567][ T5769] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   74.039174][ T5769] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   74.050979][ T5769] batman_adv: batadv0: Interface activated: batadv_slave_1
[   74.086425][ T5768] veth0_macvtap: entered promiscuous mode
[   74.121350][ T5769] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   74.136487][ T5769] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   74.146813][ T5769] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   74.154532][ T5825] syz.3.4[5825]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set
[   74.156448][ T5769] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   74.175808][ T5825] loop3: detected capacity change from 0 to 512
[   74.192992][ T5825] EXT4-fs: Ignoring removed orlov option
[   74.199637][ T5768] veth1_macvtap: entered promiscuous mode
[   74.211843][ T5825] EXT4-fs (loop3): Test dummy encryption mode enabled
[   74.240056][ T5825] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   74.263727][ T5825] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   74.293163][ T5768] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   74.315176][ T5768] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   74.325097][ T5768] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   74.336555][ T5768] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   74.338058][ T5825] EXT4-fs (loop3): 1 truncate cleaned up
[   74.346513][ T5768] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   74.346616][ T5768] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   74.349496][ T5768] batman_adv: batadv0: Interface activated: batadv_slave_0
[   74.384642][ T5829] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[   74.387368][ T5825] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   74.450899][ T5768] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   74.472199][ T5768] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   74.498916][ T5768] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   74.518908][ T5768] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   74.539490][ T5768] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   74.558719][   T27] audit: type=1800 audit(1778609812.982:2): pid=5825 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.4" name="file1" dev="loop3" ino=15 res=0 errno=0
[   74.580971][ T5768] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   74.596499][ T5768] batman_adv: batadv0: Interface activated: batadv_slave_1
[   74.609676][ T5768] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   74.624014][ T5768] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   74.626635][ T5829] kvm: kvm [5827]: vcpu0, guest rIP: 0x9114 Unhandled WRMSR(0xc1) = 0x9123
[   74.633124][ T5768] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   74.660170][ T5768] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   74.712396][ T1136] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   74.732116][ T1136] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   74.879717][ T5767] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.892474][ T3488] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   74.915399][ T3488] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   75.037461][ T1136] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   75.078655][ T1136] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   75.234052][ T1136] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   75.256753][ T5838] CIFS: VFS: Malformed UNC in devname
[   75.257711][ T1136] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   75.636291][ T5771] Bluetooth: hci2: command tx timeout
[   75.642132][ T5771] Bluetooth: hci1: command tx timeout
[   75.647946][ T5771] Bluetooth: hci3: command tx timeout
[   75.653648][ T5779] Bluetooth: hci0: command tx timeout
[   76.728070][ T5850] random: crng reseeded on system resumption
[   77.718189][ T5779] Bluetooth: hci0: command tx timeout
[   77.723693][ T5779] Bluetooth: hci3: command tx timeout
[   77.730169][ T5779] Bluetooth: hci1: command tx timeout
[   77.736215][ T5779] Bluetooth: hci2: command tx timeout
[   77.841409][ T5853] process 'syz.2.7' launched './file1' with NULL argv: empty string added
[   77.932695][ T5865] loop1: detected capacity change from 0 to 16
[   77.947774][ T5865] MTD: Attempt to mount non-MTD device "/dev/loop1"
[   77.975771][ T5865] cramfs: root is not a directory
[   78.559281][ T5760] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[   78.857537][ T5870] netlink: 'syz.3.10': attribute type 1 has an invalid length.
[   79.215055][ T5879] overlayfs: missing 'lowerdir'
[   79.327071][ T5881] loop1: detected capacity change from 0 to 8
[   79.357144][ T5881] SQUASHFS error: zlib decompression failed, data probably corrupt
[   79.367226][ T5881] SQUASHFS error: Failed to read block 0x4de: -5
[   79.373829][ T5881] SQUASHFS error: zlib decompression failed, data probably corrupt
[   79.381807][ T5881] SQUASHFS error: Failed to read block 0x4df: -5
[   79.388409][ T5881] SQUASHFS error: zlib decompression failed, data probably corrupt
[   79.396357][ T5881] SQUASHFS error: Failed to read block 0x4e0: -5
[   79.403560][ T5881] SQUASHFS error: zlib decompression failed, data probably corrupt
[   79.411529][ T5881] SQUASHFS error: Failed to read block 0x4de: -5
[   79.427983][   T27] audit: type=1800 audit(1778609817.852:3): pid=5881 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.11" name="file1" dev="loop1" ino=5 res=0 errno=0
[   79.949544][ T5888] loop3: detected capacity change from 0 to 256
[   79.956761][ T5888] =======================================================
[   79.956761][ T5888] WARNING: The mand mount option has been deprecated and
[   79.956761][ T5888]          and is ignored by this kernel. Remove the mand
[   79.956761][ T5888]          option from the mount to silence this warning.
[   79.956761][ T5888] =======================================================
[   80.047013][ T5888] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[   80.057402][ T5888] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[   80.067504][ T5888] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[   80.078314][   T27] audit: type=1800 audit(1778609818.512:4): pid=5888 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.14" name="file1" dev="loop3" ino=1048592 res=0 errno=0
[   80.163482][ T5892] netlink: 52 bytes leftover after parsing attributes in process `syz.1.13'.
[   80.530034][ T5892] bridge0: port 2(bridge_slave_1) entered disabled state
[   80.539681][ T5892] bridge0: port 1(bridge_slave_0) entered disabled state
[   80.776714][ T5893] netlink: 52 bytes leftover after parsing attributes in process `syz.1.13'.
[   83.868187][ T5956] loop2: detected capacity change from 0 to 256
[   83.916869][ T5956] FAT-fs (loop2): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[   83.927140][ T5956] FAT-fs (loop2): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[   83.937362][ T5956] FAT-fs (loop2): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[   83.950744][   T27] audit: type=1800 audit(1778609822.382:5): pid=5956 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.26" name="file1" dev="loop2" ino=1048594 res=0 errno=0
[   84.981099][ T5977] xt_hashlimit: size too large, truncated to 1048576
[   86.100029][ T6005] loop2: detected capacity change from 0 to 1024
[   86.110769][ T6007] netlink: 20 bytes leftover after parsing attributes in process `syz.0.36'.
[   86.184956][ T5982] loop1: detected capacity change from 0 to 32768
[   86.246889][ T5982] BTRFS: device fsid 92aec1fe-fee8-4e05-92dc-790b47b871d9 devid 1 transid 8 /dev/loop1 scanned by syz.1.31 (5982)
[   87.145449][   T23] cfg80211: failed to load regulatory.db
[   87.283583][ T6019] netlink: 164 bytes leftover after parsing attributes in process `syz.0.39'.
[   87.322204][ T6019] netlink: 72 bytes leftover after parsing attributes in process `syz.0.39'.
