last executing test programs:

7.934100143s ago: executing program 3 (id=1891):
r0 = socket$netlink(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000440)={0x34, r1, 0x1, 0x8000, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0)

3.801821019s ago: executing program 2 (id=2005):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r1, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r1, 0x6, 0x14, &(0x7f0000000140)=0x2, 0x4)
connect$inet(r1, &(0x7f0000000100)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0xe}}, 0x57)
setsockopt$inet_tcp_int(r1, 0x6, 0x19, &(0x7f0000000000)=0x3, 0x4)
sendto$inet(r1, &(0x7f00000002c0)="ab", 0x1, 0x4000805, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x1, 0x4, &(0x7f00000000c0)=@framed={{}, [@jmp={0x5, 0x1, 0xb}]}, &(0x7f0000000040)='GPL\x00'}, 0x94)
sendmsg$nl_generic(r0, 0x0, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x2400, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000400)=@newqdisc={0x3c, 0x24, 0x3fe3aa0262d8c583, 0x70bd2c, 0x0, {0x0, 0x0, 0x0, r5, {0x0, 0xf}, {0xffff, 0xffff}, {0xfff1}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0xc, 0x8002, [@TCA_FQ_PIE_LIMIT={0x8, 0x3f, 0x7fffffff}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x2}, 0x2000400c)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$IPSET_CMD_PROTOCOL(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000280)=ANY=[], 0x24}, 0x1, 0x0, 0x0, 0x80}, 0x4000000)
syz_genetlink_get_family_id$team(&(0x7f0000000040), r0)
r6 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r6, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000380)=[{&(0x7f00000001c0)="d8000000180081054e81f782db44b904021d005c06007c09e8fe55a10a0015400100142603600e1208000b0000000401a80016000800014009201100036010fab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a98516277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360d070100000040fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9701", 0xd8}], 0x1}, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000a40)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd28, 0xffffffff, {0x0, 0x0, 0x0, r7, {0x0, 0x9}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x4}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000006040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000580)=@newtfilter={0x40, 0x2c, 0xd27, 0x70bd27, 0x25dfdbfe, {0x0, 0x0, 0x0, r7, {0xffff, 0x4}, {}, {0xffe0, 0x10}}, [@filter_kind_options=@f_u32={{0x8}, {0xfd09, 0x2, [@TCA_U32_HASH={0x8, 0x2, 0x80010001}, @TCA_U32_FLAGS={0x8}]}}]}, 0x40}, 0x1, 0x0, 0x0, 0x4}, 0x240488d0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, 0xffffffffffffffff, 0x0)

3.69432236s ago: executing program 2 (id=2006):
r0 = syz_mount_image$btrfs(&(0x7f00000004c0), &(0x7f00000015c0)='./file0\x00', 0x0, &(0x7f00000000c0)={[{@clear_cache}, {@user_subvol_rm}, {@max_inline={'max_inline', 0x3d, [0x67, 0x2d, 0x6b, 0x6d, 0x35]}}, {@noautodefrag}, {@autodefrag}, {@autodefrag}, {@compress_force_algo={'compress-force', 0x3d, 'zstd'}}, {@space_cache}]}, 0x0, 0x559e, &(0x7f00000103c0)="$eJzs3X9sVeX9B/BzWwoN+C39jhUYfxAgBoMkyJYtjqB4MQa24eKlgsKcCEQlBivYRDcYqUWSZcaghU4EF5GQaDJjscM/FMywy7CMZfzY5hZjs4JSaZZsAzVrHDG69N77XO49l9tembNOXy/SnvPcz3me+9yT88d9X/qcGwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAURUcSc9+d0f3i0ZE1X77/Hz+e+OjGn4zfvX/roVvu23T/gjMjbto5a1nf+mlN8zdsbDjS/PS+ObdGUSLdL5Htf9u136q/88bbvlsdBly+MLOtrS31lJmuJzON4QUP9vcr/FkRRVFVbIDK7PbV7E5FwQC53cbiAQf0Tuui6O7J8ya1dT01bklyYU/xS6df9VBPYKhkr6ue89dSMv27InZErp136SUKLtFM//gF96m8CADgY5mZSm9yb0ezb3Fz7eZ4PdZOxtotsXZ4h9CS37gYmXGHl5rnpHh9iOaZzESFESXnGatnz3+unYr3j7VjUeNjzLPw0GykqS41z7Wx+lDNEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCzZOzxo2tWtD2y575fdtQceff9OVc+8KWOw22LT4y8eunKHWum/HTWsr7105rmb9jYcKT56X1zbo2i2nS/RKZ74kTL5b9NjZ3fvXfcG427n6vpq8yOG7bD8g6OXg87s0ZH0cq8Sk8Y9q81UZQqLKSb0Y7iwl3pnW+HAgAAAJ8nX0n/rsi1M3GwqqCdSKfJRPpfkAmL77Quiu6ePG9SW9dT45YkF/Zc/HipEuMlLzherl17/ieRF4xD/I2Pd74eDm0sGmdg8RHjef7SMWPefmty/eSvT5v7xA3PjOru+r8nZ2xJ/bGu5oUrru+tf/a6ovxfO3D+D2dO/gcAAOA/If/HxxnYYPn/jqVTt7z+i2Grft3a8MTB+h1/bv3OMzsXneq54Ud9L09N3v7o1UX5f1LBUxbl/zDjkP8roovL/wAAAPBZ9t/O/8micQY2WP5vONM3+wcHX6vr+PucxXt+9dAVi8+e/tv8U7t3DV9zR8v6uoeuLMr/M8vL/8Pypx0e/F2Y8OrRUTSz/JMKAAAAFAj/737+o4WQ1zOfHMTz+rX/vKp5380ffPMbD97zpzff/s2xA7MnrdteN/PgyzfVf1j5ve3dRfk/WV7+r/p0Xi4AAABQhuePrpw773jPucfPvtB18vDu3pMznjyzrqnvdOslLatXbTr2WlH+T5WX/0cMzcsBAAAALuDeO59bsfnVl/oe2H/X2Ck9FVc1XpK4ZduOqU0TPuq8tPfy7VuL8v/y8vL/yOw2u/Ih06kz/BVC6+goqu7fWZspHIparskVAAAAgE9IyOlbP1ixbOzOsb3jj59+rObQG4dn/2Vt55yN13RXdW/uXNZ4WdH9AkJiL3X//3Cng7D+v+D+f0Xr//MKmbv+zXZjAAAAAL6Iitfzh9vjZ765oNT375e7/n9J3cQTiba33lv11XMHzo1ZsP/7129aV9/be8+El37/wz9M/6i6KP83l5f/K/O3n+T3/wEAAMBF+F/7/r+lReMMbLD7/zdV9DWsWrd3+uota7csTCw7UH3qwdV731+w5l9Tb36+qea6A0X5v6W8/B+2o/JfXkc4P5tGR9H4/p3s3QR/Hqa7OlZor8orZE58rMeNoUe20D4ir5C2Ntbja6OjaHL/TnOs8P+h0BIrnK3JFnbFCsdCIXs95Ap7YoWOcKVtq8lON154MRSyCyzawwqKUbklEbEe75Xq0V+4YI+u3JMDAAB8oYTwnM2yVYXNKB5l2xODHTBysAMqBjugcrADhsUOiB9Y6vFoeWEhPH575yMbNjVMSb7y8NzHfvbms40T9j1+WV3v5g9f2XbvxJ3TW6YW5f9d5eX/cCqGZzal1v9HYf1/9nsNc+v/l4dCbazQHgqp+B0DUuE5MmH34fActalsj7PjcwUAAAD4XAufC1QO8TwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/s3evcdJVd0JAj/d9INumqaNE9GMk3TUgGakaWwNw+AoaoxGRZpZddxkNBBoEGmE8FgFURtQZxziZ3ztrJnoCAoiu+qHGFeDwUhcxIw6iWLiA/Cxjq7r+h6VGM2E/XTfOkXVrS67EFDa+X7/6DpVv/O89eg69946FwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/xjuPfjlk4YunP0PHzace8nqqqmL/kfH6Mv+cNW3vvjUPy5b9G9h/i9GnLll3kEXHjd/wbR/6Vi++ogzQmjtKleWFC977oqvPtS613HP3jFw48wbb63fUpWpNxMP/Tr/lGfuXBxbfbF/CHeXhVCRDgypSwKVmft1sb5960LYI2wLZEu01SYl0g2HB2pCWBK2BbJVra4JoS4ncMqG+++7vDNxTU0IXwkhVKfbeKY6aaMmHRhUlQRq04HpFUngt1sT2cBPypMA7LD4Zsi+6Fe15mdo6L5ckddf5U7r2KcrPbw+MdFQPN/rR+3iTuWoSj/QukNPW0F17BIFb4+13m294N1WsJ2v8LTlfpHKfEPZui1UHcontk0aP6d9dnykPDQ19SlW0y56np9+e/6E7Un3mtdh7EDDTnkdXvrYiun9lo2+9OrNvxqz4ayaA3a0m0/lbNLc9K5WHTKvuV7zPEajfJ70grdfwbekRl+6Qghbzz17xtfnTDz7iD63PLnu1QcfrNty9pwFvzhz4nmLLj55w7/Pf6lg/t/w0fP/+HKOt+V5uWOrH9Ync/P4SF1MvFmfzM0BAACg1+gNe01Xnv/6X73+/bWtMxed/u23Dj73w71afz3i/gFVB7yxrqn1/I2ff6Vg/t9Y2vH/eMi/Lne0a0MY1ZVYNCCEvbseTwIrY3e+OyCEL3elWvMDR6UCa0PYpytxULaqVIm+sURjKvByfSYwKhVYHwOtqcDyGLgiFbg4BlalAhNiYG0qcHQMhCn54/hqfWYcJQdqYmBcshFXxbMQ3qmPraW21aZsVQAAADtJZnZYmX8351yHHc0Qp5eranrKEM/ALpqhOlVDegabnVYVraGipxrKe6ohO+6Ojx5+Qc1lPdVccBpGWX6GG9f85X2LXjzsC2P3mvj5xUMvmPKz8eGst++uerx5yYtv7XvEzesK5v/NHz3/r+6mI2UFx/9DGNv1N+Yuz0Tas/FxrXkZAAAAgB1w0R//xR61Lw85oGHT+2X3zl/7xKMrfrl5j1NOf3/c8a//8PCaxnsL5v+jSjv/P+4T6ZOTOTwSd0NMHRBCc34gqXZkYSA56t0vEwAAAIDeIHs8PnssfErmNjlFOz2fLszfup3544H/Ud3m//09/7P2jq3/+mLZBd89d0TNgKX/9GrHhBNOPvqW47/1zj4VB/yyvGD+31ra+f+1+bdJJ9bHXlw9IIS+OYEHYy87A10aY+D5I/MDmfGvjxtgcawqc2JCtqrFscS4GGhOBZYUK/FotsTe+YHMk5VtfFF2HFMyJXICAAAA8ImLuwPicfl4/n/LGSNO++vvzfrbha88eN7qCy75q+Ed80eedP/THzbMvXJp2PTmEQXz/3Hbd/5/1zy44PT+9n4hDK0IoU/6hwGP1CYLA8ZAXVkmcW9tUlefdFULa0MY2TmwdFUvZNb/r0ivMfh4TVJVDOy93y1vD+pMLKsJYWhu4IlvLz2sMzEnFcg2flpNCF/qHG268bv6Jo1Xphu/tm8IX8wJZKua0DeEzsaq0lX9r+rMdQzSVa2qDmHPnEC2quHVIcwNAPRW8X/pxNwHZ82dN3V8e3vbzF2YiDvxa8KkKe1tTROmt0+sLtKniak+561jtKBwTKVe+mZTZo2ixSsnV5aSzv5QsDm3rcyO/IIzBzP345ehyq5xHlKZd7clPeQD9y9sIuR8lSo25PJdPOTa3Eq2PYkF9cf8VaFf6DtnVtvMpvPGz549c1jyt9TshyR/43GmZFsNS2+r2u76VsLLo+hyWSkfd1sNyq1k6OxpM4bOmjtvyJRp4ye3TW47p+XQP2sZMXz410YM7RxUc/K3h5EO6q7m1Ei3Li1xWDtxpF+oyKnkk/jQkJCQ6G2J/f7L5odH77n+nOt/9tqPz+/3zdPu3fvImT889KqpD1Xve/ji24ccWDD/n/HR8//4qRM/+DPrMxQ7/t8QD/Mnj287zD8uBpaUevy/odjR/OyJAY2pQEcMdDjMDwAAwGdD3B0Z92bGndKbb1m/buOSlrk/aHin5dY17Utvuum+U39y58ATvjQ47LXhuhM+VzD/7yjt9/87af3/7NL1JxRb5v+gWKK52Pr/6WX+s+v/dxRb/z+9zH92/f8ln8L6/3OygdQmecf6/wAAwGfBJ7f+f4/L+6cvEFCQocfl/dMXCCjI0OMy/qVeIGC71/9f8+Bff6Wq35g7/qTlN/WXvPZ39xzWeuS6zTP/5Etb10+877qxt6wpmP9fUdr838L9AAAAsPv4z5ddU3H02Xff0bJu6sZxbw5+98m3lgzq80HF0Q+3j3xh4Bu3nlcw/19S2vz/k1//LxQ7/7+xWKC12MKA1v8DAACglyq2/t89Q1sa/zCm/x+eHvab5Q/ePPqnj/z898v3+/mJPyvfZ8Gxz8+8bFLB/H9VafP/eNpFeV7u2JsP65M17UJ6Tbs367M/GQAAAIDeoTw0NVWWmDdvYdSjPn6bT2eWAv2odK7vvXLt2ZtfmH7c46ev+7uaEwbvOWHaBasa/2b4gXd+ftQley7ddGrB/H9tafP/vN9lXPrYiun9lo2+9MOrN/9qzIazag7YdvwfAAAA2HVK3S8BAAAAAAAAAAAAAAB8+s7tWHzhI8uOfe+bt//F/kcseXXwbXcd+Lsh/V664qoHJq1648zJXy/4/X8Y21Wu2O//43X/4u8L/igvd2y15/X/MvdPOfH2uV1LFj5SH8L+uYGpC6fuETLX5h+cG7jvjIMGdiYWpkusefbolzoT30kHjh/yuS2dicNTgXFxkcR90oF4VcUt/VOBuLzi4+lA3B6r0oGqTOCy/sk4ytLb6pW6ZFuVpbfVxroQBuQEstvq7rqkjbL0AK9JBbID/F46EAd4ciZQnu7V7f2SXsVAXSx6Q7+kVwAA7Lbit8DKMGlKe1tz/Aofb79QkX8b5S1ZtqCw2rISm9+UWZps8crJlaWk+6S/i2671nhlqO4cwrCCr6u5Wcq6Rrlzaulh0/1RkSH3tNpbeZFyadu76aqKj6gmGVHThOntEyt7HHhLz1kOqegxy7CCyU5ulvKuTVpCLSX0pYQRlbhtSuhyvF8empr6pHL9eQw2hDw9vSJK/b1+7jp/xV4FuXluO/TKt758zE+f++CfP/9E/2+cVnP7rO+/e+KvX7//wEOOuG5C05otBfP/htLm/9W549qSuRhAR7yy3sgBIYwrcUQAAADw2XfbRbfecfr09a9MWlvx5GOPTS0fc3rl1vl3zp93ycZ7Fx9/2cErdjR+2Fm//f5vBu//b89e9dJPR+7zwA03/58nD3v8z3//8I8eeqduZZ+x7xXM/xtLm//HPViZQ8HJ3o618fr/iwaE0HVp/YYksDIO97sDQvhyV6o1lkguqH9CLNGcBFbGHSYHxRLjWvOr6hsDq1KBl+szgbWpwPoYyOyluCVkduVcWR/CYV2psfklZsQSDanAmBhoTAWaYqA5FegfA6NSgdf6ZwKtqcDDMRCm5G+rH/fPbCsAAIDtkZlnVebfDel53qqKnjKU9ZShtqcM5T1lqO4pQ7FRxPt3xAyVqZNXynIyVaZrrUnVUpAhXgx/u/tVkCE8mp8zXbCg6Xj+QfZ8g7L8DFf+4NlT1w+e/tDqzcd8beBt/zhkz4Obp9e9t+CGp3475pzrnv/TQQXz/+bS5v+1+bdJ6+vj/H/b9f+SwIOxe1fHU8cbY+D5I/MDmR0D6+Nkd3G2qtZMicykfXEsMSoGGlOBGTEwKhUYNzYTWDIwP5CZaWcbX5RtfEqmRE4AAAAAPnFxB0HcTRPn/zce9YOr3x8wccuyeTPvH9vyxMmjv3H1XT+6d/9ld767YvCAce99p2D+P6q0+X9sr19uYxfH3rzYP4S7y7b1JhsYUpcE4n6Muvjz+H3rQtgjZwdHtkRbbVKiKtVweKAm+YV6Vbqq1TXJGgPx/ikb7r/v8s7ENTUhfCVn70u2jWeqkzZq0oFBVUmgNh2YXpEE4p6fbOAn5UkAdlh2r2B8QWVOdclq6L5ckdffZ+WaoOnhFewD7SZfd7+52lWq0w9k9qlmbd/TVlAdu0TB22Otd1tvfLc1eLflfpHKfEPZui1UHcontk0aP6d9dnwk95esBXbR85z7K9VS0jvhddjx8Xvbs+p0B5pTHx/N3Zfr/nVYFqu79LEV0/stG33p1Zt/NWbDWTUHlNyNIuIPhX+05X9XPpWzeXe16pB5zfW6z5NWnye98d9Ao6cthHDZ9cfsu+TdX+/33A3Pnbqu7Maxr/7lrHs2Lf+bysNHrXv/yaGjLy+Y/7eWNv+vSN12+V3cmLMGhHBgzsZ9JG7+YwYkn4M5geRTcs/CQHLI/V/ri35yAgAAwM6W3d2R3V8wJXObnBCenicX5m/dzvxxf8WobvOX2u9j121cedLQN6474G8vOPGNv7/28Kceuv6ysnXL//vYD1avuXzxe08UzP/HffT8v2+qm47/O/7PLuL4f7d2913RfdMPdOzQruiC6tglHP/v1u7+bnP8v1uO/zv+3x3H/3vg+H+3dvenreBb0gxfujonwdff+fPfTbzpg7mN+x180lPPHDrxun+6quXuu0555b+de9601761uWD+P6O0+b/1/7pftC+7/t+4Yuv/zSi2/l+H9f8AAIBdqshCc+l5XsHqfQUZ0qv3FWTocYHAHpcYtP7fdq//t3Dkv1904Q+fb7n2nTvHXb5m07Fnvvr0utXPzFpx3Lnnv9V6112tBfP/jtLm//Hl0C+39d6y/l/j2CJVXREDMywMCAAAwO6o2A4CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPl2HnvbO+5d8/R/aBv1ixc1/f+v/+7/P1q594JvfuGn4L6f86RllazZcM+LMLfMOuvC4+Qum/UvH8tVHnBHClK5yZUnxsueu+OpDrXsd9+wdAzfOvPHW+i3VmXorM7d/nJc7tvphfQhLch6pi4k36zvvbAuccuLtcys6E4/Uh7B/bmDqwql7dCaW14cwODdw3xkHDexMLEyXWPPs0S91Jr6TDhw/5HNbOhOHZwJl6e5e1z/pblm6u5f3D2FATiDb3bP751eVbeO4TKA83caKuqSNGKiLRa+tS9qIgfZYYkrfEIZWhNAnXdU/VydV9UlXdU91UlWfdFUXVYcwMoRQka7quaqkqor0yB+tSqqKgb33u+XtQZ2JpVUhDM0NPPHtpYd1JmamAtnG/1NVCF/qfMmkG/9xZdJ4Zbrx/1oZwhdDCFXpEu9VJCWq0iVeqAhhz5zAto1YEcLcwGdD/PSZmPvgrLnzpo5vb2+buQsTVZm2asKkKe1tTROmt0+sTvWpmLKc9NYFH3/sm96eP6HzdvHKyZWlpCsy5Sq7unxIZd7dlt2997FftbmVbHs+CuqP+atCv9B3zqy2mU3njZ89e+aw5G+p2Q9J/vbJRJNtNay3bKtBuZUMnT1txtBZc+cNmTJt/OS2yW3ntBz6Zy0jhg//2oihnYNqTv7ujJEu/eRH+oWKnEo+ife/hIREb0uU5326Ne/un+MFX/S3dbQyVHd9QBdMK3KzlHWNcmcM+qiPOeKP8zWlxxENK5g4FGQ5pOcsLQWTiW1ZapIsXV/rCiaHuTWVd23SeL88NDX1KbYdGvLv5m7e13dg8z6d2XSlpgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+P/swIEAAAAAAJD/ayNUVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYQcOBAAAAACA/F8boaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgo7cCwAAAAAIMzfOoyeDQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4FAAA//8fSxmR")
chdir(&(0x7f0000000080)='./file0\x00')
ioctl$BTRFS_IOC_QUOTA_CTL(r0, 0xc0109428, &(0x7f0000000580)={0x1})
ioctl$BTRFS_IOC_QGROUP_LIMIT(r0, 0x8030942b, &(0x7f0000000600)={0x0, {0x5, 0x8000, 0x4, 0x3, 0x6a5e}})
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file2\x00', 0x141042, 0x0)
fallocate(r1, 0x10, 0xfff, 0x5)