[   87.341493][ T5982] BTRFS info (device loop1): first mount of filesystem 92aec1fe-fee8-4e05-92dc-790b47b871d9
[   87.370624][ T5982] BTRFS info (device loop1): using xxhash64 (xxhash64-generic) checksum algorithm
[   87.389502][ T5982] BTRFS info (device loop1): using free space tree
[   87.596320][ T5982] BTRFS info (device loop1): enabling ssd optimizations
[   87.648294][ T5982] BTRFS info (device loop1): auto enabling async discard
[   88.001801][ T5769] BTRFS info (device loop1): last unmount of filesystem 92aec1fe-fee8-4e05-92dc-790b47b871d9
[   89.087236][ T5759] BTRFS: device fsid 92aec1fe-fee8-4e05-92dc-790b47b871d9 devid 1 transid 9 /dev/loop1 scanned by udevd (5759)
[   89.346911][   T23] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[   89.546281][   T23] usb 1-1: Using ep0 maxpacket: 8
[   89.688567][   T23] usb 1-1: config 168 descriptor has 1 excess byte, ignoring
[   89.921032][   T23] usb 1-1: too many endpoints for config 168 interface 0 altsetting 188: 100, using maximum allowed: 30
[   90.149056][   T23] usb 1-1: config 168 interface 0 altsetting 188 endpoint 0x3 has an invalid bInterval 255, changing to 11
[   90.222061][   T23] usb 1-1: config 168 interface 0 altsetting 188 has an invalid endpoint with address 0xFF, skipping
[   90.277527][   T23] usb 1-1: config 168 interface 0 altsetting 188 has 2 endpoint descriptors, different from the interface descriptor's value: 100
[   90.320708][   T23] usb 1-1: config 168 interface 0 has no altsetting 0
[   90.346477][   T23] usb 1-1: config 168 descriptor has 1 excess byte, ignoring
[   90.354154][   T23] usb 1-1: too many endpoints for config 168 interface 0 altsetting 188: 100, using maximum allowed: 30
[   90.366501][ T6081] loop1: detected capacity change from 0 to 1024
[   90.372290][   T23] usb 1-1: config 168 interface 0 altsetting 188 endpoint 0x3 has an invalid bInterval 255, changing to 11
[   90.389445][   T23] usb 1-1: config 168 interface 0 altsetting 188 has an invalid endpoint with address 0xFF, skipping
[   90.424894][   T23] usb 1-1: config 168 interface 0 altsetting 188 has 2 endpoint descriptors, different from the interface descriptor's value: 100
[   90.455276][   T23] usb 1-1: config 168 interface 0 has no altsetting 0
[   90.468390][   T23] usb 1-1: config 168 descriptor has 1 excess byte, ignoring
[   90.495723][   T23] usb 1-1: too many endpoints for config 168 interface 0 altsetting 188: 100, using maximum allowed: 30
[   90.524338][   T23] usb 1-1: config 168 interface 0 altsetting 188 endpoint 0x3 has an invalid bInterval 255, changing to 11
[   90.551658][   T23] usb 1-1: config 168 interface 0 altsetting 188 has an invalid endpoint with address 0xFF, skipping
[   90.594705][   T23] usb 1-1: config 168 interface 0 altsetting 188 has 2 endpoint descriptors, different from the interface descriptor's value: 100
[   90.676574][   T23] usb 1-1: config 168 interface 0 has no altsetting 0
[   90.788138][   T23] usb 1-1: string descriptor 0 read error: -22
[   90.867762][   T23] usb 1-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[   91.013533][   T23] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   91.205082][   T23] adutux 1-1:168.0: interrupt endpoints not found
[   91.360981][ T6090] syzkaller0: entered promiscuous mode
[   91.377896][ T6090] syzkaller0: entered allmulticast mode
[   91.403519][ T6094] netlink: 164 bytes leftover after parsing attributes in process `syz.3.50'.
[   91.432829][   T23] usb 1-1: USB disconnect, device number 2
[   91.449283][ T6094] netlink: 72 bytes leftover after parsing attributes in process `syz.3.50'.
[   95.283467][ T6135] netlink: 164 bytes leftover after parsing attributes in process `syz.3.60'.
[   95.311630][ T6135] netlink: 72 bytes leftover after parsing attributes in process `syz.3.60'.
[   95.348002][ T5756] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[   95.587612][ T5756] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   95.604088][ T5756] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   95.618037][ T5756] usb 1-1: New USB device found, idVendor=28de, idProduct=1142, bcdDevice= 0.00
[   95.631473][ T5756] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   95.644748][ T5756] usb 1-1: config 0 descriptor??
[   96.179308][ T5756] hid-steam 0003:28DE:1142.0001: : USB HID v0.00 Device [HID 28de:1142] on usb-dummy_hcd.0-1/input0
[   96.275652][ T5756] hid-steam 0003:28DE:1142.0001: Steam wireless receiver connected
[   96.407043][ T5756] hid-steam 0003:28DE:1142.0002: hidraw0: USB HID v0.00 Device [HID 28de:1142] on usb-dummy_hcd.0-1/input0
[   96.453632][ T5756] usb 1-1: USB disconnect, device number 3
[   96.553538][ T5756] hid-steam 0003:28DE:1142.0001: Steam wireless receiver disconnected
[   96.740458][ T6144] fido_id[6144]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/report_descriptor': No such file or directory
[   97.081042][ T6146] warning: `syz.3.64' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[   97.931115][ T6162] netlink: 72 bytes leftover after parsing attributes in process `syz.3.69'.
[   98.022127][ T6165] netlink: 'syz.2.71': attribute type 1 has an invalid length.
[   98.944368][ T6178] loop2: detected capacity change from 0 to 1024
[   99.407440][ T6182] loop1: detected capacity change from 0 to 16
[   99.419117][ T6182] erofs: Unknown parameter '����0xffffffffffffffff��S2��/�b*�DOb�h�*w�R�
[   99.419117][ T6182] �߱̏�������Z+'
[  100.792189][ T6196] netlink: 'syz.0.83': attribute type 1 has an invalid length.
[  101.612654][ T6201] netlink: 'syz.2.84': attribute type 4 has an invalid length.
[  103.286011][ T6196] veth1_macvtap: entered allmulticast mode
[  103.371915][ T6214] netlink: 72 bytes leftover after parsing attributes in process `syz.3.88'.
[  103.514338][ T6216] loop0: detected capacity change from 0 to 128
[  103.829639][ T6221] loop2: detected capacity change from 0 to 1024
[  104.083527][ T6219] syz.0.90: attempt to access beyond end of device
[  104.083527][ T6219] loop0: rw=2049, sector=145, nr_sectors = 363 limit=128
[  104.832774][ T6227] loop0: detected capacity change from 0 to 512
[  104.921963][ T6227] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  104.940596][ T6227] ext4 filesystem being mounted at /24/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  105.078150][   T27] audit: type=1800 audit(1778609843.512:6): pid=6227 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm=43C7078948B8EB99AA8EBAFC7241CA name="file1" dev="loop0" ino=15 res=0 errno=0
[  105.114669][ T6237] syzkaller0: entered promiscuous mode
[  105.190832][ T5768] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  105.424516][ T6240] netlink: 'syz.3.98': attribute type 1 has an invalid length.
[  105.521794][ T6240] 8021q: adding VLAN 0 to HW filter on device bond1
[  106.458074][ T6240] bond1: entered promiscuous mode
[  106.525149][ T6240] bond1: entered allmulticast mode
[  107.207768][ T6264] netlink: 72 bytes leftover after parsing attributes in process `syz.0.103'.
[  107.332684][ T6268] loop1: detected capacity change from 0 to 1024
[  107.792088][ T6273] loop3: detected capacity change from 0 to 1024
[  109.716465][ T6288] batman_adv: batadv0: Adding interface: dummy0
[  109.722984][ T6288] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  109.748706][ T6288] batman_adv: batadv0: Interface activated: dummy0
[  109.783142][ T6288] batadv0: mtu less than device minimum
[  109.790738][ T6288] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  109.803529][ T6288] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  109.815942][ T6288] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  109.828351][ T6288] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  109.840743][ T6288] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  109.853144][ T6288] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  109.865595][ T6288] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  109.877970][ T6288] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  109.890359][ T6288] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  110.340469][ T6292] loop1: detected capacity change from 0 to 2048
[  110.451833][ T6292] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  110.506977][ T6292] ext4 filesystem being mounted at /22/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  110.666268][ T6292] fs-verity: sha512 using implementation "sha512-avx2"
[  110.752618][ T6292] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  110.885708][ T6312] loop3: detected capacity change from 0 to 1024
[  112.069916][ T6307] loop0: detected capacity change from 0 to 32768
[  112.157746][ T6311] loop2: detected capacity change from 0 to 32768
[  112.238263][ T6328] fuse: Bad value for 'fd'
[  112.302729][ T6307] XFS (loop0): DAX unsupported by block device. Turning off DAX.
[  112.555763][ T6311] JBD2: Ignoring recovery information on journal
[  112.739075][ T6307] XFS (loop0): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  113.027841][ T6311] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  113.081094][ T6307] XFS (loop0): Ending clean mount
[  113.097637][ T6307] XFS (loop0): Quotacheck needed: Please wait.
[  113.202565][ T6307] XFS (loop0): Quotacheck: Done.
[  113.305723][ T6350] netlink: 8 bytes leftover after parsing attributes in process `syz.1.128'.