3.373320355s ago: executing program 2 (id=2011):
openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$SIOCSIFHWADDR(r0, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000340)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x1, 0x25dfdbfd, {0x0, 0x0, 0x0, r2, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x3, 0x3, 0x6361, 0x7, 0xffffffff, 0x3}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40088c1}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000001040)=@newqdisc={0x3c, 0x24, 0x4ee4e6a52ff56541, 0x70b926, 0x25dfdc01, {0x0, 0x0, 0x0, r2, {0x0, 0xd}, {0xffff, 0xb}, {0xffff, 0xffe0}}, [@qdisc_kind_options=@q_codel={{0xa}, {0xc, 0x2, [@TCA_CODEL_CE_THRESHOLD={0x8, 0x5, 0x4}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x240040e0}, 0x4890)
r3 = socket$packet(0x11, 0x3, 0x300)
sendto$packet(r3, &(0x7f00000005c0)="bad330fbc9b55400040000ea0756a85d86dd", 0x12, 0x0, &(0x7f00000001c0)={0x11, 0x8100, r2, 0x1, 0x7, 0x6, @multicast}, 0x14)

3.239052953s ago: executing program 4 (id=2015):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'ipvlan1\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="680000001000030500000000fcdbdf25000000", @ANYRES32=0x0, @ANYBLOB="00000000008000004800128008000100687372003c000280060005000180000008000100", @ANYRES32=r1, @ANYBLOB="0500060001000000050007000000000005000300df00000008000200", @ANYRES64=r0], 0x68}}, 0x0)

3.202866246s ago: executing program 4 (id=2017):
socket$inet_sctp(0x2, 0x1, 0x84)
r0 = socket$kcm(0xa, 0x2, 0x0)
sendmsg$sock(r0, &(0x7f0000000400)={&(0x7f0000000580)=@in6={0x2, 0x4e23, 0x0, @private0={0xfc, 0x0, '\x00', 0x1}, 0xfffffffc}, 0x80, 0x0}, 0x0)

3.176273092s ago: executing program 4 (id=2018):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})
sendmsg$nl_route_sched(r1, 0x0, 0x0)
r3 = socket(0x400000000010, 0x3, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000027c0)=@newtfilter={0x8b0, 0x2c, 0xd27, 0x30bd29, 0x25dfdc00, {0x0, 0x0, 0x0, r5, {0x5, 0x4}, {}, {0x8}}, [@filter_kind_options=@f_matchall={{0xd}, {0x87c, 0x2, [@TCA_MATCHALL_ACT={0x878, 0x2, [@m_police={0x874, 0x1, 0x0, 0x0, {{0xb}, {0x848, 0x2, 0x0, 0x1, [[@TCA_POLICE_RATE={0x404, 0x2, [0x1ff, 0x3, 0x10000, 0x81, 0x7f, 0x5, 0x4, 0x2, 0x4, 0x5, 0x2234, 0x83, 0x81b, 0x800, 0x8, 0x0, 0x3, 0x7ed53619, 0x1, 0x2, 0x9644, 0x800004, 0x3ff, 0x85a, 0x3ff, 0x46, 0x2, 0x1, 0x0, 0x80000000, 0x10001, 0x790, 0x5, 0x1, 0xfffffff9, 0x1a77, 0x9, 0x3, 0x400, 0x63c, 0x4, 0xffffffff, 0x1, 0x3, 0x3, 0x5b1f, 0x7b0, 0x7, 0x100, 0x2, 0xd, 0xff, 0x3, 0x10000, 0x6, 0x6b7, 0x11ff, 0x80, 0x4, 0x7, 0x3, 0xa14, 0x3, 0x2, 0x80000000, 0x81, 0x7, 0x8, 0x5, 0x10001, 0xf7, 0x3, 0xfffffef9, 0x9, 0x4, 0x8, 0xfff, 0x3, 0x3, 0x6, 0x7, 0x8, 0x100, 0xc0000000, 0x0, 0x6, 0x6, 0x8, 0x80000001, 0x8, 0x1d24, 0x2, 0x7, 0x80000000, 0x7f, 0xa, 0x9, 0xff, 0x24, 0x5, 0x7, 0x6, 0x10007e, 0x8, 0x0, 0x7, 0x470, 0x7f, 0xe, 0x0, 0x1, 0x0, 0x4, 0x10009, 0x61, 0x200, 0x6, 0x2, 0x2, 0x6, 0x10001, 0x8, 0x7, 0x11, 0xda57, 0x7ffffffe, 0x80, 0x2f0cb955, 0x10000007, 0xfed, 0xf, 0x6ae, 0x9, 0xfffffffd, 0x9, 0x8001, 0x0, 0xec000, 0x0, 0x1, 0x2, 0x9, 0x7, 0x6, 0x4, 0x1, 0xffffcf1b, 0x6, 0x5517bc7b, 0x3, 0x4, 0xb6b, 0x5, 0xf7800000, 0xac, 0x8, 0x3, 0x10, 0x9, 0x8, 0x80000001, 0x0, 0x74, 0x2, 0x7fffffff, 0x0, 0xa, 0x6, 0xffffffff, 0x8, 0x2, 0x7, 0x7f, 0x5, 0x3, 0xa, 0x1, 0x0, 0xa, 0x300, 0x5, 0x3, 0x61e5, 0xffffffff, 0xfff, 0xff, 0x5, 0x8, 0x3, 0x2, 0x9, 0xb, 0x399d, 0x6, 0x8ab6, 0x18000, 0x2, 0xfffffff9, 0x2, 0x2, 0x528c, 0x5, 0x200, 0xac, 0xf, 0xd05, 0x9a2ce73, 0x4, 0x6, 0xe074, 0x6b10, 0x5, 0x1, 0x6, 0xb, 0xa26, 0xaf4, 0xfffffffc, 0xec, 0x8, 0xde16, 0xc418, 0xffffffff, 0xffffffff, 0x9, 0x400, 0x80001, 0x5, 0x354d, 0x5, 0x2, 0x1, 0x7, 0x0, 0x177, 0x7, 0x0, 0x80, 0x5, 0x8, 0xfffffffb, 0x9, 0xe7b, 0x0, 0x7, 0x42bf, 0x10000, 0x9, 0x9, 0x6, 0x4b75, 0x80000001, 0x5, 0x5915, 0x10001, 0x1]}], [@TCA_POLICE_PEAKRATE={0x404, 0x3, [0x107e, 0x2004, 0xec2, 0x6, 0x8, 0x400, 0x5, 0x1, 0x7, 0x470, 0x487, 0x100, 0xa99, 0xfffffeff, 0x5, 0x37f, 0x8, 0x6, 0x3, 0x3, 0x800, 0xd2f5, 0x40, 0x3, 0x4, 0x5, 0x7, 0x12, 0x2, 0x8, 0x101, 0xfffeffff, 0x2, 0x10000, 0xa6, 0x3, 0x10000, 0x1000, 0x4, 0x0, 0x3, 0x0, 0x3, 0x6, 0x98, 0x8, 0x6, 0x9, 0x1000, 0xb3000, 0xf, 0x3, 0x9, 0xb4, 0x94b, 0x9, 0x8, 0x6, 0x100, 0x2, 0xffff, 0x4, 0x2, 0x3ff, 0x2, 0xb828, 0x0, 0x0, 0x365, 0x8, 0x8, 0xf, 0x1, 0xfffffffe, 0xfffffff6, 0x93, 0x7fff, 0x92, 0x0, 0x7, 0xfffffffc, 0x7ff, 0x9, 0x6, 0x0, 0x2, 0x8, 0xffffff37, 0x3, 0x9, 0xc, 0xff, 0x3, 0x0, 0x400, 0x100000, 0x2, 0x2, 0x8, 0x4, 0x7, 0x4, 0x7, 0xfffffffa, 0x101, 0xadd9, 0x1, 0x0, 0x7, 0x7fffff7f, 0x40, 0x4, 0x0, 0x5, 0x4, 0x1, 0x8, 0x9, 0x6, 0x8000, 0x2, 0xb, 0x3, 0x7f, 0xffff, 0x9, 0x1685, 0xa252, 0x2, 0x200, 0x3, 0x1, 0x400, 0xfffffffc, 0xfffffffc, 0x1000, 0x7ff, 0x1, 0x1f6, 0x751, 0x7, 0x40000000, 0x1, 0xffffdbb7, 0x50, 0xf, 0xf, 0xe, 0x6, 0x0, 0x81, 0xfff80000, 0x0, 0x1, 0x6, 0x3, 0x7ef8, 0x7, 0x5, 0x2, 0x0, 0x4e8, 0x80, 0x0, 0x8, 0x5, 0x0, 0x5, 0x7fff, 0x7, 0x8, 0x6a4941c5, 0x2ea567b4, 0x8, 0x80000000, 0x6, 0x40, 0x2, 0x4000fff, 0x8, 0x7, 0x1, 0x1, 0x0, 0x0, 0xd3bed341, 0x691f, 0x0, 0x2, 0x9, 0x6, 0x0, 0x1ff, 0x400003, 0x3, 0x6, 0x5fc8462f, 0x0, 0x7, 0xffff, 0xfffffffc, 0x5, 0x0, 0xb9a6, 0x522, 0x2, 0x2, 0x900, 0x8, 0xbb99, 0xb8000000, 0x8, 0xffffff01, 0xc0a1, 0x8, 0x8, 0x7, 0x59, 0x9, 0x2, 0x101, 0x5f502dc7, 0x7, 0x0, 0x4000004, 0x6, 0x80000001, 0xc000, 0xffffff97, 0x2, 0x40, 0x1, 0x40, 0x8, 0x3, 0x710, 0x8, 0x1, 0xfffff339, 0x3, 0x8001, 0x1, 0x8001, 0x9, 0x8, 0xfffffffa, 0x8, 0x4000009, 0xfff, 0xe, 0x3, 0x9, 0xa, 0x7, 0xfffffff8]}, @TCA_POLICE_TBF={0x3c, 0x1, {0xfffffe00, 0x8, 0x5, 0x1, 0xdbec, {0x8, 0x2, 0xb55, 0x5, 0x7, 0xb}, {0x6, 0x2, 0xd, 0x5, 0x1, 0x5d17}, 0x2, 0x0, 0x6}}]]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x1}}}}]}]}}]}, 0x8b0}, 0x1, 0x0, 0x0, 0x10}, 0x0)

3.095792448s ago: executing program 4 (id=2023):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x3, 0xe, &(0x7f0000000f40)=ANY=[@ANYBLOB="b702000014000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c03406910927c6b0b55b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfe79578e51bc53099e90f4580d760551b5b342f7cbdb9cd38bdb2209c676b2ac2deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f132020000002cbe7bc04b82d2789cb1b2b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c41146dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a42b359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780c70014f51c3c975d5aec84222fff0d7216fdb0d3a0ec4be3e506d1387b63112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece08ac772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2ef0ae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2a3f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099bdae7ed04935c2c90d3add8eebc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adeb988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ffa3c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe4a3ced846891180604b6dd2499d16d7d9158ffffff069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a331bcc87dc3addb0814040000007874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dbae3428d2129ecfce1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296c6a298c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f050000000000000026049fe86e09623524f390bf79b441b75fc790c58e273cd905deb28c13c1ed1c0d9cae846b03008cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4e62b445c00f576b2b5cc7f819abd0f885cc48f97496079654f5a2d38708194cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b4749c28eb5167e9936ed327fb237a56224e49d9ea956d1798571b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecf743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be182724d95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd0403a099f32468f1561f058960d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b656dc0e32384f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bbe3e8ef76f57a2d0e69115d33394e86e4b83c0f3c2a34635f3eee4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033ec14bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cd082027c641ec4355eb4acff90756d1a1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8cc3fe28bc3586844f5fecb92aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a5906002fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128ab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0afd9ae134400f70b5e6aefb7eee403502732df858a2ea033b6c91c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80ffb8f386bb79f5589829b6b0679b5d65a00000000000000e6ff00000000000000000000faff0000bab50bc8508a9644d3e7c328b0ff22035c8073f8c1f0e3da7339fc81d4ab3ef2857ef70a81d8a1628da28c942571880e22df7cabae56d5ff5e483c9c1f5a258b8f1f34cc300312f76a374a6e9b3f9dbd7f538a80b00f97e47895b3201c5126feca0888956a7d768198d9c2109ac508a47ebb99c539ef45af7d87b308117a9e321a3861bc42cf41942c31268a4020221d7b1622585094eddd83c7f4acdd7f5c23d8b730bf03118261edada8b8487a3b1b7548a4687a91f12bf70bb1df3bfe7d4b92ad6fcbf401efd6eb004cf20016ad8d1dad136dd856ffca238b39482811f9c8524bf182f1956a3d044423927df28880bbd11c06407220df8e1d1d483d947d990dc175803d765ca14a915a0040b641959ad3e776b4bb4852fea12983dc18b7404914a6137dc4a78f1e0d331c60a9019c21698cd18753491df962f496f2395563e9c3d7b1228d0e488cf7e50a29541aa757f2e2ee9ff4433d65db0de5a123d569e39dce481156cbec584c9a32a8e3b032fa003192c891d83119bc950abac9147b9fcb0acd9a207b5ceb7e8ed1d91c000000000000000000000000000000141258373281153fa27e586ea82650f070d8851ac9e7ac07b37a6479d4017b5b5af3ff4c91235df4f657d77e386a329aec4d766369c86b62b01ceb028c6fcf206883633cb143016b9f5351a45a8cb4ea110ba700000000000000883416b6eff6a793c71deb7d780c4f51d86ece127c0714144916f397d398ad2fe72b710b932c15c2369cb5d2d2f6ae420672c4a626195a891ac51825077fbc286aa3866bbf18a4a8b836ea8c90af0d5f0aff55b50bc18c27875ed2628b91224b7fa9fd10ccd7c1b1a92bac529df981a6d30100e68555553625c0e91a51000000000000000000fe030f85b294f3ea1fce314a9dcefbe3b64e83c35c5e95734786ca78315793cc0e6e776d2ec07c55cd89541ec25e074e840287011cab538d79e1569df321282071d49a4dc5fb2d7da1d05249d0e153fd04ac", @ANYRES8], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x22, 0x0, &(0x7f0000000000)="378303076844268cb89e14f0080040", 0x0, 0xfe, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)

3.034089138s ago: executing program 2 (id=2024):
syz_usb_connect$uac3(0x5, 0x8f, &(0x7f0000000240)={{0x12, 0x1, 0x200, 0x0, 0x0, 0x0, 0x10, 0x582, 0x582, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x7d, 0x3, 0x1, 0x8, 0x20, 0x6, {0x8, 0xb, 0x0, 0x2, 0x1, 0x25, 0x30, 0xb}, {{{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x30, 0x0, {{0xa, 0x24, 0x1, 0xad5022f93bae853c, 0xf, 0x7ff}, [@selector_unit={0x5, 0x24, 0xc, 0x8}]}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x30, 0x0, {[@format_type_ii_ext={0xa, 0x24, 0x2, 0x2, 0x51, 0x6, 0xce, 0x5}]}, {{0x9, 0x5, 0x1, 0x9, 0x3ff, 0xff, 0x9, 0x8, {0xa, 0x25, 0x25, 0x0, 0xa, 0x710}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x30, 0x0, {}, {{0x9, 0x5, 0x82, 0x9, 0x10, 0x5f, 0x2, 0x0, {0xa, 0x25, 0x25, 0x0, 0x10, 0x101}}}}}}}}]}}, 0x0)
syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x9, 0x100}, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x6)
bind$alg(r0, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'pcbc(fcrypt)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000412ff8)="63429860415b7ac7", 0x8)
sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0)
recvmsg(0xffffffffffffffff, &(0x7f000000b680)={0x0, 0xffffffffffffffc3, &(0x7f000000b600)=[{&(0x7f000000b4c0)=""/5, 0x4}, {&(0x7f000000b500)=""/153, 0xfb59}], 0x2, 0x0, 0x0, 0x1000000}, 0x0)

3.033261817s ago: executing program 4 (id=2025):
syz_usb_connect$uac3(0x5, 0x8a, &(0x7f0000000240)={{0x12, 0x1, 0x200, 0x0, 0x0, 0x0, 0x10, 0x582, 0x582, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x78, 0x3, 0x1, 0x8, 0x20, 0x6, {0x8, 0xb, 0x0, 0x2, 0x1, 0x25, 0x30, 0xb}, {{{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x30, 0x0, {{0xa, 0x24, 0x1, 0xad5022f93bae853c, 0xa, 0x7ff}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x30, 0x0, {[@format_type_ii_ext={0xa, 0x24, 0x2, 0x2, 0x51, 0x6, 0xce, 0x5}]}, {{0x9, 0x5, 0x1, 0x9, 0x3ff, 0xff, 0x9, 0x8, {0xa, 0x25, 0x25, 0x0, 0xa, 0x710}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x30, 0x0, {}, {{0x9, 0x5, 0x82, 0x9, 0x10, 0x5f, 0x2, 0x0, {0xa, 0x25, 0x25, 0x0, 0x10, 0x101}}}}}}}}]}}, 0x0)
ioctl$vim2m_VIDIOC_G_FMT(0xffffffffffffffff, 0xc0285628, &(0x7f0000000080)={0x2, @win={{0xae, 0x0, 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}})
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x9, 0x100}, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x6)
bind$alg(r0, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'pcbc(fcrypt)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000412ff8)="63429860", 0x4)
r4 = accept(r0, 0x0, 0x0)
sendmmsg$alg(r4, &(0x7f0000000740)=[{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f00000001c0)="564004c6852da7a299e4c397614090d1a6e12edf1767f157", 0xfcdc}], 0x1, &(0x7f0000000480)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0)
recvmsg(r4, &(0x7f000000b680)={0x0, 0xffffffffffffffc3, &(0x7f000000b600)=[{&(0x7f000000b4c0)=""/5, 0x4}, {&(0x7f000000b500)=""/153, 0xfb59}], 0x2, 0x0, 0x0, 0x1000000}, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)

2.670358396s ago: executing program 3 (id=2026):
set_mempolicy(0x2, &(0x7f0000000140)=0x8001, 0x2)
madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0xe)
mlock(&(0x7f0000c00000/0x400000)=nil, 0x400000)

2.620267487s ago: executing program 3 (id=2028):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'ipvlan1\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="680000001000030500000000fcdbdf25000000", @ANYRES32=0x0, @ANYBLOB="00000000008000004800128008000100687372003c000280060005000180000008000100", @ANYRES32=r1, @ANYBLOB="0500060001000000050007000000000005000300df00000008000200", @ANYRES64=r0], 0x68}}, 0x0)

2.618732257s ago: executing program 3 (id=2030):
r0 = syz_init_net_socket$ax25(0x3, 0x5, 0xca)
bind$ax25(r0, &(0x7f0000000280)={{0x3, @default, 0x1}, [@null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @default, @bcast, @null]}, 0x48)
getsockopt$inet_sctp_SCTP_RTOINFO(0xffffffffffffffff, 0x84, 0x0, &(0x7f0000000000)={0x0, 0xf32f, 0xfe000000}, &(0x7f00000000c0)=0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="1e000000000000002200000009", @ANYRES16=r0, @ANYRES32=r0, @ANYRESHEX=r0], 0x33)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bridge0\x00'})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000600)=ANY=[@ANYBLOB="0008000000000000400034801400350076657468315f766c616e0000000000001400350076657468305f746f5f7465616d00000014003500776c616e3000000000000000"], 0x60}, 0x1, 0x0, 0x0, 0x800}, 0x20004010)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'tunl0\x00', 0x7101})
r3 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000380)={'syzkaller0\x00'})
socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r3, 0x8933, &(0x7f0000000100)={'wg1\x00'})
sendmsg$WG_CMD_SET_DEVICE(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000840)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB], 0x14}, 0x1, 0x0, 0x0, 0x6400c095}, 0x8010)
socket$inet_udp(0x2, 0x2, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
setsockopt$ax25_SO_BINDTODEVICE(0xffffffffffffffff, 0x101, 0x19, &(0x7f0000000000)=@bpq0, 0xfffffffffffffe1d)
r4 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r4, 0x0, 0x4008080)
r5 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
ioctl$sock_rose_SIOCADDRT(r5, 0x890b, &(0x7f00000007c0)={@dev={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x5, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bpq0, 0x5, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @null, @null, @null, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @default]})
connect$rose(r5, &(0x7f0000000040)=@short={0xb, @dev={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, 0x1, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}}, 0x1c)
connect$rose(r5, &(0x7f0000000240)=@short={0xb, @dev={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, 0x1, @null}, 0x1c)

2.466070931s ago: executing program 3 (id=2036):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x3, 0xe, &(0x7f0000000f40)=ANY=[@ANYBLOB="b702000014000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c03406910927c6b0b55b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfe79578e51bc53099e90f4580d760551b5b342f7cbdb9cd38bdb2209c676b2ac2deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f132020000002cbe7bc04b82d2789cb1b2b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c41146dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a42b359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780c70014f51c3c975d5aec84222fff0d7216fdb0d3a0ec4be3e506d1387b63112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece08ac772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2ef0ae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2a3f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099bdae7ed04935c2c90d3add8eebc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adeb988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ffa3c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe4a3ced846891180604b6dd2499d16d7d9158ffffff069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a331bcc87dc3addb0814040000007874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dbae3428d2129ecfce1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296c6a298c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f050000000000000026049fe86e09623524f390bf79b441b75fc790c58e273cd905deb28c13c1ed1c0d9cae846b03008cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4e62b445c00f576b2b5cc7f819abd0f885cc48f97496079654f5a2d38708194cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b4749c28eb5167e9936ed327fb237a56224e49d9ea956d1798571b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecf743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be182724d95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd0403a099f32468f1561f058960d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b656dc0e32384f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bbe3e8ef76f57a2d0e69115d33394e86e4b83c0f3c2a34635f3eee4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033ec14bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cd082027c641ec4355eb4acff90756d1a1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8cc3fe28bc3586844f5fecb92aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a5906002fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128ab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0afd9ae134400f70b5e6aefb7eee403502732df858a2ea033b6c91c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80ffb8f386bb79f5589829b6b0679b5d65a00000000000000e6ff00000000000000000000faff0000bab50bc8508a9644d3e7c328b0ff22035c8073f8c1f0e3da7339fc81d4ab3ef2857ef70a81d8a1628da28c942571880e22df7cabae56d5ff5e483c9c1f5a258b8f1f34cc300312f76a374a6e9b3f9dbd7f538a80b00f97e47895b3201c5126feca0888956a7d768198d9c2109ac508a47ebb99c539ef45af7d87b308117a9e321a3861bc42cf41942c31268a4020221d7b1622585094eddd83c7f4acdd7f5c23d8b730bf03118261edada8b8487a3b1b7548a4687a91f12bf70bb1df3bfe7d4b92ad6fcbf401efd6eb004cf20016ad8d1dad136dd856ffca238b39482811f9c8524bf182f1956a3d044423927df28880bbd11c06407220df8e1d1d483d947d990dc175803d765ca14a915a0040b641959ad3e776b4bb4852fea12983dc18b7404914a6137dc4a78f1e0d331c60a9019c21698cd18753491df962f496f2395563e9c3d7b1228d0e488cf7e50a29541aa757f2e2ee9ff4433d65db0de5a123d569e39dce481156cbec584c9a32a8e3b032fa003192c891d83119bc950abac9147b9fcb0acd9a207b5ceb7e8ed1d91c000000000000000000000000000000141258373281153fa27e586ea82650f070d8851ac9e7ac07b37a6479d4017b5b5af3ff4c91235df4f657d77e386a329aec4d766369c86b62b01ceb028c6fcf206883633cb143016b9f5351a45a8cb4ea110ba700000000000000883416b6eff6a793c71deb7d780c4f51d86ece127c0714144916f397d398ad2fe72b710b932c15c2369cb5d2d2f6ae420672c4a626195a891ac51825077fbc286aa3866bbf18a4a8b836ea8c90af0d5f0aff55b50bc18c27875ed2628b91224b7fa9fd10ccd7c1b1a92bac529df981a6d30100e68555553625c0e91a51000000000000000000fe030f85b294f3ea1fce314a9dcefbe3b64e83c35c5e95734786ca78315793cc0e6e776d2ec07c55cd89541ec25e074e840287011cab538d79e1569df321282071d49a4dc5fb2d7da1d05249d0e153fd04ac", @ANYRES8], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x22, 0x0, &(0x7f0000000000)="378303076844268cb89e14f0080040", 0x0, 0xfe, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)

2.465623821s ago: executing program 3 (id=2037):
r0 = socket$netlink(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000440)={0x34, r1, 0x1, 0x8000, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0)

816.523199ms ago: executing program 0 (id=2071):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, 0x0)
sendmsg$BATADV_CMD_GET_DAT_CACHE(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)={0x1c, r1, 0x83625fc5352ba305, 0x0, 0x0, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8}]}, 0x1c}}, 0x0)

789.908575ms ago: executing program 0 (id=2072):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0xa8442, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
r2 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, 0x0, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000022c0)=@newtfilter={0x44, 0x2c, 0xd27, 0x170bd2b, 0x2, {0x0, 0x0, 0x0, 0x0, {0x0, 0x10}, {}, {0x8, 0xffe0}}, [@filter_kind_options=@f_flow={{0x9}, {0x14, 0x2, [@TCA_FLOW_MODE={0x8, 0x2, 0x1}, @TCA_FLOW_KEYS={0x8, 0x1, 0x1a29c}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0xc804}, 0x2)
close(r1)
socket$unix(0x1, 0x2, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r3 = socket$kcm(0x11, 0x3, 0x0)
setsockopt$sock_attach_bpf(r3, 0x107, 0xf, &(0x7f0000000600), 0x56)
r4 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$kcm(r3, &(0x7f0000000280)={&(0x7f0000000540)=@xdp={0x2c, 0x0, r5, 0x42}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000200)="27030200dc0f14000e00053c0ff000000000ff840000000200000003125ce882cbf490d908f1523f00", 0x29}, {&(0x7f0000002680)="76e69c0141", 0x5}], 0x2}, 0x4005)

697.860909ms ago: executing program 0 (id=2075):
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x420000008b}, 0x0)
lsetxattr$security_ima(0x0, 0x0, &(0x7f0000000000)=@sha1={0x1, "ca46bb42f431c3e0a36fd25058505cb8e13b6aee"}, 0x15, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$BTRFS_IOC_QGROUP_CREATE(r0, 0xc400941b, &(0x7f0000000000)={0x1})

676.172575ms ago: executing program 0 (id=2076):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='illinois', 0x8)
connect$inet6(r0, 0x0, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r1, &(0x7f0000000140)=[{&(0x7f0000000900)="580000001400192340834b80040d8c560a066e0202ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000200060c10000000010000000000", 0x58}], 0x1)

645.02956ms ago: executing program 0 (id=2078):
syz_emit_ethernet(0x46, &(0x7f0000000000)={@broadcast, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "120008", 0x10, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x8, 0x0, 0x2}}}}}}, 0x0)
r0 = socket(0x10, 0x3, 0x0)
sendto$inet6(r0, &(0x7f0000000180)="9000000018001f2fb9409b52ffff65580200be04020c060560020b0243000f00fe00000000c8388827a685a168d0bf47d32345653602648dcaaf6c26c291214549935ade4a460c20b6ec0cff3959547f500f58ba86c902000f1d012e02000280160012000a000000000000000000000000080000000eceb6b362bb944cf2e70100aba4183b003e5fa424ac4d31c4f7a1", 0x90, 0x0, 0x0, 0xf)

578.243009ms ago: executing program 0 (id=2079):
syz_80211_inject_frame(&(0x7f0000000300)=@device_b, &(0x7f0000000040)=ANY=[@ANYBLOB="80000000ffffffffffff080211000000080211"], 0x32)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000040}, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)={0x30, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x30}}, 0x0)
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={{{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x1, [{0x2, 0x1}]}, @void, @void, @void, @void, @void, @void}, 0x2f)
nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, 0x0)
syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={{{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e)
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={{{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val, @void}, 0x20)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), r6)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r9=>0x0})
sendmsg$NL80211_CMD_SET_POWER_SAVE(r6, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000440)={0x24, r7, 0x1, 0x70bd2a, 0x25dfdbff, {{}, {@val={0x8, 0x3, r9}, @void}}, [@NL80211_ATTR_PS_STATE={0x8, 0x5d, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x40010}, 0x88c0)

447.908997ms ago: executing program 1 (id=2082):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, 0x0)
sendmsg$BATADV_CMD_GET_DAT_CACHE(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)={0x1c, r1, 0x83625fc5352ba305, 0x0, 0x0, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8}]}, 0x1c}}, 0x0)

426.208343ms ago: executing program 1 (id=2083):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r1, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r1, 0x6, 0x14, &(0x7f0000000140)=0x2, 0x4)
connect$inet(r1, &(0x7f0000000100)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0xe}}, 0x57)
setsockopt$inet_tcp_int(r1, 0x6, 0x19, &(0x7f0000000000)=0x3, 0x4)
sendto$inet(r1, &(0x7f00000002c0)="ab", 0x1, 0x4000805, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x1, 0x4, &(0x7f00000000c0)=@framed={{}, [@jmp={0x5, 0x1, 0xb}]}, &(0x7f0000000040)='GPL\x00'}, 0x94)
sendmsg$nl_generic(r0, 0x0, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x2400, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000400)=@newqdisc={0x3c, 0x24, 0x3fe3aa0262d8c583, 0x70bd2c, 0x0, {0x0, 0x0, 0x0, r5, {0x0, 0xf}, {0xffff, 0xffff}, {0xfff1}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0xc, 0x8002, [@TCA_FQ_PIE_LIMIT={0x8, 0x3f, 0x7fffffff}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x2}, 0x2000400c)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$IPSET_CMD_PROTOCOL(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000280)=ANY=[], 0x24}, 0x1, 0x0, 0x0, 0x80}, 0x4000000)
syz_genetlink_get_family_id$team(&(0x7f0000000040), r0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000380)=[{&(0x7f00000001c0)="d8000000180081054e81f782db44b904021d005c06007c09e8fe55a10a0015400100142603600e1208000b0000000401a80016000800014009201100036010fab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a98516277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360d070100000040fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9701", 0xd8}], 0x1}, 0x0)
r6 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000a40)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd28, 0xffffffff, {0x0, 0x0, 0x0, r7, {0x0, 0x9}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x4}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000006040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000580)=@newtfilter={0x40, 0x2c, 0xd27, 0x70bd27, 0x25dfdbfe, {0x0, 0x0, 0x0, r7, {0xffff, 0x4}, {}, {0xffe0, 0x10}}, [@filter_kind_options=@f_u32={{0x8}, {0xfd09, 0x2, [@TCA_U32_HASH={0x8, 0x2, 0x80010001}, @TCA_U32_FLAGS={0x8}]}}]}, 0x40}, 0x1, 0x0, 0x0, 0x4}, 0x240488d0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, 0xffffffffffffffff, 0x0)