[  113.335081][ T5768] XFS (loop0): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  113.419550][   T27] audit: type=1804 audit(1778609851.842:7): pid=6311 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.118" name="/newroot/30/file1/file1" dev="loop2" ino=17059 res=1 errno=0
[  113.465135][   T27] audit: type=1804 audit(1778609851.892:8): pid=6311 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.118" name="/newroot/30/file1/file1" dev="loop2" ino=17059 res=1 errno=0
[  113.533207][ T6355] loop3: detected capacity change from 0 to 1024
[  113.570958][ T6356] Zero length message leads to an empty skb
[  114.749264][ T6376] loop3: detected capacity change from 0 to 64
[  115.085810][ T6381] loop0: detected capacity change from 0 to 512
[  115.097713][ T6381] EXT4-fs: Ignoring removed orlov option
[  115.147211][ T6381] EXT4-fs (loop0): Test dummy encryption mode enabled
[  115.154073][ T6381] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  115.247351][ T6381] EXT4-fs (loop0): 1 truncate cleaned up
[  115.264318][ T6381] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  115.794021][ T6386] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000.
[  116.245234][    C0] sched: RT throttling activated
[  117.671468][ T6381] fscrypt (loop0): Missing crypto API support for AES-256-CTS-CBC (API name: "cts(cbc(aes))")
[  117.690139][ T6386] fscrypt (loop0): Missing crypto API support for AES-256-CTS-CBC (API name: "cts(cbc(aes))")
[  117.879774][ T5768] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  118.299421][ T5766] ocfs2: Unmounting device (7,2) on (node local)
[  119.270405][ T5806] usb 4-1: new full-speed USB device number 2 using dummy_hcd
[  119.503661][ T5806] usb 4-1: unable to get BOS descriptor or descriptor too short
[  119.518341][ T5806] usb 4-1: not running at top speed; connect to a high speed hub
[  119.537413][ T5806] usb 4-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[  119.567714][ T5806] usb 4-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  119.592798][ T5806] usb 4-1: config 1 interface 1 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  119.618193][ T5806] usb 4-1: New USB device found, idVendor=041e, idProduct=3048, bcdDevice= 0.40
[  119.627915][ T5806] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  119.636790][ T5806] usb 4-1: Product: syz
[  119.648252][ T5806] usb 4-1: Manufacturer: syz
[  119.655126][ T5806] usb 4-1: SerialNumber: syz
[  119.829443][ T6437] syz.2.148 (6437) used greatest stack depth: 17896 bytes left
[  122.356584][ T5806] usb 4-1: unit 13 not found!
[  122.400620][ T5806] usb 4-1: USB disconnect, device number 2
[  122.554890][ T5759] udevd[5759]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  124.625778][    T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!!
[  125.169771][ T6494] loop3: detected capacity change from 0 to 128
[  126.430702][ T6503] loop2: detected capacity change from 0 to 32768
[  126.483643][ T6503] XFS (loop2): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  126.649101][ T6503] XFS (loop2): Ending clean mount
[  126.661756][ T6503] XFS (loop2): Quotacheck needed: Please wait.
[  127.595422][    T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!!
[  128.089170][ T6503] XFS (loop2): Quotacheck: Done.
[  129.782165][ T5766] XFS (loop2): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  132.444391][ T6590] binder: 6554:6590 ioctl c01064b5 200000000280 returned -22
[  132.681103][   T27] audit: type=1326 audit(1778609871.102:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6600 comm="syz.2.199" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fe31fb9cdd9 code=0x0
[  133.058291][ T1280] ieee802154 phy0 wpan0: encryption failed: -22
[  133.067669][ T1280] ieee802154 phy1 wpan1: encryption failed: -22
[  133.986000][ T6617] netlink: 72 bytes leftover after parsing attributes in process `syz.1.204'.
[  134.692930][ T6638] loop3: detected capacity change from 0 to 512
[  134.731949][ T6638] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  134.749030][ T6636] netlink: 76 bytes leftover after parsing attributes in process `syz.0.211'.
[  134.779926][ T6638] EXT4-fs warning (device loop3): ext4_expand_extra_isize_ea:2853: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  134.800750][ T6638] EXT4-fs (loop3): 1 truncate cleaned up
[  134.824140][ T6638] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  135.018467][ T5767] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  136.203130][ T6678] netlink: 72 bytes leftover after parsing attributes in process `syz.0.223'.
[  136.294256][ T6681] syzkaller0: entered promiscuous mode
[  136.314040][ T6681] syzkaller0: entered allmulticast mode
[  136.475413][   T42] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  136.695757][   T42] usb 4-1: Using ep0 maxpacket: 8
[  136.718117][   T42] usb 4-1: config index 0 descriptor too short (expected 301, got 45)
[  136.742424][   T42] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  136.767166][   T42] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  136.804865][   T42] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  136.817411][   T42] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  136.858475][   T42] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  136.888682][   T42] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  137.155237][    T0] NOHZ tick-stop error: local softirq work is pending, handler #180!!!
[  137.225362][    T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!!
[  137.415250][    T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!!
[  137.425748][    T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!!
[  137.835350][    T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!!
[  137.865248][    T0] NOHZ tick-stop error: local softirq work is pending, handler #82!!!
[  138.125645][   T42] usb 4-1: usb_control_msg returned -32
[  138.192596][    T9] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  138.206609][   T42] usbtmc 4-1:16.0: can't read capabilities
[  138.397898][    T9] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  138.422841][    T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7
[  138.452198][    T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  138.474078][    T9] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  138.507720][    T9] usb 1-1: New USB device found, idVendor=0a07, idProduct=00d0, bcdDevice=10.13
[  138.531362][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  138.549796][    T9] usb 1-1: Product: syz
[  138.557948][    T9] usb 1-1: Manufacturer: syz
[  138.562673][    T9] usb 1-1: SerialNumber: syz
[  138.577424][    T9] usb 1-1: config 0 descriptor??
[  138.595145][    T9] adutux 1-1:0.0: interrupt endpoints not found
[  138.819067][   T42] usb 1-1: USB disconnect, device number 4
[  139.854061][ T6708] syzkaller0: entered promiscuous mode
[  139.866746][ T6708] syzkaller0: entered allmulticast mode
[  139.981997][ T1189] usb 4-1: USB disconnect, device number 3
[  140.395358][    T0] NOHZ tick-stop error: local softirq work is pending, handler #1c0!!!
[  140.946926][ T6717] netlink: 72 bytes leftover after parsing attributes in process `syz.2.236'.
[  145.337010][ T6766] netlink: 72 bytes leftover after parsing attributes in process `syz.2.252'.
[  145.390928][ T6768] netlink: 'syz.3.254': attribute type 1 has an invalid length.
[  145.456801][ T6768] 8021q: adding VLAN 0 to HW filter on device bond2
[  148.075320][    T0] NOHZ tick-stop error: local softirq work is pending, handler #1c2!!!
[  148.734322][ T5833] libceph: connect (1)[c::]:6789 error -101
[  148.752376][ T5833] libceph: mon0 (1)[c::]:6789 connect error
[  149.017679][ T5833] libceph: connect (1)[c::]:6789 error -101
[  149.023763][ T5833] libceph: mon0 (1)[c::]:6789 connect error
[  149.036100][ T6792] ceph: No mds server is up or the cluster is laggy
[  149.126174][ T6802] netlink: 'syz.3.264': attribute type 1 has an invalid length.
[  149.248171][ T6802] 8021q: adding VLAN 0 to HW filter on device bond3
[  151.275987][ T6837] netlink: 'syz.0.274': attribute type 1 has an invalid length.
[  152.162241][ T6837] 8021q: adding VLAN 0 to HW filter on device bond1
[  161.188328][ T6942] ip6t_rpfilter: unknown options
[  164.453199][ T6992] netlink: 136 bytes leftover after parsing attributes in process `syz.3.328'.
[  164.860176][ T6992] net_ratelimit: 10 callbacks suppressed
[  164.860192][ T6992] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check.
[  165.953994][ T7002] netlink: 'syz.3.331': attribute type 1 has an invalid length.