372.740884ms ago: executing program 1 (id=2084):
r0 = socket$packet(0x11, 0x2, 0x300)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_GET(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x14}}, 0x0)
getsockname$packet(r2, &(0x7f0000000940)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000900)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000b40)=ANY=[@ANYBLOB="500000001000370400000000ffdbdf2500000000", @ANYRES32=r3, @ANYBLOB], 0x50}, 0x1, 0x0, 0x0, 0x11}, 0x40004)
sendto$packet(r0, 0x0, 0x0, 0x20000010, &(0x7f0000000080)={0x11, 0x76fafd875bfe7a53, r3, 0x1, 0x5, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x2c}}, 0x14)

282.381158ms ago: executing program 1 (id=2085):
socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5)
socket$nl_generic(0x10, 0x3, 0x10)
close(0x4)
syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/cgroup\x00')
socket$inet6_sctp(0xa, 0x5, 0x84)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeef, 0x8031, 0xffffffffffffffff, 0x215eb000)
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket$alg(0x26, 0x5, 0x0)
r1 = socket(0x14, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x61d0, 0x0)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_GET(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYRES8=r0], 0x1c}, 0x1, 0x0, 0x0, 0x20040024}, 0x8040)

213.069607ms ago: executing program 1 (id=2086):
syz_mount_image$btrfs(&(0x7f00000000c0), &(0x7f0000000000)='./bus\x00', 0x300000a, &(0x7f0000000080)={[{@compress_force_algo={'compress-force', 0x3d, 'zlib'}}, {@nodiscard}, {@nodatasum}]}, 0x5, 0x55a3, &(0x7f000000e0c0)="$eJzs3X9snHUdB/DnruvaFdeWMOuArGwDJFtEOjdNCCR2bNNpYTnphE3I+gNH0DmtY8NVCCtinIERijWMwQoLbn9MEYqucyiJBewqul8IJtNFBbPFNWOkOBExYTG9u+d299zaHhMpwuu1tM/zvc/z/d73njx/3PvW73MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABEHwx+N3TL/t3roJ26+ru++8a85e+2D3kuMX3rq1avND20v2dTz31aNVq1qPLF1w0/2JpkfW93d3BkEs2S+W7t9w2fwrr69vuKI0HLDxc6ltZeVQT5nq+mKqMTbnwcF+uT9NQRAURwYoSm/npXfiOQNkdlfkDzisayf1tE4dP69x28qujc8uu3xL/ktnUOloT2C0pK+rgyeupdrk73jkiEw769KL5Vyiqf7RC+4deREAwFtSk0huMm9H029xM+22aD3Sro202yPt8B1Ce3bjVKTGHTvUPCdH66M0z9pUVCgZcp6Revr8Z9qJaP9IOxI13sI8cw9NR5rSoebZEqmP1jwBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3k0uuH5m/d49D7/8ldbf/u7h17/16sePrGq8ZaC7/qJ1ix/v2PG9vx2tWtV6ZOmCm+5PND2yvr+7Mwgqk/1iqe6xZ6ri8ZkDddseu6e3puFDC9cUpccNt2OyDg72hzsXVwRBc1blYDhsf3kQJHILyWawIb/wpeTOZ8ICAAAA7yVnJn/HM+1UHCzOaceSaTKW/BdKhcVrJ/W0Th0/r3Hbyq6Nzy67fMupj5cYYrzak46XaVee+IllBeMw/kbHO1EPD12RN87woiNG8/zpx/qnNdfdUHrl7gsWzphdv+XS4CfTD3csX3TfhBfHL9nXXpOX/yuHz//hmZP/AQAA+G/I/9FxhjdS/m+uqZh0cOp3ix67rur44fkP/Lyz7/kn4w8VD3Q//dLYcbf9cnVe/p+c85R5+T+ccZj/48Gp5X8AAAB4N/tf5//avHGGN1L+/8X+zZ//98pvTDk84187Xnj69xdvnVI+/7WyGTe8+cSCVxp2tf0pL//XFJb/x2RPO3xwVzjhZRVBUFP4SQUAAAByhP/vfuKjhTCvpz45iOb1y+4qe3LXG+tvjJ/V8o8zFvfPqv7i7tVf37ApNrChc92O5XNX5OX/2sLyf/E783IBAACAAvxm+y13V395ydYtew7N2XFnYvPYS+a+uuennVf1vXwsUfT8zX15+T9RWP4vGZ2XAwAAAJzEU+MmPnfo0UNfm7177YS9q9rmPD5t3+qFD/xz9t+veOnPxzddWJ6X/xsLy/9l6W165UOq087wrxA6KoKgdHCnJVXoC9o/mSkAAAAAb5Mwpzc1revduX7MrNfOPvzDNSuW/2rvpd++a2P1zQd+XXX7ucf2996Yl/9bhr//f3ing3D9f879//LW/2cVUnf9u8SNAQAAAHg/yl/PH94eP/XNBUN9/36h6/8/euaBko7m8ysnx7dVz3rig31Xra1+fVHHRZ/YfusbH46V//VTefm/rbD8X5S9fTu//w8AAABOwf/b9/8tzhtneCPd/79v3DPnrPnsPT+o/WbZU+e+eXfzd9oPTj9v87QzPlJ0fvecmX/4fl7+by8s/4fb07JfXk94fm6vCIKJgzvpuwluDae7LFLoKs4qpE58pEd92CNd6CrJKiS1RHp8rCIIpgzutEUKp4eF9khhoDxd2BQp7A0L6eshU3g0UugJr7R7y9PTjRZ+FhbSCyy6whUUp2WWRER6HBuqx2DhpD0OZJ4cAADgfSUMz+ksW5zbDKJRtis20gFlIx0QH+mAopEOGBM5IHrgUI8HjbmF8PEfz+1e+so1D9b1Xt1w9KzZe5bc0faBnkW9O7/wo55z/nL1Cws/nZf/NxWW/8NTMTa1GWr9fxCu/09/r2Fm/X9jWKiMFLrCQiJ6x4BE+BypsHtn+ByViXSPgYmZAgAAALynhZ8LFI3yPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID/sHfvcVJVd4LATzf9oJum6YgBY4ygRkR3aZomGEQcUXRXo4tNJKtjhtAIjXZoAwq4YsyKr3GV6GLUmBjZwY+jJg6r+CDqRIXoiElGJfE5Kz4HnciqS9BR45gs++m+dYqqW112IaC0+/3+0XWqfud569F17r11LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/P/hsiX3Nrw58H9965ffW/f697409TdTD9m8y19uqHt3yDlPbT5ocN0tbw1asPCNtklnXtsyffk1G1YuDaGlq1xZUrzsoUHl5aP/cMxdt13xcNO0wVPOrcrUm4mHfp1/yjN3Loytvto/hLvLQqhIB0bUJYHKzP26WN8edSF8LmwJZEu01SYl0g2Hh2tCWBa2BLJV3VsTQl1OYMoTD666rDNxVU0I+4YQqtNtvFCdtFGTDgyrSgK16cCciiTw/uZENnBPeRKAbRbfDNkX/YqW/AwN3Zcr8vqr3G4d+3Slh9cnJhqK53vrsB3cqRxV6QdatulpK6iOHaLg7bHau60XvNsKtvMST1vuF6nMN5TNW0LVoXxm26zpCzrmx0fKQ2Njn2I17aDned2mc2ZsTbrXvA5jBxq2y+vwgdpJ9Ze9PfHglSf/8fR956+duq3dfC5nk+amd7TqkHnN9ZrnMZrg86QXvP0KviUN9aUrhHD8nz5f9sycl3bf+MGrJ068/YWLr5628JopE58d9Iux/3jtLndPu7xg/t/w0fP/+HKOt+V5uWOrH9Ync/P4SF1MbKxP5uYAAADQa/SGvaZfHf3qS6c+dPeiF5cfV/Hdcb86abf6irO/33H8rivHf/HSK9sf36Vg/j+0tOP/8ZB/Xe5oV4cwoStxwYAQdut6PAn8LHbn5AEh7NWVaskPHJYKrA7hC12J/bNVpUr0jSWGpgK/r88EJqQCa2KgJRW4MQaWpAIXxsCKVGBGDKxOBQ6PgdCeP44D6jPjKDlQEwOtyUZcEc9CeKc+tpbaVuuyVQEAAGwnmdlhZf7dnHMdtjVDnF6uqOkpQzwDu2iG6lQN6RlsdlpVtIaKnmoo76mG7LgXffTwC2ou66nmgtMwyvIzfDjkO+UDJu79o7tuHHFT84sTv/vu2OO/8uc33129/z/993vOmX/dAQXz/6aPnv9Xd9ORsoLj/yFM7vobc5dnIh3ZeGtLXgYAAABgG1z12NInbzjgqP9z38v33fmla28oX3311//vKxsv2HvUccPL+v7dt1cUzP8nlHb+f9wn0icnc3g07oaYPSCEpvxAUu3BhYHkqHe/TAAAAAB6g+zx+Oyx8PbMbXKKdno+XZi/ZSvzxwP/E7rNf/mmv372y9c+eeLCYftsuOK/nflB2efH/m6XY9eOfPytPYf9Q0PfwvP/W0o7/782/zbpxJrYiysHhNA3J/BI7GVnoMvQGHj50PxAZvxr4gZYHKvKnJiQrWpxLNEaA02pwLJiJX6bLbFbfiDzZGUbvyA7jvZMiZwAAAAAfOLi7oB4XD6e/3/P5AO+tP+gl8a8uOe9C1+bsPSEU2t/uM8tu74+oGPSmAMnHHLEMwXz/9atO/+/ax5ccHp/R78QRlaE0Cf9w4BHa5OFAWOgriyTuL82qatPuqrzakMY3zmwdFWvZNb/r0ivMfhETVJVDOy29083DetM3FATwsjcwDPfvH5MZ2J+KpBt/Bs1IQzpHG268ZV9k8Yr041f0zeEPXMC2apO7htCZ2NV6aoerM5cxyBd1W3VIQzMCWSrOrA6hIUBgF4q/iudmfvgvIVnz57e0dF2xg5MxH34NWFWe0db44w5HTOri/RpZqrPecsYnVc4plKvfPN8ZomiqUNuH15KOvs7wabctjL78QtOHMzcj9+FKrvG2VyZd3d0esjD9ylsIuR8kyo25PIdPOTa3Eq2PIkF9cf8VaFf6LtgXtsZjWdNnz//jFHJ31KzNyd/42GmZFuNSm+r2u76VsLLo+hqWSkfd1vtl1vJyPmnzR05b+HZI9pPm35K2ylt32keO6q5ecxXx45pHtk5qqbkbw9D3a+7qlND3Xx9iePajkPdvSKnkk/iU0NCQqK3JaYvKTt/wrRf3/+tPdacdtZJe/z9HjNHnPRXl/9m7omNh0z+1fV/ubZg/j/3o+f/8VMnfvJn1mcodvy/IR7mTx7fcpi/NQaWlXr8v6HY0fzsiQFDU4FFMbDIYX4AAAA+G+LuyLg3M+6Vvq7un+4+cuaMQ97/5QlTrv7bseNOPWv9vg0XX33skv+w/p0lq454u2D+v6i03/9vp/X/s0vXf63YMv/7xxJNxdb/Ty/zn13/f1Gx9f/Ty/xn1/9f9ims/78gG0htknes/w8AAHwWfHLr//e4vH/6AgEFGXpc3j99gYCCDD0u41/qBQK2ev3/OR1/UTvo8jnjDh0x98ePrNp7ycDbvvT8xF/vs/SgEfeuvOW9UbcWzP+XlDb/t3A/AAAA7Dwe+mXfb1/87rD7n3rk/SPLLv3txpuO/6u2Aw75w8DmUyYfXfP9m/6tYP6/rLT5/ye//l8odv7/0GKBlmILA1r/DwAAgF6q2Pp/Nw98eejq+SNufOznb97yUusvZo5/7d8t+cFXpg9runnNut80zFhfMP9fUdr8P552UZ6XO/bmw/pkTbuQXtNuY332JwMAAADQO5SHxsbKEvPmrYx62Mdvc11mKdCPSud6+r5BqxaUP3RVWfXGH1wy7ZDGc489c86RF63/fu2TP6md2lh9RsH8f3Vp8/+832U8UDup/rK3Jx784cqT/3j6vvPXTt1y/B8AAADYcUrdLwEAAAAAAAAAAAAAAHz6nmpdetAHo45+Y+Zeo/70jWNf+MHiL37zkb+59s9n/vzw+/Zq3zxsSsHv/8PkrnLFfv8fr/sXf1+wa17u2GrP6/9l7k855taFXUsWPlofwj65gdnnz/5cyFybf7/cwKqp+w/uTJyfLnHfi4e/1pmYlg4cNWKX9zoT41OB1rhI4hfSgXhVxff6pwJxecUn04G4PVakA1WZwCX9k3GUpbfVhrpkW5Wlt9VzdSEMyAlkt9XddUkbZekBXpUKZAd4ejoQBzgpEyhP9+rWfkmvYqAuFv2bfkmvAADYacVvgZVhVntHW1P8Ch9vd6/Iv43yliw7r7DashKbfz6zNNnUIbcPLyXdJ/1ddMu1xitDdecQRhV8Xc3NUtY1yu1TSw+bbtciQ+5ptbfyIuXStnbTVRUfUU0yosYZczpmVvY48NE9Z2mu6DHLqILJTm6W8q5NWkItJfSlhBGVuG1K6HK8Xx4aG/ukco2LwYaQp6dXRKm/189d56/YqyA3z9/WXHtpn8F93v+38Rc99OCAyo5TJ7ddtPtj/zxw1Mwf//DB1mt+XzD/byht/l+dO673MhcDWBSvrHfwgBBaSxwRAAAAfPb9z3OX33HinDUbZq2uePZ3v5tdftyJlZvPueucsy967v7FR13y72/e1viKsqc2nfjGprP++o2ffOW6h8966fAZZ901ad0h69uqb/zuXyw/dUjB/H9oafP/uAcrcyg42duxOl7//4IBIXRdWr8hCfwsDvfkASHs1ZVqiSWSC+p/LZZoSgI/iztM9o8lWlvyq+obAytSgd/XZwKrU4E1MZDZS/HTkNmVc0V9CGO6UpPzS8yNJRpSgeNiYGgq0BgDTalA/xiYkAq82T8TaEkF/jEGQnv+trqzf2ZbAQAAbI3MPKsy/25Iz/NWVPSUoaynDLU9ZSjvKUN1TxmKjSLevyNmqEydvFKWk6kyXWtNqpaCDPFi+Fvdr4IM4bf5OdMFC5qO5x9kzzcoy88w7od3tB70tXk/3nTxjx4/8sALj1xy5duXHt1v8JXP/u/2c/v131RbMP9vKm3+X5t/m7S+Js7/t1z/Lwk8Ert3ZTx1fGgMvHxofiCzY2BNnOwuzlbVkimRmbQvjiUmxMDQVGBuDExIBVonZwLLBucHMjPtbOMXZBtvz5TICQAAAMAnLu4giLtp4vx/5bjwzh5Hvt+8+5UD5457/JHzjphes2t1zT+PX7t0/KXVD+3Xt2D+P6G0+X9sr19uYxfG3rzaP4S7y7b0JhsYUZcE4n6Muvjz+D3qQvhczg6ObIm22qREVarh8HBN8gv1qnRV99YkawzE+1OeeHDVZZ2Jq2pC2Ddn70u2jReqkzZq0oFhVUmgNh2YU5EE4p6fbOCe8iQA2yy7VzC+oDKnumQ1dF+uyOvvs3JN0PTwCvaBdpOvu99c7SjV6Qcy+1Sztu5pK6iOHaLg7bHau603vtsavNtyv0hlvqFs3hKqDuUz22ZNX9AxPz6S+0vWAjvoec79lWop6e3wOlz08Xvbs+p0B5pSHx9N3Zfr/nVYFqt7oHZS/WVvTzx45cl/PH3f+WunltyNIuIPhQ++de4Bz+Vs3h2tOmRec73u86TF50lv/Dcw1NMWQlh+wawnn/iX95+vWN/8Xw4cu/y2Nx9b/pODHpg14gsbLvnyxrfePapg/t9S2vy/InXb5YO4MecNCGF4zsZ9NG7+iQOSz8GcQPIpObAwkBxyX19f9JMTAAAAtrfs7o7s/oL2zG1yQnh6nlyYv2Ur88f9FRO6zV9qvweO+YfvHXrV69/4+vrdL3906VPr/tObrxwx7dAHNj29YuXrzcd+/umC+X/rR8//+6a66fi/4//sII7/d2tn3xXdN/3Aom3aFV1QHTuE4//d2tnfbY7/d8vxf8f/u+P4fw8c/+/Wzv60FXxLmutLVwihdcANt/+idvrwflec860Za3/+9DtN416oO/foO//H4YvDNeet+nPB/H9uafN/6/91v2hfdv2/1mLr/80ttv7fIuv/AQAAO1SRhebS87yC1fsKMqRX7yvI0OMCgT0uMWj9v61e/6/2pLNPeqX+rb2umXj7f75z+oXPn3Tis/v2ef6E20+4aeTVw1/68oaC+f+i0ub/8eXQL7f13rL+39DJRapaEgNzLQwIAADAzqjYDgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+XSseXPzFzYv3OeimZz9/0+H/umzNrL1/dcDm0WNObhy+eGDZlX/3L28NWrDwjbZJZ17bMn35NRtWLg2hvatcWVK87KFB5eWj/3DMXbdd8XDTtMFTzq3O1FuZuf1iXu7Y6of1ISzLeaQuJjbWd97ZEphyzK0LKzoTj9aHsE9uYPb5sz/XmbixPoT9cgOrpu4/uDNxfrrEfS8e/lpnYlo6cNSIXd7rTIzPBMrS3b2uf9LdsnR3L+sfwoCcQLa73+6fX1W2jf+YCZSn27i5LmkjBupi0R/VJW3EQEcs0d43hJEVIfRJV/Xr6qSqPumq/r46qapPuqr/Wh3C+BBCRbqqF6uSqirSI19blVQVA7vt/dNNwzoTy6pCGJkbeOab14/pTJyeCmQb/3pVCEM6XzLpxu+oTBqvTDd+VWUIe4YQqtIl/rUiKVGVLvFKRQgDcwLZxk+tCGFh4DMhfvjMzH1w3sKzZ0/v6Gg7YwcmqjJt1YRZ7R1tjTPmdMysTvWpmLKc9ObzPv7Yn990zozO26lDbh9eSroiU66yq8vNlXl3R+/svY/9qs2tZMvzUVB/zF8V+oW+C+a1ndF41vT5888YlfwtNXtz8rdPJppsq1G9ZVvtl1vJyPmnzR05b+HZI9pPm35K2ylt32keO6q5ecxXx45pHtk5qqbk7/YY6vWf/FB3r8ip5JP4AJCQkOhtifK8T7emnf2DvOCL/paOVobqrg/ogmlFbpayrlFuj0Ef9jFH/HG+p/Q4olEFE4eCLM09ZxldMJnYkqUmydL1va5gcphbU3nXJo33y0NjY59i26Eh/27u5n1rGzbvusymKzUNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/D924EAAAAAAAMj/tRGqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsAMHAgAAAABA/q+NUFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYUdOBYAAAAAEOZvHUbPBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwKUAAAD//5twzl8=")
prlimit64(0x0, 0xe, 0x0, 0x0)
lsetxattr$security_ima(0x0, 0x0, &(0x7f0000000000)=@sha1={0x1, "ca46bb42f431c3e0a36fd25058505cb8e13b6aee"}, 0x15, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$BTRFS_IOC_QGROUP_CREATE(r0, 0xc400941b, &(0x7f0000000000)={0x1})

79.594864ms ago: executing program 1 (id=2087):
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$SIOCSIFHWADDR(r0, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000340)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x1, 0x25dfdbfd, {0x0, 0x0, 0x0, r2, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x3, 0x3, 0x6361, 0x7, 0xffffffff, 0x3}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40088c1}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000001040)=@newqdisc={0x3c, 0x24, 0x4ee4e6a52ff56541, 0x70b926, 0x25dfdc01, {0x0, 0x0, 0x0, r2, {0x0, 0xd}, {0xffff, 0xb}, {0xffff, 0xffe0}}, [@qdisc_kind_options=@q_codel={{0xa}, {0xc, 0x2, [@TCA_CODEL_CE_THRESHOLD={0x8, 0x5, 0x4}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x240040e0}, 0x4890)
r3 = socket$packet(0x11, 0x3, 0x300)
sendto$packet(r3, &(0x7f00000005c0)="bad330fbc9b55400040000ea0756a85d86dd", 0x12, 0x0, &(0x7f00000001c0)={0x11, 0x8100, r2, 0x1, 0x7, 0x6, @multicast}, 0x14)

40.235407ms ago: executing program 2 (id=2088):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)={{0x14}, [], {0x14}}, 0x28}, 0x1, 0x0, 0x0, 0x50}, 0x4000040)
syz_emit_ethernet(0x6a, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaabb86dd60e400ff00343a00"], 0x0)

17.951693ms ago: executing program 2 (id=2089):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r2 = socket$unix(0x1, 0x5, 0x0)
syz_80211_inject_frame(&(0x7f0000000300)=@device_b, &(0x7f0000000200)=ANY=[@ANYBLOB="5000000008021100000108021100000050505050505000000000000000000000000001000006020202020202010130"], 0x5a)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000040)={0x28, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}]}, 0x28}}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x9}]}, 0x24}, 0x1, 0x0, 0x0, 0x925cba15b6d88b33}, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)=[{0x0}, {&(0x7f0000000580)="d4fa0c511aad03aa5ed217677bc41c027d9c830c439c7f821ddd78b6915cb170e7603acf9e433c2903bb6773f4b0130668a1e5b5e08d21d0b69c28ca3455aed65855c86f3d1e5789d26375a0d85eaf5e92e19c9affcf76e7a94e76556d2b104ebf645747fadc91460f4b3c94e1a89b51be4a6aa4c65285f988329a8163b69c51b801500a5bacd0463976e2960e2679ef2feee5e6ce6bb78a51fb0e15820d13e4a5aa9e0742a6f8d677ad28fea356657bb550c8311b682d9003c82267a15aa7334bc53b65b9119a1a7d905c7dd365b85c230bbad0d5d0a79819e112637819d9a187cfdf782c6127d2d4281926ab0e22f7346b616fe28ed0b9f4a0c9fdac6d3a90a9c38b5e31448a45546388c95045bc22fe88c43b82a0a5d3eb61c238a5159ea98db9c00aeef644ae98a8cb8dffff3b7ba14d7971910b559623af8295", 0x13c}], 0x2}, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000}, 0x94)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8b18, &(0x7f0000000000)={'wlan1\x00'})

0s ago: executing program 4 (id=2090):
syz_init_net_socket$ax25(0x3, 0x2, 0x0)
r0 = socket$unix(0x1, 0x1, 0x0)
r1 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket$kcm(0x11, 0x3, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r3)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r6, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_FSC={0x10, 0x2, {0x4d, 0xfffffffb, 0x7fffffff}}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x4000000}, 0x20040084)
sendmsg$nl_route_sched(r4, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000700)=@newqdisc={0x838, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfffffdf8, {0x0, 0x0, 0x0, r6, {0x10}, {}, {0xa, 0x3}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x80c, 0x2, [@TCA_TBF_RTAB={0x404, 0x2, [0x0, 0x1, 0x9, 0x8000, 0x3, 0x5, 0x5, 0xb762, 0x4, 0x7, 0x8, 0xf, 0x2, 0x80000001, 0x400, 0x1007fc, 0xffff8000, 0x6, 0x403, 0x9, 0x8, 0xffffe4f5, 0xd6, 0x4, 0xfffb, 0x7, 0x0, 0xfffff4f0, 0x9, 0x1, 0xfffffffc, 0x4, 0x1, 0x6f2151b1, 0x9, 0xc, 0x20001000, 0x4, 0x2, 0x7, 0x4, 0x99, 0x9, 0x5, 0x6, 0x7, 0xfffffff7, 0x1, 0x2, 0x9, 0x9, 0x44, 0x8, 0x8, 0x1, 0x4, 0x7ff, 0x8, 0x7, 0x7fbffffe, 0x400, 0x8, 0xfffffa72, 0xcd, 0x4, 0x80000000, 0xc, 0x4, 0x65, 0x91, 0x659, 0x9, 0xf, 0x9, 0xc28, 0x9, 0x7, 0x3, 0x401, 0x3, 0x2, 0xfffffffa, 0x1, 0x10001, 0x3, 0x1, 0x4, 0x8, 0x8, 0x7, 0x1, 0x1, 0x1, 0x7, 0x40, 0x7, 0x12, 0x8000, 0x1, 0x4dc, 0x80, 0x3, 0x7fffffff, 0xff, 0x9, 0xa7, 0xf, 0x1, 0x0, 0x3, 0x1001, 0x4, 0x401, 0x7, 0x80000000, 0xffff, 0x6, 0x5, 0x4f, 0xffffffff, 0x80000000, 0x1966f9ad, 0x200, 0x20200, 0xed5, 0xfffffc00, 0x6, 0x4, 0x8, 0x485e, 0xa85, 0x80000040, 0x2, 0x7, 0x7, 0x102, 0x2d5421e8, 0x7, 0x10000, 0x2, 0x6, 0x3ff, 0xf04, 0x0, 0x2, 0x5, 0xfffffc00, 0x5, 0x8d, 0x4, 0x401, 0x4, 0x9, 0x3, 0xfffffffb, 0x1, 0x0, 0x3, 0x2, 0x5, 0x8, 0x3, 0x0, 0x800, 0x2, 0x8, 0x7ff, 0x1, 0x9, 0x6, 0x5, 0x5, 0x4d15, 0x1ff, 0xfffff060, 0x3, 0x469, 0x3, 0x0, 0x200, 0x10000005, 0x7, 0x3, 0x8, 0x42ba, 0x4, 0x9, 0x3, 0x8, 0x8, 0x53, 0x6, 0x4, 0x400, 0x8000, 0x0, 0x2c310b18, 0xfff, 0x0, 0x3, 0xcd34, 0x9, 0x81, 0xdf3, 0x2, 0x7, 0x8, 0x40fff, 0x1ff, 0x8000, 0x3, 0x8, 0x80, 0x6, 0x9a6, 0xe4cb, 0x402, 0x1, 0x1ff, 0x5, 0x9b4, 0x1, 0x8, 0x0, 0x8, 0x0, 0x9, 0x0, 0x4, 0x10, 0x901, 0x5, 0x2, 0x7b, 0xfffffeff, 0x6, 0x6, 0xc, 0x1000, 0x9, 0x9, 0xe6, 0xab, 0x400, 0x7fffffff, 0xed, 0x7ff, 0xd83, 0x68, 0x80000001, 0x6, 0x9fd, 0x10000006, 0x200, 0x2]}, @TCA_TBF_RTAB={0x404, 0x2, [0x7, 0x9, 0x4, 0x39, 0x545, 0x1, 0xc1, 0x1, 0x7fffffff, 0xec15, 0x6, 0xd, 0x1ff, 0x80000001, 0x0, 0x1, 0xfffffff9, 0x2, 0x5, 0x2, 0x9, 0x101, 0x832c, 0xfae, 0x1, 0x0, 0x7, 0xf, 0x9, 0xfffffffe, 0x0, 0x9, 0x7, 0xffffff81, 0x800, 0x5, 0x426, 0x0, 0x5, 0x4, 0x7, 0x1c, 0xffffffff, 0xd5c, 0x5, 0x4, 0x8, 0x800, 0x8, 0x6, 0x8, 0x9, 0x5, 0xb, 0x5, 0xc, 0xa74, 0x1, 0x2, 0x1ff, 0x8, 0x7, 0x0, 0x3a0, 0x7ae, 0x3, 0x1000, 0x3, 0x3, 0xfffffff0, 0x9d, 0xfffffff9, 0x7f, 0x9, 0x6, 0x5, 0x400, 0x2, 0x1ff, 0x93, 0x9f, 0x143c3343, 0x9, 0x7, 0x8, 0x5, 0x0, 0x4, 0x1, 0x0, 0x4, 0x6, 0x0, 0x9, 0x9cc, 0x6, 0xfffffffe, 0x6, 0xffffdd4b, 0x6, 0x4, 0x1, 0x1ff, 0x100, 0x8, 0x1, 0x3, 0xf2, 0xfffffffd, 0x7, 0x10, 0x638, 0x91, 0x2f, 0x7a, 0x401, 0x6, 0x8, 0x0, 0x8, 0x2, 0x3, 0x1, 0x3, 0x2, 0x8, 0xf6697c17, 0x6, 0x8, 0x51, 0x7f, 0x7, 0x3, 0x3, 0x2, 0x2, 0x800, 0x2, 0x6, 0x3, 0x4, 0x5, 0x473c, 0x2, 0x6d, 0xbe1, 0xfffffff9, 0x0, 0xffffffff, 0x1, 0x9, 0x7f, 0x6, 0x4, 0x8, 0x9, 0x7, 0x800, 0x9, 0xae4, 0x8, 0x3b10b02c, 0x7fffffff, 0x101, 0x0, 0xffff, 0x4, 0x9, 0x7, 0x0, 0x6, 0x9, 0x400, 0x7, 0x1, 0x8, 0xffff0000, 0x0, 0x9f, 0x4, 0x2, 0x3, 0x6, 0x5, 0x7, 0xffffffff, 0x80000001, 0x16a7, 0xb, 0x800, 0xe, 0xffff, 0xe, 0x1, 0x11b6, 0x1, 0x200, 0x5b, 0x3, 0x5, 0x9, 0x3, 0x5b, 0xfff, 0x2, 0x4, 0x40, 0x2, 0x3, 0x8, 0xffffffff, 0x0, 0x3, 0x8, 0xfffffffa, 0x380, 0xb, 0x7fffffff, 0x0, 0x2, 0x2, 0x400, 0x1b, 0x4, 0x8, 0x100, 0x3f, 0x9ba, 0x47, 0x10000, 0x5, 0x90, 0x8, 0x7, 0x80000000, 0x5, 0x1, 0x7, 0x5, 0x40, 0x5, 0xc, 0x831, 0xf, 0x55c5, 0x7, 0x8, 0x6, 0x7, 0x1, 0x9, 0x4, 0xfffffff9, 0x5, 0x7f, 0x800]}]}}]}, 0x838}, 0x1, 0x0, 0x0, 0x40098}, 0x0)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$kcm(r2, &(0x7f00000000c0)={&(0x7f0000000380)=@xdp={0x2c, 0xdd86, r7, 0x3e}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000180)="80", 0x1}], 0x1}, 0x4)

kernel console output (not intermixed with test programs):