[  166.035943][ T7002] 8021q: adding VLAN 0 to HW filter on device bond4
[  170.245876][ T7051] netlink: 68 bytes leftover after parsing attributes in process `syz.3.344'.
[  174.544419][ T7129] ip6t_rpfilter: unknown options
[  176.166122][ T7167] batman_adv: batadv0: Adding interface: dummy0
[  176.188151][ T7167] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  176.273319][ T7167] batman_adv: batadv0: Interface activated: dummy0
[  176.330457][ T7167] batadv0: mtu less than device minimum
[  176.361551][ T7167] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  176.373967][ T7167] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  176.386379][ T7167] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  176.398747][ T7167] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  176.411083][ T7167] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  176.423453][ T7167] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  176.435777][ T7167] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  176.448218][ T7167] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  176.460644][ T7167] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  176.684795][ T7180] netlink: 20 bytes leftover after parsing attributes in process `syz.3.385'.
[  176.756341][ T7183] netlink: 68 bytes leftover after parsing attributes in process `syz.2.386'.
[  176.955719][   T51] Bluetooth: hci3: Ignoring connect complete event for invalid link type
[  177.082499][ T7185] udevd[7185]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[  177.123149][ T7184] udevd[7184]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[  177.584919][ T7216] netlink: 12 bytes leftover after parsing attributes in process `syz.1.398'.
[  177.598297][ T7216] netdevsim netdevsim1 netdevsim0: entered promiscuous mode
[  178.088728][ T7233] batman_adv: batadv0: Adding interface: dummy0
[  178.095056][ T7233] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  178.121248][ T7233] batman_adv: batadv0: Interface activated: dummy0
[  183.365157][ T7296] netlink: 164 bytes leftover after parsing attributes in process `syz.0.430'.
[  186.244708][ T7358] netlink: 164 bytes leftover after parsing attributes in process `syz.3.446'.
[  186.408452][ T7362] netlink: 8 bytes leftover after parsing attributes in process `syz.1.450'.
[  187.065028][ T7388] netlink: 4 bytes leftover after parsing attributes in process `syz.3.459'.
[  187.079381][ T7388] netlink: 20 bytes leftover after parsing attributes in process `syz.3.459'.
[  187.100925][ T7389] netlink: 'syz.0.460': attribute type 1 has an invalid length.
[  187.136127][ T7389] 8021q: adding VLAN 0 to HW filter on device bond2
[  187.165418][ T7389] bond2: (slave geneve2): making interface the new active one
[  187.175676][ T7389] bond2: (slave geneve2): Enslaving as an active interface with an up link
[  187.695639][ T7416] netlink: 164 bytes leftover after parsing attributes in process `syz.2.467'.
[  187.823466][ T7419] netlink: 4 bytes leftover after parsing attributes in process `syz.1.470'.
[  187.860063][ T7419] netlink: 20 bytes leftover after parsing attributes in process `syz.1.470'.
[  188.558359][ T7446] netlink: 4 bytes leftover after parsing attributes in process `syz.0.479'.
[  188.567950][ T7446] netlink: 20 bytes leftover after parsing attributes in process `syz.0.479'.
[  188.663673][ T7449] netlink: 164 bytes leftover after parsing attributes in process `syz.0.480'.
[  189.404668][ T7480] netlink: 4 bytes leftover after parsing attributes in process `syz.0.488'.
[  189.424069][ T7480] netlink: 8 bytes leftover after parsing attributes in process `syz.0.488'.
[  190.054966][ T7499] netlink: 'syz.1.496': attribute type 1 has an invalid length.
[  190.090280][ T7499] 8021q: adding VLAN 0 to HW filter on device bond1
[  190.196184][ T7505] netlink: 4 bytes leftover after parsing attributes in process `syz.0.498'.
[  190.206357][ T7505] netlink: 8 bytes leftover after parsing attributes in process `syz.0.498'.
[  190.835526][ T7537] netlink: 'syz.1.505': attribute type 1 has an invalid length.
[  190.859919][ T7541] netlink: 4 bytes leftover after parsing attributes in process `syz.3.507'.
[  190.874056][ T7541] netlink: 8 bytes leftover after parsing attributes in process `syz.3.507'.
[  190.927328][ T7537] 8021q: adding VLAN 0 to HW filter on device bond2
[  192.469806][ T7578] netlink: 4 bytes leftover after parsing attributes in process `syz.1.516'.
[  192.599686][ T7586] netlink: 'syz.0.517': attribute type 1 has an invalid length.
[  192.636042][ T7586] 8021q: adding VLAN 0 to HW filter on device bond3
[  193.701895][ T7623] netlink: 4 bytes leftover after parsing attributes in process `syz.0.527'.
[  194.517936][ T1280] ieee802154 phy0 wpan0: encryption failed: -22
[  194.524294][ T1280] ieee802154 phy1 wpan1: encryption failed: -22
[  194.576770][ T7662] netlink: 4 bytes leftover after parsing attributes in process `syz.0.537'.
[  195.217926][ T5772] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[  195.227625][ T5772] Bluetooth: hci2: Injecting HCI hardware error event
[  195.982182][ T7706] netlink: 4 bytes leftover after parsing attributes in process `syz.1.549'.
[  196.568375][ T5772] Bluetooth: hci2: command 0x0406 tx timeout
[  196.574614][ T5780] Bluetooth: hci3: command 0x0406 tx timeout
[  196.580830][ T5775] Bluetooth: hci0: command 0x0406 tx timeout
[  196.586862][ T5778] Bluetooth: hci1: command 0x0406 tx timeout
[  196.642386][ T5779] Bluetooth: hci2: hardware error 0x00
[  196.809408][ T7744] netlink: 4 bytes leftover after parsing attributes in process `syz.2.562'.
[  197.954137][ T7767] netlink: 4 bytes leftover after parsing attributes in process `syz.0.572'.
[  199.291893][ T5779] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[  200.494648][ T7801] netlink: 4 bytes leftover after parsing attributes in process `syz.3.582'.
[  201.355628][ T7815] netlink: 20 bytes leftover after parsing attributes in process `syz.2.586'.
[  202.834540][ T7842] netlink: 4 bytes leftover after parsing attributes in process `syz.3.591'.
[  203.866356][ T7855] overlayfs: failed to clone lowerpath
[  204.887971][ T7867] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  208.040075][ T7885] net_ratelimit: 30 callbacks suppressed
[  208.040089][ T7885] batman_adv: batadv0: Local translation table size (116) exceeds maximum packet size (-320); Ignoring new local tt entry: 80:00:00:00:00:85
[  213.365415][ T5779] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0
[  213.375061][ T5779] Bluetooth: hci3: Injecting HCI hardware error event
[  213.383381][ T5082] Bluetooth: hci3: hardware error 0x00
[  213.922202][ T7943] batman_adv: batadv0: Local translation table size (116) exceeds maximum packet size (-320); Ignoring new local tt entry: 80:00:00:00:00:85
[  215.635352][ T5082] Bluetooth: hci3: Opcode 0x0c03 failed: -110
[  217.790615][ T7996] ceph: No mds server is up or the cluster is laggy
[  217.797606][   T42] libceph: connect (1)[c::]:6789 error -101
[  217.806949][   T42] libceph: mon0 (1)[c::]:6789 connect error
[  218.810589][ T8004] ip6t_rpfilter: unknown options
[  222.478551][ T5082] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci0/hci0:201'
[  222.489298][ T5082] CPU: 1 PID: 5082 Comm: kworker/u5:1 Not tainted syzkaller #0
[  222.496876][ T5082] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  222.506962][ T5082] Workqueue: hci0 hci_rx_work
[  222.511711][ T5082] Call Trace:
[  222.515009][ T5082]  <TASK>
[  222.517951][ T5082]  dump_stack_lvl+0x18c/0x250
[  222.522630][ T5082]  ? show_regs_print_info+0x20/0x20
[  222.527828][ T5082]  ? load_image+0x420/0x420
[  222.532330][ T5082]  sysfs_create_dir_ns+0x26e/0x2a0
[  222.537429][ T5082]  ? sysfs_warn_dup+0xa0/0xa0
[  222.542095][ T5082]  ? do_raw_spin_unlock+0x121/0x230
[  222.547288][ T5082]  kobject_add_internal+0x61c/0xcc0
[  222.552512][ T5082]  kobject_add+0x164/0x240
[  222.556930][ T5082]  ? __rwlock_init+0x150/0x150
[  222.561684][ T5082]  ? kobject_init+0x1e0/0x1e0
[  222.566348][ T5082]  ? _raw_spin_unlock+0x28/0x40
[  222.571189][ T5082]  ? get_device_parent+0x366/0x390
[  222.576300][ T5082]  device_add+0x408/0xc20
[  222.580625][ T5082]  hci_conn_add_sysfs+0xd5/0x1e0
[  222.585552][ T5082]  le_conn_complete_evt+0xf5d/0x1540
[  222.590828][ T5082]  ? hci_event_packet+0x4cb/0x1270
[  222.595931][ T5082]  ? hci_le_big_info_adv_report_evt+0x910/0x910
[  222.602162][ T5082]  ? __mutex_unlock_slowpath+0x1b4/0x6c0
[  222.607787][ T5082]  ? skb_pull_data+0xfb/0x200
[  222.612458][ T5082]  hci_le_conn_complete_evt+0x187/0x440
[  222.617998][ T5082]  ? hci_remote_host_features_evt+0x150/0x150
[  222.624060][ T5082]  hci_event_packet+0x7ba/0x1270
[  222.628994][ T5082]  ? bis_list+0x290/0x290
[  222.633314][ T5082]  ? lockdep_hardirqs_on+0x98/0x150
[  222.638502][ T5082]  ? hci_send_to_monitor+0xd7/0x4f0
[  222.643690][ T5082]  hci_rx_work+0x43a/0xd60
[  222.648129][ T5082]  ? process_scheduled_works+0x96f/0x15d0
[  222.653849][ T5082]  process_scheduled_works+0xa5d/0x15d0
[  222.659409][ T5082]  ? worker_attach_to_pool+0x380/0x380
[  222.664873][ T5082]  ? assign_work+0x3d2/0x5d0
[  222.669463][ T5082]  worker_thread+0xa55/0xfc0
[  222.674054][ T5082]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[  222.679945][ T5082]  ? _raw_spin_unlock+0x40/0x40
[  222.684789][ T5082]  ? _raw_spin_unlock_irqrestore+0x86/0x120
[  222.690690][ T5082]  kthread+0x2fa/0x390
[  222.694751][ T5082]  ? pr_cont_work+0x560/0x560
[  222.699460][ T5082]  ? kthread_blkcg+0xd0/0xd0
[  222.704162][ T5082]  ret_from_fork+0x48/0x80
[  222.708597][ T5082]  ? kthread_blkcg+0xd0/0xd0
[  222.713199][ T5082]  ret_from_fork_asm+0x11/0x20
[  222.717988][ T5082]  </TASK>
[  222.725578][ T5082] kobject: kobject_add_internal failed for hci0:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  222.741199][ T5082] Bluetooth: hci0: failed to register connection device
[  230.892817][ T8122] netlink: 52 bytes leftover after parsing attributes in process `syz.2.684'.
[  239.165804][ T8260] ceph: No mds server is up or the cluster is laggy
[  239.180580][ T5834] libceph: connect (1)[c::]:6789 error -101
[  239.222688][ T5834] libceph: mon0 (1)[c::]:6789 connect error
[  241.215651][ T8295] ceph: No mds server is up or the cluster is laggy
[  241.223750][    T8] libceph: connect (1)[c::]:6789 error -101
[  241.240594][    T8] libceph: mon0 (1)[c::]:6789 connect error
[  244.746126][ T8350] batman_adv: batadv0: Interface deactivated: dummy0
[  244.752891][ T8350] batman_adv: batadv0: Removing interface: dummy0
[  246.857718][ T8374] overlayfs: missing 'lowerdir'
[  248.020472][ T8385] batman_adv: batadv0: Interface deactivated: dummy0
[  248.028096][ T8385] batman_adv: batadv0: Removing interface: dummy0
[  251.641431][ T8438] netlink: 4 bytes leftover after parsing attributes in process `syz.3.767'.
[  251.737358][ T8437] netlink: 28 bytes leftover after parsing attributes in process `syz.1.768'.
[  255.692290][ T8473] netlink: 28 bytes leftover after parsing attributes in process `syz.2.778'.
[  255.931953][ T1280] ieee802154 phy0 wpan0: encryption failed: -22
[  255.942975][ T1280] ieee802154 phy1 wpan1: encryption failed: -22
[  258.986662][ T8507] netlink: 'syz.3.789': attribute type 10 has an invalid length.
[  262.133054][ T8541] overlayfs: missing 'lowerdir'
[  265.261541][ T8565] netlink: 'syz.1.806': attribute type 10 has an invalid length.
[  265.314334][ T8565] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  267.521004][ T8595] overlayfs: missing 'lowerdir'
[  267.675049][ T8601] netlink: 8 bytes leftover after parsing attributes in process `syz.1.814'.
[  267.705752][ T8601] netlink: 4 bytes leftover after parsing attributes in process `syz.1.814'.
[  267.826113][ T8601] 8021q: adding VLAN 0 to HW filter on device bond0
[  267.856314][ T8601] bond3: (slave bond0): making interface the new active one
[  267.865052][ T8601] bond3: (slave bond0): Enslaving as an active interface with an up link
[  268.725757][ T8599] netlink: 'syz.1.814': attribute type 4 has an invalid length.
[  268.733983][ T8599] netlink: 152 bytes leftover after parsing attributes in process `syz.1.814'.
[  268.777388][ T8599] .`: renamed from bond0 (while UP)
[  271.461858][ T5756] IPVS: starting estimator thread 0...
[  271.595568][ T8645] IPVS: using max 22 ests per chain, 52800 per kthread
[  277.830978][ T8754] capability: warning: `syz.0.864' uses 32-bit capabilities (legacy support in use)
[  280.752024][ T8788] overlayfs: missing 'lowerdir'
[  284.459507][ T8826] team0: entered promiscuous mode
[  284.464599][ T8826] team_slave_0: entered promiscuous mode
[  284.490892][ T8826] team_slave_1: entered promiscuous mode
[  285.817767][ T8852] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  285.870644][ T8852] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  295.505036][ T8966] overlayfs: failed to clone upperpath
[  297.335076][    T8] libceph: connect (1)[c::]:6789 error -101
[  297.373641][    T8] libceph: mon0 (1)[c::]:6789 connect error
[  297.479177][    T8] libceph: connect (1)[c::]:6789 error -101
[  297.561846][    T8] libceph: mon0 (1)[c::]:6789 connect error
[  297.969151][ T9001] ceph: No mds server is up or the cluster is laggy
[  298.132468][  T787] libceph: connect (1)[c::]:6789 error -101
[  298.139527][  T787] libceph: mon0 (1)[c::]:6789 connect error
[  302.070416][  T787] libceph: connect (1)[c::]:6789 error -101
[  302.095774][  T787] libceph: mon0 (1)[c::]:6789 connect error
[  302.204548][ T9074] overlayfs: failed to clone upperpath
[  302.364246][ T9079] netlink: 'syz.1.967': attribute type 1 has an invalid length.
[  302.387688][  T787] libceph: connect (1)[c::]:6789 error -101
[  302.393767][  T787] libceph: mon0 (1)[c::]:6789 connect error
[  302.418387][ T9079] 8021q: adding VLAN 0 to HW filter on device bond0
[  302.445966][ T9082] bond0: (slave veth0_to_bond): Enslaving as an active interface with an up link
[  302.480092][ T9079] bond0: entered promiscuous mode
[  302.488440][ T9079] veth0_to_bond: entered promiscuous mode
[  302.496016][ T9079] bond0: entered allmulticast mode
[  302.501246][ T9079] veth0_to_bond: entered allmulticast mode
[  302.877236][ T9060] ceph: No mds server is up or the cluster is laggy
[  305.762294][    T8] libceph: connect (1)[c::]:6789 error -101
[  305.792648][    T8] libceph: mon0 (1)[c::]:6789 connect error
[  306.224308][  T787] libceph: connect (1)[c::]:6789 error -101
[  306.230386][  T787] libceph: mon0 (1)[c::]:6789 connect error
[  306.521888][ T9120] ceph: No mds server is up or the cluster is laggy
[  307.995593][ T9150] netlink: 68 bytes leftover after parsing attributes in process `syz.3.985'.