[   30.248296][ T4322] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   30.249924][ T4322] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   30.251618][ T4322] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   30.253326][ T4322] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   30.254946][ T4322] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   30.257278][ T4322] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   30.259597][ T4322] batman_adv: batadv0: Interface activated: batadv_slave_0
[   30.260882][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   30.262388][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   30.263813][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   30.265229][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   30.274548][ T4330] device veth1_vlan entered promiscuous mode
[   30.287644][ T1570] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   30.289044][ T1570] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   30.290858][ T4322] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   30.293515][ T4322] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   30.295215][ T4322] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   30.298734][ T4322] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   30.300323][ T4322] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   30.302075][ T4322] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   30.304349][ T4322] batman_adv: batadv0: Interface activated: batadv_slave_1
[   30.305607][ T1570] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   30.307829][ T1570] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   30.309256][ T1570] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   30.310593][ T1570] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   30.312044][ T1570] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   30.329823][ T4330] device veth0_macvtap entered promiscuous mode
[   30.332277][ T4330] device veth1_macvtap entered promiscuous mode
[   30.339652][ T1570] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   30.340025][ T1677] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   30.340870][ T1570] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   30.342669][ T1677] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   30.350061][ T1677] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   30.351573][ T1677] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   30.353046][ T1677] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   30.360171][ T4322] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   30.361547][ T4322] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   30.362916][ T4322] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   30.364266][ T4322] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   30.402741][ T4330] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   30.404410][ T4330] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   30.408438][ T4402] loop1: detected capacity change from 0 to 512
[   30.411066][ T4330] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   30.412673][ T4330] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   30.414120][ T4330] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   30.415662][ T4330] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   30.418064][ T4330] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   30.419828][ T4330] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   30.422267][ T4330] batman_adv: batadv0: Interface activated: batadv_slave_0
[   30.433096][ T1677] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   30.434821][ T1677] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   30.439123][ T4330] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   30.440689][ T4330] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   30.442930][ T4330] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   30.445301][ T4330] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   30.447354][ T4330] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   30.447457][ T4402] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[   30.449134][ T4330] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   30.457908][ T4330] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   30.459534][ T4330] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   30.463739][ T4326] EXT4-fs (loop1): unmounting filesystem.
[   30.463844][ T4330] batman_adv: batadv0: Interface activated: batadv_slave_1
[   30.472081][ T1570] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   30.473501][ T1570] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   30.474863][ T1570] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   30.477342][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   30.479019][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   30.480560][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   30.488372][ T1570] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   30.509081][ T1570] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   30.522572][ T4330] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   30.523973][ T4330] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   30.525241][ T4330] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   30.533345][ T4330] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   30.540634][ T1677] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   30.541948][ T1677] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   30.543316][ T1677] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   30.584089][ T1677] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   30.585296][ T1677] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   30.600588][ T1677] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   30.614649][ T4411] device syzkaller0 entered promiscuous mode
[   30.616963][ T1677] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   30.618283][ T1677] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   30.619733][ T1677] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   30.771134][ T4418] syz.1.9 uses obsolete (PF_INET,SOCK_PACKET)
[   30.778099][    T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   30.779332][    T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   30.780802][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   30.791318][    T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   30.792616][    T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   30.793878][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   30.886194][ T4372] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[   30.991447][ T4430] loop1: detected capacity change from 0 to 512
[   31.005175][ T4430] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[   31.020402][ T4326] EXT4-fs (loop1): unmounting filesystem.
[   31.118082][ T4439] (syz.2.11,4439,0):ocfs2_fill_super:990 ERROR: superblock probe failed!
[   31.119458][ T4439] (syz.2.11,4439,0):ocfs2_fill_super:1176 ERROR: status = -22
[   31.269003][ T4441] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[   31.270324][ T4372] usb 1-1: Using ep0 maxpacket: 16
[   31.272260][ T4441] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[   31.275489][ T4372] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 255, changing to 7
[   31.277294][ T4372] usb 1-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 95, changing to 7
[   31.277960][ T4334] Bluetooth: hci3: command 0x041b tx timeout
[   31.280370][ T4372] usb 1-1: New USB device found, idVendor=0582, idProduct=0582, bcdDevice= 0.40
[   31.281681][ T4372] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   31.282944][ T4372] usb 1-1: Product: syz
[   31.283608][ T4372] usb 1-1: Manufacturer: syz
[   31.284354][ T4372] usb 1-1: SerialNumber: syz
[   31.286186][ T4327] Bluetooth: hci0: command 0x041b tx timeout
[   31.287609][ T4334] Bluetooth: hci2: command 0x041b tx timeout
[   31.287698][ T4323] Bluetooth: hci4: command 0x041b tx timeout
[   31.289572][ T4327] Bluetooth: hci1: command 0x041b tx timeout
[   31.316083][ T4441] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   31.412476][ T4445] loop1: detected capacity change from 0 to 1024
[   31.429136][ T4445] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (23577!=28264)
[   31.430841][ T4445] EXT4-fs (loop1): group descriptors corrupted!
[   31.497758][ T4449] loop1: detected capacity change from 0 to 1764
[   31.770429][ T4461] loop1: detected capacity change from 0 to 512
[   31.825662][ T4461] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[   31.889239][ T4326] EXT4-fs (loop1): unmounting filesystem.
[   31.977534][ T4478] loop1: detected capacity change from 0 to 256
[   31.986763][ T4478] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   32.002814][ T4479] loop2: detected capacity change from 0 to 1764
[   32.129367][ T4400] Process accounting resumed
[   32.130407][ T4400] FAT-fs (loop1): error, corrupted file size (i_pos 196, 16779264)
[   32.131733][ T4400] FAT-fs (loop1): Filesystem has been set read-only
[   32.189171][ T4485] loop2: detected capacity change from 0 to 512
[   32.197416][ T4485] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002]
[   32.199011][ T4485] EXT4-fs (loop2): orphan cleanup on readonly fs
[   32.200823][ T4485] EXT4-fs warning (device loop2): ext4_enable_quotas:7087: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix.
[   32.205235][ T4485] EXT4-fs (loop2): Cannot turn on quotas: error -22
[   32.209420][ T4485] EXT4-fs error (device loop2): ext4_ext_check_inode:520: inode #13: comm syz.2.35: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[   32.217713][ T4485] EXT4-fs error (device loop2): ext4_orphan_get:1404: comm syz.2.35: couldn't read orphan inode 13 (err -117)
[   32.219952][ T4485] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[   32.257056][ T4485] EXT4-fs (loop2): shut down requested (0)
[   32.302406][ T4322] EXT4-fs (loop2): unmounting filesystem.
[   32.394453][ T4498] loop2: detected capacity change from 0 to 512
[   32.467146][ T4502] (syz.4.36,4502,1):ocfs2_fill_super:990 ERROR: superblock probe failed!
[   32.468582][ T4502] (syz.4.36,4502,1):ocfs2_fill_super:1176 ERROR: status = -22
[   32.485436][ T4498] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[   32.530448][ T4322] EXT4-fs (loop2): unmounting filesystem.
[   32.695192][ T4510] loop2: detected capacity change from 0 to 1764
[   32.866060][ T4515] netlink: 212916 bytes leftover after parsing attributes in process `syz.2.46'.
[   33.062621][ T4520] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002]
[   33.064954][ T4520] EXT4-fs (loop2): orphan cleanup on readonly fs
[   33.070331][ T4520] EXT4-fs warning (device loop2): ext4_enable_quotas:7087: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix.
[   33.079085][ T4520] EXT4-fs (loop2): Cannot turn on quotas: error -22
[   33.082484][ T4520] EXT4-fs error (device loop2): ext4_ext_check_inode:520: inode #13: comm syz.2.48: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[   33.083515][ T4527] netlink: 12 bytes leftover after parsing attributes in process `syz.3.51'.
[   33.089960][ T4520] EXT4-fs error (device loop2): ext4_orphan_get:1404: comm syz.2.48: couldn't read orphan inode 13 (err -117)
[   33.092188][ T4520] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[   33.097537][ T4520] EXT4-fs error (device loop2): ext4_lookup:1858: comm syz.2.48: inode #15: comm syz.2.48: iget: illegal inode #
[   33.123119][ T4322] EXT4-fs (loop2): unmounting filesystem.
[   33.209636][ T4529] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[   33.238150][ T4330] EXT4-fs (loop4): unmounting filesystem.
[   33.283489][ T4550] =======================================================
[   33.283489][ T4550] WARNING: The mand mount option has been deprecated and
[   33.283489][ T4550]          and is ignored by this kernel. Remove the mand
[   33.283489][ T4550]          option from the mount to silence this warning.
[   33.283489][ T4550] =======================================================
[   33.339182][ T4550] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[   33.351260][ T4550] EXT4-fs (loop3): shut down requested (0)
[   33.356348][ T4334] Bluetooth: hci1: command 0x040f tx timeout
[   33.357300][ T4334] Bluetooth: hci2: command 0x040f tx timeout
[   33.358208][ T4334] Bluetooth: hci3: command 0x040f tx timeout
[   33.366210][ T4327] Bluetooth: hci4: command 0x040f tx timeout
[   33.367220][ T4327] Bluetooth: hci0: command 0x040f tx timeout
[   33.482986][ T4331] EXT4-fs (loop3): unmounting filesystem.
[   33.684324][ T4372] usb 1-1: 1:1 : incorrect wMaxPacketSize for BADD profile
[   33.686007][ T4372] usb 1-1: incorrect wMaxPacketSize 0x3ff for BADD profile
[   33.701199][ T4372] snd-usb-audio: probe of 1-1:1.0 failed with error -22
[   33.705674][ T4372] usb 1-1: USB disconnect, device number 2
[   33.795082][ T4566] netlink: 8 bytes leftover after parsing attributes in process `syz.3.64'.
[   34.229793][ T4575] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002]
[   34.231674][ T4575] EXT4-fs (loop0): orphan cleanup on readonly fs
[   34.240560][ T4575] EXT4-fs warning (device loop0): ext4_enable_quotas:7087: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix.
[   34.257769][ T4575] EXT4-fs (loop0): Cannot turn on quotas: error -22
[   34.264962][ T4575] EXT4-fs error (device loop0): ext4_ext_check_inode:520: inode #13: comm syz.0.66: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[   34.277977][ T4578] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[   34.287471][ T4575] EXT4-fs error (device loop0): ext4_orphan_get:1404: comm syz.0.66: couldn't read orphan inode 13 (err -117)
[   34.289633][ T4575] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[   34.294357][ T4331] EXT4-fs (loop3): unmounting filesystem.
[   34.309247][ T4575] EXT4-fs error (device loop0): ext4_lookup:1858: comm syz.0.66: inode #15: comm syz.0.66: iget: illegal inode #
[   34.312264][ T4315] udevd[4315]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[   34.347594][ T4584] device syzkaller0 entered promiscuous mode
[   34.349873][ T4321] EXT4-fs (loop0): unmounting filesystem.
[   34.701066][ T4604] netlink: 8 bytes leftover after parsing attributes in process `syz.1.78'.
[   34.766048][ T4373] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[   34.995947][ T4373] usb 1-1: Using ep0 maxpacket: 16
[   34.998741][ T4373] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 255, changing to 7
[   35.000568][ T4373] usb 1-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 95, changing to 7
[   35.003928][ T4373] usb 1-1: New USB device found, idVendor=0582, idProduct=0582, bcdDevice= 0.40
[   35.005653][ T4373] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   35.009721][ T4373] usb 1-1: Product: syz
[   35.010381][ T4373] usb 1-1: Manufacturer: syz
[   35.011440][ T4373] usb 1-1: SerialNumber: syz
[   35.436414][ T4334] Bluetooth: hci0: command 0x0419 tx timeout
[   35.437346][ T4334] Bluetooth: hci4: command 0x0419 tx timeout
[   35.438293][ T4334] Bluetooth: hci3: command 0x0419 tx timeout
[   35.439221][ T4334] Bluetooth: hci2: command 0x0419 tx timeout
[   35.440124][ T4334] Bluetooth: hci1: command 0x0419 tx timeout
[   35.693462][ T4621] (syz.2.84,4621,0):ocfs2_fill_super:990 ERROR: superblock probe failed!
[   35.694851][ T4621] (syz.2.84,4621,0):ocfs2_fill_super:1176 ERROR: status = -22
[   36.260165][ T4637] netlink: 8 bytes leftover after parsing attributes in process `syz.3.89'.
[   37.421946][ T4650] set_capacity_and_notify: 6 callbacks suppressed
[   37.421955][ T4650] loop4: detected capacity change from 0 to 512
[   37.474590][ T4650] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002]
[   37.479026][ T4650] EXT4-fs (loop4): orphan cleanup on readonly fs
[   37.484232][ T4650] EXT4-fs warning (device loop4): ext4_enable_quotas:7087: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix.
[   37.488934][ T4650] EXT4-fs (loop4): Cannot turn on quotas: error -22
[   37.490339][ T4650] EXT4-fs error (device loop4): ext4_ext_check_inode:520: inode #13: comm syz.4.96: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[   37.503679][ T4650] EXT4-fs error (device loop4): ext4_orphan_get:1404: comm syz.4.96: couldn't read orphan inode 13 (err -117)
[   37.505833][ T4650] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[   37.519628][ T4656] Zero length message leads to an empty skb
[   37.547949][ T4650] EXT4-fs error (device loop4): ext4_lookup:1858: comm syz.4.96: inode #15: comm syz.4.96: iget: illegal inode #
[   37.580063][ T4330] EXT4-fs (loop4): unmounting filesystem.
[   37.649925][ T4670] loop3: detected capacity change from 0 to 512
[   37.657655][ T4670] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   37.659608][ T4670] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   37.689974][ T4670] EXT4-fs (loop3): 1 truncate cleaned up
[   37.690991][ T4670] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[   37.729141][   T27] audit: type=1326 audit(37.720:2): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=unconfined pid=4669 comm="syz.3.103" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbad77128 code=0x7ffc0000
[   37.736873][   T27] audit: type=1326 audit(37.730:3): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=unconfined pid=4669 comm="syz.3.103" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=90 compat=0 ip=0xffffbad77128 code=0x7ffc0000
[   37.742929][   T27] audit: type=1326 audit(37.730:4): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=unconfined pid=4669 comm="syz.3.103" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbad77128 code=0x7ffc0000
[   37.757924][   T27] audit: type=1326 audit(37.730:5): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=unconfined pid=4669 comm="syz.3.103" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=64 compat=0 ip=0xffffbad77128 code=0x7ffc0000
[   37.780790][   T27] audit: type=1326 audit(37.730:6): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=unconfined pid=4669 comm="syz.3.103" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbad77128 code=0x7ffc0000
[   37.816042][   T27] audit: type=1326 audit(37.740:7): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=unconfined pid=4669 comm="syz.3.103" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=84 compat=0 ip=0xffffbad77128 code=0x7ffc0000
[   37.821366][   T27] audit: type=1326 audit(37.740:8): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=unconfined pid=4669 comm="syz.3.103" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbad77128 code=0x7ffc0000
[   37.825022][   T27] audit: type=1326 audit(37.740:9): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=unconfined pid=4669 comm="syz.3.103" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=208 compat=0 ip=0xffffbad77128 code=0x7ffc0000
[   37.828582][   T27] audit: type=1326 audit(37.740:10): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=unconfined pid=4669 comm="syz.3.103" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbad77128 code=0x7ffc0000
[   37.832179][   T27] audit: type=1326 audit(37.740:11): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=unconfined pid=4669 comm="syz.3.103" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=211 compat=0 ip=0xffffbad77128 code=0x7ffc0000
[   38.082612][ T4331] EXT4-fs (loop3): unmounting filesystem.
[   38.690049][ T4373] usb 1-1: 1:1 : incorrect wMaxPacketSize for BADD profile
[   38.692007][ T4373] usb 1-1: incorrect wMaxPacketSize 0x3ff for BADD profile
[   38.703561][ T4373] snd-usb-audio: probe of 1-1:1.0 failed with error -22
[   38.759848][ T4373] usb 1-1: USB disconnect, device number 3
[   38.772430][ T4693] loop0: detected capacity change from 0 to 512
[   38.810687][ T4693] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002]
[   38.812739][ T4693] EXT4-fs (loop0): orphan cleanup on readonly fs
[   38.814225][ T4693] EXT4-fs warning (device loop0): ext4_enable_quotas:7087: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix.
[   38.818089][ T4693] EXT4-fs (loop0): Cannot turn on quotas: error -22