[  308.146298][ T9152] netlink: 12 bytes leftover after parsing attributes in process `syz.1.986'.
[  308.672359][  T787] libceph: connect (1)[c::]:6789 error -101
[  308.692301][  T787] libceph: mon0 (1)[c::]:6789 connect error
[  309.292252][  T787] libceph: connect (1)[c::]:6789 error -101
[  309.298351][  T787] libceph: mon0 (1)[c::]:6789 connect error
[  309.316612][ T9167] ceph: No mds server is up or the cluster is laggy
[  309.342119][ T9180] sctp: failed to load transform for md5: -2
[  310.278630][    C0] Unknown status report in ack skb
[  310.370709][ T5834] libceph: connect (1)[c::]:6789 error -101
[  310.376801][ T5834] libceph: mon0 (1)[c::]:6789 connect error
[  310.701296][  T787] libceph: connect (1)[c::]:6789 error -101
[  310.717967][  T787] libceph: mon0 (1)[c::]:6789 connect error
[  311.199276][ T9223] ceph: No mds server is up or the cluster is laggy
[  312.989529][ T5833] libceph: connect (1)[c::]:6789 error -101
[  312.995620][ T5833] libceph: mon0 (1)[c::]:6789 connect error
[  313.319517][ T5833] libceph: connect (1)[c::]:6789 error -101
[  313.338801][ T5833] libceph: mon0 (1)[c::]:6789 connect error
[  314.493166][   T42] libceph: connect (1)[c::]:6789 error -101
[  314.542506][ T9273] ceph: No mds server is up or the cluster is laggy
[  314.566121][   T42] libceph: mon0 (1)[c::]:6789 connect error
[  316.220546][ T1189] libceph: connect (1)[c::]:6789 error -101
[  316.226769][ T1189] libceph: mon0 (1)[c::]:6789 connect error
[  316.506962][ T1189] libceph: connect (1)[c::]:6789 error -101
[  316.888204][ T1189] libceph: mon0 (1)[c::]:6789 connect error
[  317.097065][ T9332] ceph: No mds server is up or the cluster is laggy
[  317.936029][ T9356] bridge0: port 2(bridge_slave_1) entered disabled state
[  317.944677][ T9356] bridge0: port 1(bridge_slave_0) entered disabled state
[  318.131205][ T9384] 9pnet_fd: Insufficient options for proto=fd
[  318.443186][ T1189] libceph: connect (1)[c::]:6789 error -101
[  318.455697][ T1189] libceph: mon0 (1)[c::]:6789 connect error
[  318.455744][ T1280] ieee802154 phy0 wpan0: encryption failed: -22
[  318.468302][ T1280] ieee802154 phy1 wpan1: encryption failed: -22
[  318.504987][ T9356] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  318.560171][ T9356] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  318.771508][ T1189] libceph: connect (1)[c::]:6789 error -101
[  318.777765][ T1189] libceph: mon0 (1)[c::]:6789 connect error
[  319.094988][ T9356] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  319.104375][ T9356] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  319.113796][ T9356] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  319.122876][ T9356] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  319.309709][ T9392] ceph: No mds server is up or the cluster is laggy
[  319.325233][ T1189] libceph: connect (1)[c::]:6789 error -101
[  319.346419][ T1189] libceph: mon0 (1)[c::]:6789 connect error
[  320.252192][ T9440] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1066'.
[  320.268430][ T9440] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1066'.
[  320.301253][ T9440] netlink: 'syz.3.1066': attribute type 4 has an invalid length.
[  320.322812][ T9440] netlink: 152 bytes leftover after parsing attributes in process `syz.3.1066'.
[  320.348614][ T9440] .`: renamed from bond0
[  321.335358][ T9447] lo speed is unknown, defaulting to 1000
[  321.342008][ T9447] lo speed is unknown, defaulting to 1000
[  321.348497][ T9447] lo speed is unknown, defaulting to 1000
[  321.364467][ T9447] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  321.407386][ T9447] lo speed is unknown, defaulting to 1000
[  321.426284][ T9447] lo speed is unknown, defaulting to 1000
[  321.442117][ T9447] lo speed is unknown, defaulting to 1000
[  321.461273][ T9447] lo speed is unknown, defaulting to 1000
[  321.509056][ T9462] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1071'.
[  322.484958][ T9482] overlayfs: missing 'lowerdir'
[  323.874655][ T9512] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1085'.
[  323.943106][ T9512] netlink: 'syz.3.1085': attribute type 4 has an invalid length.
[  324.008932][ T9512] netlink: 152 bytes leftover after parsing attributes in process `syz.3.1085'.
[  326.090482][ T9551] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1095'.
[  326.109289][ T9551] netlink: 'syz.3.1095': attribute type 4 has an invalid length.
[  326.128609][ T9551] netlink: 152 bytes leftover after parsing attributes in process `syz.3.1095'.
[  326.782020][ T9574] autofs4:pid:9574:autofs_fill_super: called with bogus options
[  326.959372][    C1] ------------[ cut here ]------------
[  326.964930][    C1] WARNING: CPU: 1 PID: 9570 at net/mac80211/tx.c:5033 __ieee80211_beacon_get+0x1233/0x1600
[  326.974961][    C1] Modules linked in:
[  326.978941][    C1] CPU: 1 PID: 9570 Comm: syz.2.1103 Not tainted syzkaller #0
[  326.986351][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  326.996433][    C1] RIP: 0010:__ieee80211_beacon_get+0x1233/0x1600
[  327.002817][    C1] Code: 24 4c 89 e7 e8 fe 74 c0 f7 45 31 f6 4c 8b bc 24 a0 00 00 00 e9 7a fe ff ff e8 f9 b2 82 f7 0f 0b e9 f6 f7 ff ff e8 ed b2 82 f7 <0f> 0b e9 48 fb ff ff e8 e1 b2 82 f7 48 c7 c7 20 89 64 8e 4c 89 e6
[  327.022514][    C1] RSP: 0018:ffffc900001f0a18 EFLAGS: 00010246
[  327.028625][    C1] RAX: ffffffff8a046f13 RBX: ffffffff8a045d16 RCX: ffff888059db5a00
[  327.036683][    C1] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000000
[  327.044706][    C1] RBP: 0000000000000000 R08: ffff888059db5a00 R09: 0000000000000003
[  327.052729][    C1] R10: 0000000000000007 R11: 0000000000000100 R12: ffff88805c7fa3c0
[  327.060732][    C1] R13: dffffc0000000000 R14: ffff88805c7fa8b0 R15: ffff8880268f0c24
[  327.068764][    C1] FS:  00007fe320b2c6c0(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000
[  327.077749][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  327.084375][    C1] CR2: 00007fa8d09424c0 CR3: 000000006e8a3000 CR4: 00000000003506e0
[  327.092375][    C1] Call Trace:
[  327.095694][    C1]  <IRQ>
[  327.098557][    C1]  ? __ieee80211_beacon_get+0x36/0x1600
[  327.104171][    C1]  ieee80211_beacon_get_tim+0xbf/0x580
[  327.109662][    C1]  ? ieee80211_beacon_get_template_ema_list+0x90/0x90
[  327.116503][    C1]  mac80211_hwsim_beacon_tx+0x3c7/0x780
[  327.122110][    C1]  __iterate_interfaces+0x243/0x500
[  327.127383][    C1]  ? mac80211_hwsim_vendor_cmd_test+0x2f0/0x2f0
[  327.133667][    C1]  ? ieee80211_iterate_active_interfaces_atomic+0x2a/0x180
[  327.141027][    C1]  ? mac80211_hwsim_vendor_cmd_test+0x2f0/0x2f0
[  327.147412][    C1]  ieee80211_iterate_active_interfaces_atomic+0xdb/0x180
[  327.154474][    C1]  mac80211_hwsim_beacon+0xbb/0x1b0
[  327.159724][    C1]  __hrtimer_run_queues+0x520/0xc40
[  327.164941][    C1]  ? ktime_get_update_offsets_now+0x99/0x3f0
[  327.170973][    C1]  ? hw_scan_work+0xf60/0xf60
[  327.175679][    C1]  ? hrtimer_interrupt+0x9c0/0x9c0
[  327.180932][    C1]  ? ktime_get_update_offsets_now+0x3d2/0x3f0
[  327.187039][    C1]  hrtimer_run_softirq+0x187/0x2b0
[  327.192208][    C1]  handle_softirqs+0x280/0x820
[  327.196998][    C1]  ? __irq_exit_rcu+0xd3/0x190
[  327.201810][    C1]  ? do_softirq+0x1a0/0x1a0
[  327.206340][    C1]  __irq_exit_rcu+0xd3/0x190
[  327.210971][    C1]  ? irq_exit_rcu+0x20/0x20
[  327.215504][    C1]  irq_exit_rcu+0x9/0x20
[  327.219761][    C1]  sysvec_apic_timer_interrupt+0xa4/0xc0
[  327.225447][    C1]  </IRQ>
[  327.228395][    C1]  <TASK>
[  327.231335][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  327.237362][    C1] RIP: 0010:lock_release+0x594/0x8c0
[  327.242706][    C1] Code: 00 00 00 f7 84 24 80 00 00 00 00 02 00 00 43 c6 44 2f 04 f8 75 70 f7 44 24 50 00 02 00 00 74 01 fb 48 c7 44 24 60 0e 36 e0 45 <4b> c7 04 2f 00 00 00 00 43 c7 44 2f 08 00 00 00 00 65 48 8b 04 25
[  327.262360][    C1] RSP: 0018:ffffc9000368f500 EFLAGS: 00000206
[  327.268479][    C1] RAX: 0000000000000001 RBX: ffffffffffffffff RCX: 66296bb86e005500
[  327.276493][    C1] RDX: 0000000000000000 RSI: ffffffff8acadb60 RDI: ffffffff8b1c8fa0
[  327.284480][    C1] RBP: ffffc9000368f610 R08: ffffffff8e8b19af R09: 1ffffffff1d16335
[  327.292497][    C1] R10: dffffc0000000000 R11: fffffbfff1d16336 R12: ffff888059db64e0
[  327.300520][    C1] R13: dffffc0000000000 R14: ffff888059db64d0 R15: 1ffff920006d1eac
[  327.308563][    C1]  ? sk_filter_trim_cap+0x18a/0x900
[  327.313791][    C1]  ? __lock_acquire+0x7d40/0x7d40
[  327.318875][    C1]  sk_filter_trim_cap+0x5b0/0x900
[  327.323920][    C1]  ? unix_wait_for_peer+0x23c/0x2f0
[  327.329160][    C1]  ? unix_find_other+0x8d0/0x8d0
[  327.334116][    C1]  ? sk_filter_trim_cap+0x18a/0x900
[  327.339355][    C1]  ? copy_bpf_fprog_from_user+0x2d0/0x2d0
[  327.345098][    C1]  ? __rwlock_init+0x150/0x150
[  327.349904][    C1]  ? skb_copy_datagram_from_iter+0x635/0x6e0
[  327.355920][    C1]  unix_dgram_sendmsg+0x942/0x16d0
[  327.361099][    C1]  ? unix_dgram_poll+0x680/0x680
[  327.366054][    C1]  ? tomoyo_socket_sendmsg_permission+0x1e1/0x2f0
[  327.372513][    C1]  ? aa_sock_msg_perm+0x94/0x150
[  327.377476][    C1]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  327.382806][    C1]  ? security_socket_sendmsg+0x80/0xa0
[  327.388283][    C1]  ? unix_dgram_poll+0x680/0x680
[  327.393261][    C1]  ____sys_sendmsg+0x5ba/0x960
[  327.398053][    C1]  ? __asan_memset+0x22/0x40
[  327.402680][    C1]  ? __sys_sendmsg_sock+0x30/0x30
[  327.407851][    C1]  ? __import_iovec+0x3fa/0x850
[  327.412730][    C1]  ? import_iovec+0x73/0xa0
[  327.417277][    C1]  ___sys_sendmsg+0x2a6/0x360
[  327.421980][    C1]  ? __sys_sendmsg+0x2a0/0x2a0
[  327.426829][    C1]  ? __might_fault+0xc6/0x120
[  327.431522][    C1]  ? __might_fault+0xaa/0x120
[  327.436246][    C1]  __sys_sendmmsg+0x2ca/0x510
[  327.440948][    C1]  ? __ia32_sys_sendmsg+0x90/0x90
[  327.446111][    C1]  ? __ia32_sys_get_robust_list+0x110/0x110
[  327.452044][    C1]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  327.458072][    C1]  ? lock_chain_count+0x20/0x20
[  327.462950][    C1]  __x64_sys_sendmmsg+0xa0/0xb0
[  327.467851][    C1]  do_syscall_64+0x55/0xa0
[  327.472289][    C1]  ? clear_bhb_loop+0x40/0x90
[  327.477089][    C1]  ? clear_bhb_loop+0x40/0x90
[  327.481848][    C1]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  327.487783][    C1] RIP: 0033:0x7fe31fb9cdd9
[  327.492258][    C1] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  327.511923][    C1] RSP: 002b:00007fe320b2c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  327.520376][    C1] RAX: ffffffffffffffda RBX: 00007fe31fe15fa0 RCX: 00007fe31fb9cdd9
[  327.528399][    C1] RDX: 0400000000000041 RSI: 0000200000000000 RDI: 0000000000000005
[  327.536421][    C1] RBP: 00007fe31fc32d69 R08: 0000000000000000 R09: 0000000000000000
[  327.544440][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  327.552455][    C1] R13: 00007fe31fe16038 R14: 00007fe31fe15fa0 R15: 00007ffc997bbc88
[  327.560522][    C1]  </TASK>
[  327.563590][    C1] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  327.570879][    C1] CPU: 1 PID: 9570 Comm: syz.2.1103 Not tainted syzkaller #0
[  327.578261][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  327.588329][    C1] Call Trace:
[  327.591616][    C1]  <IRQ>
[  327.594473][    C1]  dump_stack_lvl+0x18c/0x250
[  327.599185][    C1]  ? show_regs_print_info+0x20/0x20
[  327.604409][    C1]  ? load_image+0x420/0x420
[  327.608940][    C1]  panic+0x2dc/0x730
[  327.612879][    C1]  ? bpf_jit_dump+0xd0/0xd0
[  327.617416][    C1]  __warn+0x2e0/0x470
[  327.621412][    C1]  ? __ieee80211_beacon_get+0x1233/0x1600
[  327.627152][    C1]  ? __ieee80211_beacon_get+0x1233/0x1600
[  327.632977][    C1]  report_bug+0x2be/0x4f0
[  327.637317][    C1]  ? __ieee80211_beacon_get+0x1233/0x1600
[  327.643055][    C1]  ? __ieee80211_beacon_get+0x1233/0x1600
[  327.648801][    C1]  ? __ieee80211_beacon_get+0x1235/0x1600
[  327.654553][    C1]  handle_bug+0xcf/0x120
[  327.658905][    C1]  exc_invalid_op+0x1a/0x50
[  327.663539][    C1]  asm_exc_invalid_op+0x1a/0x20