[   38.824517][ T4693] EXT4-fs error (device loop0): ext4_ext_check_inode:520: inode #13: comm syz.0.111: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[   38.839515][ T4693] EXT4-fs error (device loop0): ext4_orphan_get:1404: comm syz.0.111: couldn't read orphan inode 13 (err -117)
[   38.845104][ T4693] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[   38.865087][ T4693] EXT4-fs error (device loop0): ext4_lookup:1858: comm syz.0.111: inode #15: comm syz.0.111: iget: illegal inode #
[   38.887718][ T4321] EXT4-fs (loop0): unmounting filesystem.
[   38.962303][ T4710] (syz.3.109,4710,0):ocfs2_fill_super:990 ERROR: superblock probe failed!
[   38.964137][ T4710] (syz.3.109,4710,1):ocfs2_fill_super:1176 ERROR: status = -22
[   38.994142][ T4711] device syzkaller0 entered promiscuous mode
[   39.050735][ T4315] udevd[4315]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[   39.505985][ T3896] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[   39.696003][ T3896] usb 1-1: Using ep0 maxpacket: 16
[   39.698593][ T3896] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 255, changing to 7
[   39.700284][ T3896] usb 1-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 95, changing to 7
[   39.703816][ T3896] usb 1-1: New USB device found, idVendor=0582, idProduct=0582, bcdDevice= 0.40
[   39.705296][ T3896] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   39.708789][ T3896] usb 1-1: Product: syz
[   39.709465][ T3896] usb 1-1: Manufacturer: syz
[   39.714597][ T3896] usb 1-1: SerialNumber: syz
[   40.387500][ T4746] device syzkaller0 entered promiscuous mode
[   42.263810][ T3896] usb 1-1: 1:1 : incorrect wMaxPacketSize for BADD profile
[   42.265281][ T3896] usb 1-1: incorrect wMaxPacketSize 0x3ff for BADD profile
[   42.271126][ T3896] snd-usb-audio: probe of 1-1:1.0 failed with error -22
[   42.286425][ T3896] usb 1-1: USB disconnect, device number 4
[   42.487807][ T4315] udevd[4315]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[   43.468394][ T4789] (syz.2.146,4789,0):ocfs2_fill_super:990 ERROR: superblock probe failed!
[   43.469901][ T4789] (syz.2.146,4789,0):ocfs2_fill_super:1176 ERROR: status = -22
[   43.525175][ T4794] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   43.528665][ T4794] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   51.811265][ T4823] (syz.3.157,4823,0):ocfs2_fill_super:990 ERROR: superblock probe failed!
[   51.812682][ T4823] (syz.3.157,4823,0):ocfs2_fill_super:1176 ERROR: status = -22
[   51.902344][ T4834] loop3: detected capacity change from 0 to 512
[   51.936534][ T4834] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[   51.961192][ T4840] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   51.962703][ T4840] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   51.971354][ T4834] capability: warning: `syz.3.159' uses deprecated v2 capabilities in a way that may be insecure
[   52.028083][ T4842] netlink: 44 bytes leftover after parsing attributes in process `syz.2.158'.
[   52.277117][ T4331] EXT4-fs (loop3): unmounting filesystem.
[   55.193010][ T4895] loop4: detected capacity change from 0 to 512
[   55.385503][ T4895] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[   55.705463][ T4895] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[   64.286350][ T4330] EXT4-fs (loop4): unmounting filesystem.
[   64.403046][ T4918] netlink: 44 bytes leftover after parsing attributes in process `syz.2.178'.
[   64.477575][ T2061] ieee802154 phy0 wpan0: encryption failed: -22
[   64.478748][ T2061] ieee802154 phy1 wpan1: encryption failed: -22
[   64.917255][ T4955] loop3: detected capacity change from 0 to 128
[   65.027827][   T22] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[   65.157477][ T4957] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.188'.
[   65.159979][ T4955] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.188'.
[   65.177925][ T4956] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.188'.
[   65.215975][   T22] usb 1-1: Using ep0 maxpacket: 16
[   66.031930][   T22] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 255, changing to 7
[   66.033712][   T22] usb 1-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 95, changing to 7
[   66.043372][   T22] usb 1-1: New USB device found, idVendor=0582, idProduct=0582, bcdDevice= 0.40
[   66.044732][   T22] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   66.051825][   T22] usb 1-1: Product: syz
[   66.052478][   T22] usb 1-1: Manufacturer: syz
[   66.053139][   T22] usb 1-1: SerialNumber: syz
[   66.164136][ T5002] loop2: detected capacity change from 0 to 1024
[   66.384734][ T5002] EXT4-fs (loop2): revision level too high, forcing read-only mode
[   66.389129][ T5002] EXT4-fs (loop2): orphan cleanup on readonly fs
[   66.390875][ T5002] EXT4-fs error (device loop2): ext4_free_blocks:6219: comm syz.2.192: Freeing blocks not in datazone - block = 0, count = 4096
[   66.454101][ T5002] EXT4-fs (loop2): 1 orphan inode deleted
[   66.455136][ T5002] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[   66.774504][ T5045] device syzkaller0 entered promiscuous mode
[   66.794620][ T4322] EXT4-fs (loop2): unmounting filesystem.
[   66.978046][ T5054] netlink: 20 bytes leftover after parsing attributes in process `syz.2.202'.
[   67.363890][ T5060] x_tables: duplicate underflow at hook 3
[   67.525011][ T5073] loop3: detected capacity change from 0 to 256
[   67.633699][ T5078] device syzkaller0 entered promiscuous mode
[   67.754185][ T5084] loop3: detected capacity change from 0 to 512
[   67.764571][ T5080] netlink: 212916 bytes leftover after parsing attributes in process `syz.1.214'.
[   67.778489][ T5082] device syzkaller0 entered promiscuous mode
[   67.830362][ T5084] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[   67.857497][   T22] usb 1-1: 1:1 : incorrect wMaxPacketSize for BADD profile
[   67.859588][   T22] usb 1-1: incorrect wMaxPacketSize 0x3ff for BADD profile
[   67.861479][ T4331] EXT4-fs (loop3): unmounting filesystem.
[   67.867830][   T22] snd-usb-audio: probe of 1-1:1.0 failed with error -22
[   67.879810][   T22] usb 1-1: USB disconnect, device number 5
[   68.008824][ T5111] loop2: detected capacity change from 0 to 512
[   68.013319][ T5107] netlink: 4 bytes leftover after parsing attributes in process `syz.3.224'.
[   68.018444][ T5107] device gretap0 entered promiscuous mode
[   68.019639][ T5107] device macvtap1 entered promiscuous mode
[   68.026939][ T5107] netlink: 4 bytes leftover after parsing attributes in process `syz.3.224'.
[   68.038699][ T5107] device gretap0 left promiscuous mode
[   68.081033][ T5111] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[   68.123184][ T4905] udevd[4905]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[   68.178366][ T5120] netlink: 20 bytes leftover after parsing attributes in process `syz.1.225'.
[   68.434073][ T5125] loop3: detected capacity change from 0 to 512
[   68.438137][ T5118] netlink: 212916 bytes leftover after parsing attributes in process `syz.0.227'.
[   68.440553][ T4322] EXT4-fs (loop2): unmounting filesystem.
[   68.461829][ T5127] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   68.464744][ T5127] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   68.511150][ T5125] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[   68.542800][ T4331] EXT4-fs (loop3): unmounting filesystem.
[   68.620099][ T5132] device syzkaller0 entered promiscuous mode
[   68.631165][ T5136] device syzkaller0 entered promiscuous mode
[   68.924891][ T5145] fuse: Bad value for 'fd'
[   69.597564][   T24] cfg80211: failed to load regulatory.db
[   71.511500][ T5172] loop2: detected capacity change from 0 to 128
[   71.527752][ T5172] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   71.552295][ T4322] EXT4-fs (loop2): unmounting filesystem.
[   71.733094][ T5178] netlink: 20 bytes leftover after parsing attributes in process `syz.2.244'.
[   80.436303][ T5168] netlink: 212916 bytes leftover after parsing attributes in process `syz.1.242'.
[   80.451358][ T5211] (syz.4.250,5211,1):ocfs2_fill_super:990 ERROR: superblock probe failed!
[   80.452818][ T5211] (syz.4.250,5211,1):ocfs2_fill_super:1176 ERROR: status = -22
[   80.695240][ T4368] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[   80.803048][ T5223] netlink: 8 bytes leftover after parsing attributes in process `syz.1.255'.
[   81.117947][ T5227] device syzkaller0 entered promiscuous mode
[   81.125973][ T4368] usb 1-1: Using ep0 maxpacket: 16
[   81.129120][ T4368] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 255, changing to 7
[   81.131001][ T4368] usb 1-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 95, changing to 7
[   81.134435][ T4368] usb 1-1: New USB device found, idVendor=0582, idProduct=0582, bcdDevice= 0.40
[   81.136587][ T4368] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   81.138068][ T4368] usb 1-1: Product: syz
[   81.138674][ T4368] usb 1-1: Manufacturer: syz
[   81.139509][ T4368] usb 1-1: SerialNumber: syz
[   81.265077][ T5232] device syzkaller0 entered promiscuous mode
[   81.413367][ T5237] device syzkaller0 entered promiscuous mode
[   81.527587][ T5243] netlink: 212916 bytes leftover after parsing attributes in process `syz.4.264'.
[   81.799808][ T5262] (syz.4.271,5262,1):ocfs2_fill_super:990 ERROR: superblock probe failed!
[   81.801223][ T5262] (syz.4.271,5262,1):ocfs2_fill_super:1176 ERROR: status = -22
[   81.808206][ T5265] device syzkaller0 entered promiscuous mode
[   82.255373][ T5280] netlink: 8 bytes leftover after parsing attributes in process `syz.3.277'.
[   82.697172][ T5290] netlink: 212916 bytes leftover after parsing attributes in process `syz.2.281'.
[   82.957112][ T5305] loop2: detected capacity change from 0 to 512
[   83.037865][ T5305] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[   83.097827][   T11] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1111: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[   83.135270][   T11] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 31 with error 28
[   83.137179][   T11] EXT4-fs (loop2): This should not happen!! Data will be lost
[   83.137179][   T11] 
[   83.138578][   T11] EXT4-fs (loop2): Total free blocks count 0
[   83.139556][   T11] EXT4-fs (loop2): Free/Dirty block details
[   83.140550][   T11] EXT4-fs (loop2): free_blocks=65280
[   83.141465][   T11] EXT4-fs (loop2): dirty_blocks=31
[   83.142266][   T11] EXT4-fs (loop2): Block reservation details
[   83.143196][   T11] EXT4-fs (loop2): i_reserved_data_blocks=31
[   83.176913][ T4322] EXT4-fs (loop2): unmounting filesystem.
[   84.101579][ T5332] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   84.108737][ T5332] misc raw-gadget: fail, usb_gadget_register_driver returned -16
Úÿÿÿ[   84.308159][ T5332] sched: RT throttling activated
[   84.600118][ T5337] loop4: detected capacity change from 0 to 1024
[   84.655260][ T4368] usb 1-1: 1:1 : incorrect wMaxPacketSize for BADD profile
[   84.665168][ T4368] usb 1-1: incorrect wMaxPacketSize 0x3ff for BADD profile
[   84.674671][ T5337] EXT4-fs (loop4): revision level too high, forcing read-only mode
[   84.676695][ T5337] EXT4-fs (loop4): orphan cleanup on readonly fs
[   84.680392][ T5337] EXT4-fs error (device loop4): ext4_free_blocks:6219: comm syz.4.295: Freeing blocks not in datazone - block = 0, count = 4096
[   84.682756][ T5337] EXT4-fs (loop4): 1 orphan inode deleted
[   84.687043][ T5337] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[   84.692660][ T4368] snd-usb-audio: probe of 1-1:1.0 failed with error -22
[   84.713610][ T4368] usb 1-1: USB disconnect, device number 6
[   84.845408][ T5348] netlink: 8 bytes leftover after parsing attributes in process `syz.0.298'.
[   85.062768][ T5307] udevd[5307]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[   85.101923][ T4330] EXT4-fs (loop4): unmounting filesystem.
[   85.184251][ T5353] (syz.3.299,5353,1):ocfs2_fill_super:990 ERROR: superblock probe failed!
[   85.185754][ T5353] (syz.3.299,5353,0):ocfs2_fill_super:1176 ERROR: status = -22
[   85.632296][ T5362] netlink: 28 bytes leftover after parsing attributes in process `syz.0.302'.
[   85.633932][ T5362] netlink: 28 bytes leftover after parsing attributes in process `syz.0.302'.
[   85.759837][ T5365] netlink: 212916 bytes leftover after parsing attributes in process `syz.4.304'.
Úÿÿÿ[   87.197722][ T5394] netlink: 8 bytes leftover after parsing attributes in process `syz.4.312'.
[   87.503261][ T5405] loop3: detected capacity change from 0 to 512
[   87.555290][ T5405] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[   87.612517][ T5413] netlink: 28 bytes leftover after parsing attributes in process `syz.2.317'.
[   87.614083][ T5413] netlink: 28 bytes leftover after parsing attributes in process `syz.2.317'.
[   87.684837][ T4331] EXT4-fs (loop3): unmounting filesystem.
[   87.685523][ T5413] device syzkaller0 entered promiscuous mode
[   87.805291][ T5421] device syzkaller0 entered promiscuous mode
Úÿÿÿ[   88.152357][ T5436] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   88.155066][ T5436] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   88.229607][ T5439] netlink: 212916 bytes leftover after parsing attributes in process `syz.4.323'.
[   88.469673][ T4372] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[   88.656102][ T4372] usb 1-1: Using ep0 maxpacket: 16
[   88.706109][ T5461] netlink: 8 bytes leftover after parsing attributes in process `syz.4.331'.
[   88.906781][ T4372] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 255, changing to 7
[   88.908627][ T4372] usb 1-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 95, changing to 7
[   88.918125][ T4372] usb 1-1: New USB device found, idVendor=0582, idProduct=0582, bcdDevice= 0.40
[   88.918174][ T5464] fuse: Bad value for 'fd'
[   88.919541][ T4372] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   88.931015][ T4372] usb 1-1: Product: syz
[   88.934147][ T4372] usb 1-1: Manufacturer: syz
[   88.934842][ T4372] usb 1-1: SerialNumber: syz
[   89.299721][ T5481] (syz.2.338,5481,1):ocfs2_fill_super:990 ERROR: superblock probe failed!
[   89.301034][ T5481] (syz.2.338,5481,1):ocfs2_fill_super:1176 ERROR: status = -22
[   89.741578][ T5490] netlink: 212916 bytes leftover after parsing attributes in process `syz.4.341'.
[   89.854775][ T5496] netlink: 28 bytes leftover after parsing attributes in process `syz.3.343'.
[   89.864492][ T5496] device syzkaller0 entered promiscuous mode
[   89.971611][ T5501] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   89.982653][ T5501] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   89.988334][ T5503] fuse: Bad value for 'fd'
[   90.110801][ T5510] loop3: detected capacity change from 0 to 1024
[   90.119362][ T5510] EXT4-fs (loop3): revision level too high, forcing read-only mode
[   90.121019][ T5510] EXT4-fs (loop3): orphan cleanup on readonly fs
[   90.122122][ T5510] EXT4-fs error (device loop3): ext4_free_blocks:6219: comm syz.3.348: Freeing blocks not in datazone - block = 0, count = 4096
[   90.124923][ T5510] EXT4-fs (loop3): 1 orphan inode deleted
[   90.125937][ T5510] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[   90.206124][ T4331] EXT4-fs (loop3): unmounting filesystem.
[   90.853209][ T5531] (syz.2.355,5531,0):ocfs2_fill_super:990 ERROR: superblock probe failed!
[   90.854630][ T5531] (syz.2.355,5531,0):ocfs2_fill_super:1176 ERROR: status = -22
[   91.149485][ T5535] __nla_validate_parse: 2 callbacks suppressed
[   91.149495][ T5535] netlink: 212916 bytes leftover after parsing attributes in process `syz.3.356'.
[   91.187740][ T4372] usb 1-1: 1:1 : incorrect wMaxPacketSize for BADD profile
[   91.189295][ T4372] usb 1-1: incorrect wMaxPacketSize 0x3ff for BADD profile
Úÿÿÿ[   91.214887][ T4372] snd-usb-audio: probe of 1-1:1.0 failed with error -22
[   91.227973][ T4372] usb 1-1: USB disconnect, device number 7
[   91.241965][ T5540] device syzkaller0 entered promiscuous mode
[   91.437010][ T5307] udevd[5307]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[   91.767694][ T5566] netlink: 212916 bytes leftover after parsing attributes in process `syz.2.368'.
[   91.891308][ T5571] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   91.893839][ T5571] misc raw-gadget: fail, usb_gadget_register_driver returned -16
Úÿÿÿ[   92.350876][ T5581] netlink: 28 bytes leftover after parsing attributes in process `syz.3.373'.
[   92.352538][ T5581] netlink: 28 bytes leftover after parsing attributes in process `syz.3.373'.
[   92.362726][ T5581] device syzkaller0 entered promiscuous mode
[   92.562016][ T5589] device syzkaller0 entered promiscuous mode
[   92.825104][ T5597] (syz.0.378,5597,1):ocfs2_fill_super:990 ERROR: superblock probe failed!
[   92.826648][ T5597] (syz.0.378,5597,1):ocfs2_fill_super:1176 ERROR: status = -22
Úÿÿÿ[   93.534308][ T5615] netlink: 28 bytes leftover after parsing attributes in process `syz.0.386'.
[   93.544799][ T5615] netlink: 28 bytes leftover after parsing attributes in process `syz.0.386'.
[   93.549470][ T5615] device syzkaller0 entered promiscuous mode
[   93.785611][ T5626] device syzkaller0 entered promiscuous mode
[   94.484435][ T5636] fuse: Bad value for 'fd'
[   94.734216][ T5647] (syz.4.397,5647,1):ocfs2_fill_super:990 ERROR: superblock probe failed!
[   94.735677][ T5647] (syz.4.397,5647,1):ocfs2_fill_super:1176 ERROR: status = -22
[   95.017141][ T5651] device syzkaller0 entered promiscuous mode
[   95.136615][ T5654] device syzkaller0 entered promiscuous mode
[   95.400150][ T5664] fuse: Bad value for 'fd'
[   95.476030][ T4367] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[   95.656095][ T4367] usb 1-1: Using ep0 maxpacket: 16
[   95.866161][ T4367] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 255, changing to 7
[   95.867978][ T4367] usb 1-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 95, changing to 7
[   95.871887][ T4367] usb 1-1: New USB device found, idVendor=0582, idProduct=0582, bcdDevice= 0.40
[   95.873384][ T4367] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   95.874786][ T4367] usb 1-1: Product: syz
[   95.875519][ T4367] usb 1-1: Manufacturer: syz
[   95.876737][ T4367] usb 1-1: SerialNumber: syz
[   96.226587][ T5705] fuse: Bad value for 'fd'
[   97.050512][ T5729] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   97.055174][ T5729] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   97.112730][ T5733] device syzkaller0 entered promiscuous mode
[   97.212985][ T5739] fuse: Bad value for 'fd'
[   98.216274][ T4367] usb 1-1: 1:1 : incorrect wMaxPacketSize for BADD profile
[   98.218117][ T4367] usb 1-1: incorrect wMaxPacketSize 0x3ff for BADD profile
[   98.245396][ T4367] snd-usb-audio: probe of 1-1:1.0 failed with error -22
[   98.274592][ T5771] device syzkaller0 entered promiscuous mode
[   98.276169][ T4367] usb 1-1: USB disconnect, device number 8
[   98.357019][ T5775] fuse: Bad value for 'fd'
[   98.496887][ T5307] udevd[5307]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  100.088438][ T5808] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  100.089986][ T5808] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  106.770765][ T5843] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  106.772252][ T5843] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  111.450739][ T5886] device syzkaller0 entered promiscuous mode
[  111.565966][ T4368] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  111.671132][ T5892] loop4: detected capacity change from 0 to 1024
[  111.681019][ T5892] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  111.682713][ T5892] EXT4-fs (loop4): orphan cleanup on readonly fs
[  111.683832][ T5892] EXT4-fs error (device loop4): ext4_free_blocks:6219: comm syz.4.471: Freeing blocks not in datazone - block = 0, count = 4096
[  111.689476][ T5892] EXT4-fs (loop4): 1 orphan inode deleted
[  111.690605][ T5892] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  111.775947][ T4368] usb 1-1: Using ep0 maxpacket: 16
[  111.781306][ T4368] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 255, changing to 7
[  111.783150][ T4368] usb 1-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 95, changing to 7
[  111.787089][ T4368] usb 1-1: New USB device found, idVendor=0582, idProduct=0582, bcdDevice= 0.40
[  111.788584][ T4368] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  111.789880][ T4368] usb 1-1: Product: syz
[  111.790530][ T4368] usb 1-1: Manufacturer: syz