[  327.668422][    C1] RIP: 0010:__ieee80211_beacon_get+0x1233/0x1600
[  327.674779][    C1] Code: 24 4c 89 e7 e8 fe 74 c0 f7 45 31 f6 4c 8b bc 24 a0 00 00 00 e9 7a fe ff ff e8 f9 b2 82 f7 0f 0b e9 f6 f7 ff ff e8 ed b2 82 f7 <0f> 0b e9 48 fb ff ff e8 e1 b2 82 f7 48 c7 c7 20 89 64 8e 4c 89 e6
[  327.694425][    C1] RSP: 0018:ffffc900001f0a18 EFLAGS: 00010246
[  327.700511][    C1] RAX: ffffffff8a046f13 RBX: ffffffff8a045d16 RCX: ffff888059db5a00
[  327.708494][    C1] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000000
[  327.716476][    C1] RBP: 0000000000000000 R08: ffff888059db5a00 R09: 0000000000000003
[  327.724457][    C1] R10: 0000000000000007 R11: 0000000000000100 R12: ffff88805c7fa3c0
[  327.732441][    C1] R13: dffffc0000000000 R14: ffff88805c7fa8b0 R15: ffff8880268f0c24
[  327.740430][    C1]  ? __ieee80211_beacon_get+0x36/0x1600
[  327.745999][    C1]  ? __ieee80211_beacon_get+0x1233/0x1600
[  327.751748][    C1]  ? __ieee80211_beacon_get+0x1233/0x1600
[  327.757487][    C1]  ? __ieee80211_beacon_get+0x36/0x1600
[  327.763086][    C1]  ieee80211_beacon_get_tim+0xbf/0x580
[  327.768587][    C1]  ? ieee80211_beacon_get_template_ema_list+0x90/0x90
[  327.775465][    C1]  mac80211_hwsim_beacon_tx+0x3c7/0x780
[  327.781076][    C1]  __iterate_interfaces+0x243/0x500
[  327.786282][    C1]  ? mac80211_hwsim_vendor_cmd_test+0x2f0/0x2f0
[  327.792530][    C1]  ? ieee80211_iterate_active_interfaces_atomic+0x2a/0x180
[  327.800514][    C1]  ? mac80211_hwsim_vendor_cmd_test+0x2f0/0x2f0
[  327.806751][    C1]  ieee80211_iterate_active_interfaces_atomic+0xdb/0x180
[  327.813784][    C1]  mac80211_hwsim_beacon+0xbb/0x1b0
[  327.818976][    C1]  __hrtimer_run_queues+0x520/0xc40
[  327.824171][    C1]  ? ktime_get_update_offsets_now+0x99/0x3f0
[  327.830151][    C1]  ? hw_scan_work+0xf60/0xf60
[  327.834829][    C1]  ? hrtimer_interrupt+0x9c0/0x9c0
[  327.839934][    C1]  ? ktime_get_update_offsets_now+0x3d2/0x3f0
[  327.846021][    C1]  hrtimer_run_softirq+0x187/0x2b0
[  327.851158][    C1]  handle_softirqs+0x280/0x820
[  327.855925][    C1]  ? __irq_exit_rcu+0xd3/0x190
[  327.860687][    C1]  ? do_softirq+0x1a0/0x1a0
[  327.865194][    C1]  __irq_exit_rcu+0xd3/0x190
[  327.869778][    C1]  ? irq_exit_rcu+0x20/0x20
[  327.874277][    C1]  irq_exit_rcu+0x9/0x20
[  327.878507][    C1]  sysvec_apic_timer_interrupt+0xa4/0xc0
[  327.884133][    C1]  </IRQ>
[  327.887052][    C1]  <TASK>
[  327.889971][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  327.895945][    C1] RIP: 0010:lock_release+0x594/0x8c0
[  327.901228][    C1] Code: 00 00 00 f7 84 24 80 00 00 00 00 02 00 00 43 c6 44 2f 04 f8 75 70 f7 44 24 50 00 02 00 00 74 01 fb 48 c7 44 24 60 0e 36 e0 45 <4b> c7 04 2f 00 00 00 00 43 c7 44 2f 08 00 00 00 00 65 48 8b 04 25
[  327.920827][    C1] RSP: 0018:ffffc9000368f500 EFLAGS: 00000206
[  327.926888][    C1] RAX: 0000000000000001 RBX: ffffffffffffffff RCX: 66296bb86e005500
[  327.934851][    C1] RDX: 0000000000000000 RSI: ffffffff8acadb60 RDI: ffffffff8b1c8fa0
[  327.942814][    C1] RBP: ffffc9000368f610 R08: ffffffff8e8b19af R09: 1ffffffff1d16335
[  327.950953][    C1] R10: dffffc0000000000 R11: fffffbfff1d16336 R12: ffff888059db64e0
[  327.958919][    C1] R13: dffffc0000000000 R14: ffff888059db64d0 R15: 1ffff920006d1eac
[  327.966902][    C1]  ? sk_filter_trim_cap+0x18a/0x900
[  327.972099][    C1]  ? __lock_acquire+0x7d40/0x7d40
[  327.977126][    C1]  sk_filter_trim_cap+0x5b0/0x900
[  327.982145][    C1]  ? unix_wait_for_peer+0x23c/0x2f0
[  327.987342][    C1]  ? unix_find_other+0x8d0/0x8d0
[  327.992268][    C1]  ? sk_filter_trim_cap+0x18a/0x900
[  327.997461][    C1]  ? copy_bpf_fprog_from_user+0x2d0/0x2d0
[  328.003174][    C1]  ? __rwlock_init+0x150/0x150
[  328.007935][    C1]  ? skb_copy_datagram_from_iter+0x635/0x6e0
[  328.013919][    C1]  unix_dgram_sendmsg+0x942/0x16d0
[  328.019039][    C1]  ? unix_dgram_poll+0x680/0x680
[  328.023967][    C1]  ? tomoyo_socket_sendmsg_permission+0x1e1/0x2f0
[  328.030380][    C1]  ? aa_sock_msg_perm+0x94/0x150
[  328.035312][    C1]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  328.040593][    C1]  ? security_socket_sendmsg+0x80/0xa0
[  328.046059][    C1]  ? unix_dgram_poll+0x680/0x680
[  328.051053][    C1]  ____sys_sendmsg+0x5ba/0x960
[  328.055818][    C1]  ? __asan_memset+0x22/0x40
[  328.060405][    C1]  ? __sys_sendmsg_sock+0x30/0x30
[  328.065422][    C1]  ? __import_iovec+0x3fa/0x850
[  328.070270][    C1]  ? import_iovec+0x73/0xa0
[  328.074767][    C1]  ___sys_sendmsg+0x2a6/0x360
[  328.079445][    C1]  ? __sys_sendmsg+0x2a0/0x2a0
[  328.084229][    C1]  ? __might_fault+0xc6/0x120
[  328.088895][    C1]  ? __might_fault+0xaa/0x120
[  328.093564][    C1]  __sys_sendmmsg+0x2ca/0x510
[  328.098239][    C1]  ? __ia32_sys_sendmsg+0x90/0x90
[  328.103267][    C1]  ? __ia32_sys_get_robust_list+0x110/0x110
[  328.109161][    C1]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  328.115144][    C1]  ? lock_chain_count+0x20/0x20
[  328.120003][    C1]  __x64_sys_sendmmsg+0xa0/0xb0
[  328.124853][    C1]  do_syscall_64+0x55/0xa0
[  328.129263][    C1]  ? clear_bhb_loop+0x40/0x90
[  328.133937][    C1]  ? clear_bhb_loop+0x40/0x90
[  328.138609][    C1]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  328.144594][    C1] RIP: 0033:0x7fe31fb9cdd9
[  328.149003][    C1] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  328.168692][    C1] RSP: 002b:00007fe320b2c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  328.177189][    C1] RAX: ffffffffffffffda RBX: 00007fe31fe15fa0 RCX: 00007fe31fb9cdd9
[  328.185156][    C1] RDX: 0400000000000041 RSI: 0000200000000000 RDI: 0000000000000005
[  328.193211][    C1] RBP: 00007fe31fc32d69 R08: 0000000000000000 R09: 0000000000000000
[  328.201177][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  328.209138][    C1] R13: 00007fe31fe16038 R14: 00007fe31fe15fa0 R15: 00007ffc997bbc88
[  328.217121][    C1]  </TASK>
[  328.220478][    C1] Kernel Offset: disabled
[  328.224830][    C1] Rebooting in 86400 seconds..