[  111.791337][ T4368] usb 1-1: SerialNumber: syz
[  114.301683][ T4368] usb 1-1: 1:1 : incorrect wMaxPacketSize for BADD profile
[  114.303152][ T4368] usb 1-1: incorrect wMaxPacketSize 0x3ff for BADD profile
[  114.321659][ T4368] snd-usb-audio: probe of 1-1:1.0 failed with error -22
[  114.325400][ T4368] usb 1-1: USB disconnect, device number 9
[  114.526949][ T5857] udevd[5857]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  122.431320][ T5917] fuse: Bad value for 'fd'
[  122.434771][ T4330] EXT4-fs (loop4): unmounting filesystem.
[  123.106025][ T4372] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  123.468370][ T4372] usb 1-1: Using ep0 maxpacket: 16
[  123.470696][ T4372] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 255, changing to 7
[  123.472318][ T4372] usb 1-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 95, changing to 7
[  123.475611][ T4372] usb 1-1: New USB device found, idVendor=0582, idProduct=0582, bcdDevice= 0.40
[  123.477377][ T4372] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  123.478575][ T4372] usb 1-1: Product: syz
[  123.479238][ T4372] usb 1-1: Manufacturer: syz
[  123.479914][ T4372] usb 1-1: SerialNumber: syz
[  123.617078][ T5956] device syzkaller0 entered promiscuous mode
[  123.812974][ T5962] loop3: detected capacity change from 0 to 1024
[  123.820407][ T5962] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  123.824198][ T5962] EXT4-fs (loop3): orphan cleanup on readonly fs
[  123.825321][ T5962] EXT4-fs error (device loop3): ext4_free_blocks:6219: comm syz.3.490: Freeing blocks not in datazone - block = 0, count = 4096
[  123.831056][ T5962] EXT4-fs (loop3): 1 orphan inode deleted
[  123.832106][ T5962] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  125.631845][ T4372] usb 1-1: 1:1 : incorrect wMaxPacketSize for BADD profile
[  125.633547][ T4372] usb 1-1: incorrect wMaxPacketSize 0x3ff for BADD profile
[  125.638752][ T4372] snd-usb-audio: probe of 1-1:1.0 failed with error -22
[  125.642450][ T4372] usb 1-1: USB disconnect, device number 10
[  125.857410][ T5913] udevd[5913]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  125.916412][ T2061] ieee802154 phy0 wpan0: encryption failed: -22
[  125.917527][ T2061] ieee802154 phy1 wpan1: encryption failed: -22
[  134.695795][ T6013] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  134.699302][ T6013] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  135.010156][ T6025] overlayfs: failed to clone lowerpath
[  135.039574][   T24] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[  135.216000][   T24] usb 1-1: Using ep0 maxpacket: 16
[  135.218385][   T24] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 255, changing to 7
[  135.220099][   T24] usb 1-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 95, changing to 7
[  135.223643][   T24] usb 1-1: New USB device found, idVendor=0582, idProduct=0582, bcdDevice= 0.40
[  135.225095][   T24] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  135.227274][   T24] usb 1-1: Product: syz
[  135.227961][   T24] usb 1-1: Manufacturer: syz
[  135.229796][   T24] usb 1-1: SerialNumber: syz
[  135.527945][ T4331] EXT4-fs (loop3): unmounting filesystem.
[  135.554896][ T6038] loop3: detected capacity change from 0 to 1024
[  135.562460][ T6038] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  135.564304][ T6038] EXT4-fs (loop3): orphan cleanup on readonly fs
[  135.585133][ T6038] EXT4-fs error (device loop3): ext4_free_blocks:6219: comm syz.3.510: Freeing blocks not in datazone - block = 0, count = 4096
[  135.598757][ T6038] EXT4-fs (loop3): 1 orphan inode deleted
[  135.604033][ T6038] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  135.682732][ T6042] device syzkaller0 entered promiscuous mode
[  137.683875][   T24] usb 1-1: 1:1 : incorrect wMaxPacketSize for BADD profile
[  137.685340][   T24] usb 1-1: incorrect wMaxPacketSize 0x3ff for BADD profile
[  137.694359][   T24] snd-usb-audio: probe of 1-1:1.0 failed with error -22
[  137.701882][   T24] usb 1-1: USB disconnect, device number 11
[  137.896777][ T6000] udevd[6000]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  146.672036][ T6072] overlayfs: failed to clone lowerpath
[  146.695054][ T6082] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  146.699275][ T6082] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  147.155564][ T4331] EXT4-fs (loop3): unmounting filesystem.
[  147.186012][ T6088] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  147.188284][ T6088] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  147.764911][ T6109] device syzkaller0 entered promiscuous mode
[  148.800784][ T6124] overlayfs: failed to clone lowerpath
[  149.562240][ T6126] fuse: Bad value for 'fd'
[  149.742269][ T6134] loop4: detected capacity change from 0 to 1024
[  149.762473][ T6134] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  149.764114][ T6134] EXT4-fs (loop4): orphan cleanup on readonly fs
[  149.765485][ T6134] EXT4-fs error (device loop4): ext4_free_blocks:6219: comm syz.4.539: Freeing blocks not in datazone - block = 0, count = 4096
[  149.771588][ T6134] EXT4-fs (loop4): 1 orphan inode deleted
[  149.772516][ T6134] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  153.595891][ T4323] Bluetooth: hci2: command 0x0406 tx timeout
[  153.595933][ T4334] Bluetooth: hci1: command 0x0406 tx timeout
[  153.596890][ T4323] Bluetooth: hci4: command 0x0406 tx timeout
[  153.597845][ T4334] Bluetooth: hci3: command 0x0406 tx timeout
[  153.606203][ T4327] Bluetooth: hci0: command 0x0406 tx timeout
[  158.680087][ T4330] EXT4-fs (loop4): unmounting filesystem.
[  158.724301][ T6157] loop4: detected capacity change from 0 to 1024
[  158.770707][ T6157] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  158.772249][ T6157] EXT4-fs (loop4): orphan cleanup on readonly fs
[  158.773455][ T6157] EXT4-fs error (device loop4): ext4_free_blocks:6219: comm syz.4.543: Freeing blocks not in datazone - block = 0, count = 4096
[  158.776317][ T6157] EXT4-fs (loop4): 1 orphan inode deleted
[  158.777259][ T6157] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  158.924787][ T6166] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  158.934823][ T6166] overlayfs: failed to look up (tracing) for ino (-66)
[  158.954304][ T4330] EXT4-fs (loop4): unmounting filesystem.
[  158.998658][ T6177] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  159.002479][ T6177] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  159.779680][ T6202] device syzkaller0 entered promiscuous mode
[  170.764187][ T6257] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  170.765569][ T6257] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  171.020988][ T6271] loop2: detected capacity change from 0 to 1024
[  171.038469][ T6271] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  171.040111][ T6271] EXT4-fs (loop2): orphan cleanup on readonly fs
[  171.041785][ T6271] EXT4-fs error (device loop2): ext4_free_blocks:6219: comm syz.2.578: Freeing blocks not in datazone - block = 0, count = 4096
[  171.045491][ T6271] EXT4-fs (loop2): 1 orphan inode deleted
[  171.046747][   T24] usb 1-1: new high-speed USB device number 12 using dummy_hcd
[  171.048014][ T6271] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  171.227062][   T24] usb 1-1: Using ep0 maxpacket: 16
[  171.236969][ T4322] EXT4-fs (loop2): unmounting filesystem.
[  171.237759][   T24] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 255, changing to 7
[  171.246651][   T24] usb 1-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 95, changing to 7
[  171.250213][   T24] usb 1-1: New USB device found, idVendor=0582, idProduct=0582, bcdDevice= 0.40
[  171.251816][   T24] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  171.259712][   T24] usb 1-1: Product: syz
[  171.260356][   T24] usb 1-1: Manufacturer: syz
[  171.261054][   T24] usb 1-1: SerialNumber: syz
[  171.494727][ T6285] device syzkaller0 entered promiscuous mode
[  173.805634][   T24] usb 1-1: 1:1 : incorrect wMaxPacketSize for BADD profile
[  173.814485][   T24] usb 1-1: incorrect wMaxPacketSize 0x3ff for BADD profile
[  173.818493][   T24] snd-usb-audio: probe of 1-1:1.0 failed with error -22
[  173.827033][   T24] usb 1-1: USB disconnect, device number 12
[  174.140788][ T6262] udevd[6262]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  174.457978][ T6319] process 'syz.0.591' launched './file1' with NULL argv: empty string added
[  182.803128][ T6329] netlink: 4 bytes leftover after parsing attributes in process `syz.4.594'.
[  182.860162][ T6335] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  182.861622][ T6335] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  182.953006][ T6341] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  182.954429][ T6341] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  183.365262][ T6353] loop4: detected capacity change from 0 to 1024
[  183.372071][ T6353] EXT4-fs: inline encryption not supported
[  183.750500][ T6365] device syzkaller0 entered promiscuous mode
[  184.402524][ T6383] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  184.405997][ T6383] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  184.700811][ T6390] loop3: detected capacity change from 0 to 8192
[  184.716859][ T6390] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  187.356481][ T2061] ieee802154 phy0 wpan0: encryption failed: -22
[  187.357575][ T2061] ieee802154 phy1 wpan1: encryption failed: -22
[  195.218922][ T6425] loop3: detected capacity change from 0 to 512
[  195.244487][ T6425] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  195.282127][ T6425] EXT4-fs error (device loop3): ext4_get_first_dir_block:3583: inode #12: comm syz.3.629: Attempting to read directory block (0) that is past i_size (3)
[  195.311150][ T4331] EXT4-fs (loop3): unmounting filesystem.
[  195.367119][ T6432] loop3: detected capacity change from 0 to 8192
[  195.407594][ T6432]  loop3: p1 p3 p4
[  195.407594][ T6432]  p1: <minix: p5 >
[  195.409134][ T6432] loop3: p1 size 3942842368 extends beyond EOD, truncated
[  195.411806][ T6432] loop3: p3 start 1073741840 is beyond EOD, truncated
[  195.413784][ T6432] loop3: p5 size 3942842368 extends beyond EOD, truncated
[  195.416157][ T6345] usb 1-1: new high-speed USB device number 13 using dummy_hcd
[  195.464821][ T6436] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  195.471357][ T6436] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  195.490601][ T6437] device syzkaller0 entered promiscuous mode
[  195.537011][ T6406] udevd[6406]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory
[  195.541724][ T6405] udevd[6405]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory
[  195.557313][ T6438] udevd[6438]: inotify_add_watch(7, /dev/loop3p5, 10) failed: No such file or directory
[  195.598845][ T6345] usb 1-1: Using ep0 maxpacket: 16
[  195.604542][ T6345] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 255, changing to 7
[  195.606362][ T6345] usb 1-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 95, changing to 7
[  195.610293][ T6345] usb 1-1: New USB device found, idVendor=0582, idProduct=0582, bcdDevice= 0.40
[  195.611721][ T6345] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  195.612994][ T6345] usb 1-1: Product: syz
[  195.613644][ T6345] usb 1-1: Manufacturer: syz
[  195.614322][ T6345] usb 1-1: SerialNumber: syz
[  195.897381][ T6345] usb 1-1: 1:1 : incorrect wMaxPacketSize for BADD profile
[  195.899288][ T6345] usb 1-1: incorrect wMaxPacketSize 0x3ff for BADD profile
[  195.912784][ T6345] snd-usb-audio: probe of 1-1:1.0 failed with error -22
[  195.916500][ T6345] usb 1-1: USB disconnect, device number 13
[  195.944614][ T6442] loop4: detected capacity change from 0 to 1024
[  195.958755][ T6442] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  195.960492][ T6442] EXT4-fs (loop4): orphan cleanup on readonly fs
[  195.961730][ T6442] EXT4-fs error (device loop4): ext4_free_blocks:6219: comm syz.4.634: Freeing blocks not in datazone - block = 0, count = 4096
[  195.964185][ T6442] EXT4-fs (loop4): 1 orphan inode deleted
[  195.965504][ T6442] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  196.023867][ T6445] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  196.025568][ T6445] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  196.119906][ T6440] udevd[6440]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  196.684075][ T6463] loop3: detected capacity change from 0 to 8192
[  196.696428][ T6463] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  206.284069][ T4330] EXT4-fs (loop4): unmounting filesystem.
[  206.299376][ T6512] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  206.300866][ T6512] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  206.475369][ T6529] loop3: detected capacity change from 0 to 512
[  206.535110][ T6529] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  206.573652][ T4331] EXT4-fs (loop3): unmounting filesystem.
[  206.591257][ T6535] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  206.592847][ T6535] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  206.604008][ T6535] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  206.626971][ T6535] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  206.634286][ T6537] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  206.646971][ T6537] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  206.652834][ T6535] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  206.654401][ T6535] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  206.736335][ T6344] usb 1-1: new high-speed USB device number 14 using dummy_hcd
[  206.916299][ T6344] usb 1-1: Using ep0 maxpacket: 16
[  206.921686][ T6344] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  206.923378][ T6344] usb 1-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  206.925044][ T6344] usb 1-1: config 1 interface 0 altsetting 0 has an invalid endpoint with address 0xFF, skipping
[  206.929463][ T6344] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice=ff.3f
[  206.930982][ T6344] usb 1-1: New USB device strings: Mfr=255, Product=233, SerialNumber=1
[  206.932311][ T6344] usb 1-1: Product: syz
[  206.932942][ T6344] usb 1-1: Manufacturer: syz
[  206.933725][ T6344] usb 1-1: SerialNumber: syz
[  206.944818][ T6344] cdc_acm 1-1:1.0: skipping garbage
[  207.158741][   T14] usb 1-1: USB disconnect, device number 14
[  207.203720][ T6554] loop3: detected capacity change from 0 to 1024
[  207.216965][ T6554] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  207.220130][ T6554] EXT4-fs (loop3): orphan cleanup on readonly fs
[  207.224850][ T6554] EXT4-fs error (device loop3): ext4_free_blocks:6219: comm syz.3.672: Freeing blocks not in datazone - block = 0, count = 4096
[  207.242544][ T6554] EXT4-fs (loop3): 1 orphan inode deleted
[  207.243509][ T6554] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  207.318860][ T4331] EXT4-fs (loop3): unmounting filesystem.
[  207.352325][ T6567] loop3: detected capacity change from 0 to 512
[  207.390673][ T6567] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  207.418210][ T4331] EXT4-fs (loop3): unmounting filesystem.
[  207.482861][ T6581] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  207.514988][ T6584] input: syz1 as /devices/virtual/input/input2
[  207.561606][ T6586] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  207.563096][ T6586] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  207.624501][ T6590] loop3: detected capacity change from 0 to 1024
[  207.641764][ T6590] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  207.647463][ T6590] EXT4-fs (loop3): orphan cleanup on readonly fs
[  207.648770][ T6590] EXT4-fs error (device loop3): ext4_free_blocks:6219: comm syz.3.685: Freeing blocks not in datazone - block = 0, count = 4096
[  207.651926][ T6590] EXT4-fs (loop3): 1 orphan inode deleted
[  207.652867][ T6590] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  207.725077][ T4331] EXT4-fs (loop3): unmounting filesystem.
[  207.791101][ T6599] loop3: detected capacity change from 0 to 1024
[  207.801520][ T6599] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  207.803306][ T6599] EXT4-fs (loop3): orphan cleanup on readonly fs
[  207.804589][ T6599] EXT4-fs error (device loop3): ext4_free_blocks:6219: comm syz.3.689: Freeing blocks not in datazone - block = 0, count = 4096
[  207.808113][ T6599] EXT4-fs (loop3): 1 orphan inode deleted
[  207.809101][ T6599] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  207.827237][ T4331] EXT4-fs (loop3): unmounting filesystem.
[  207.886648][ T6606] loop3: detected capacity change from 0 to 512
[  207.913099][ T6606] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  207.946334][ T4331] EXT4-fs (loop3): unmounting filesystem.
[  208.045601][ T6621] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  208.055095][ T6621] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  208.298374][ T6640] loop4: detected capacity change from 0 to 512
[  208.333182][ T6640] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  208.372307][ T4330] EXT4-fs (loop4): unmounting filesystem.
[  208.422990][ T6647] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  208.424572][ T6647] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  209.568517][ T6659] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  209.569986][ T6659] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  209.572938][ T6659] Bluetooth: hci0: Suspend notifier action (1) failed: -4
[  209.574161][ T6659] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  209.575036][ T6659] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  209.576730][ T6659] Bluetooth: hci1: Suspend notifier action (1) failed: -4
[  209.577875][ T6659] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  209.578807][ T6659] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  209.580014][ T6659] Bluetooth: hci2: Suspend notifier action (1) failed: -4
[  209.581098][ T6659] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  209.582108][ T6659] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  209.583922][ T6659] Bluetooth: hci3: Suspend notifier action (1) failed: -4
[  209.585032][ T6659] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  209.587637][ T6659] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  209.590039][ T6659] Bluetooth: hci4: Suspend notifier action (1) failed: -4
[  209.591627][ T6680] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  209.593090][ T6680] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  209.635138][ T6697] loop2: detected capacity change from 0 to 1024
[  209.659622][ T6697] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  209.661165][ T6697] EXT4-fs (loop2): orphan cleanup on readonly fs
[  209.662518][ T6697] EXT4-fs error (device loop2): ext4_free_blocks:6219: comm syz.2.722: Freeing blocks not in datazone - block = 0, count = 4096
[  209.664795][ T6697] EXT4-fs (loop2): 1 orphan inode deleted
[  209.665664][ T6697] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  209.743220][ T4322] EXT4-fs (loop2): unmounting filesystem.
[  209.795160][ T6708] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  209.801265][ T6713] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  209.816177][ T6708] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  209.817926][ T6713] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  210.329636][ T6720] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  210.331346][ T6720] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  210.568065][ T6734] random: crng reseeded on system resumption
[  210.663132][   T14] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  210.689929][   T14] hid-generic 0000:0000:0000.0001: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  210.805901][ T4327] Bluetooth: hci0: command 0x0c1a tx timeout
[  211.264434][ T6772] input: syz0 as /devices/virtual/input/input3
[  211.596108][ T4323] Bluetooth: hci4: command 0x0c1a tx timeout
[  211.597912][ T4327] Bluetooth: hci3: command 0x0c1a tx timeout
[  211.597929][ T4334] Bluetooth: hci2: command 0x0c1a tx timeout
[  211.598855][ T4337] Bluetooth: hci1: command 0x0c1a tx timeout
[  212.211273][ T6833] device syzkaller1 entered promiscuous mode
[  212.360534][ T6846] loop4: detected capacity change from 0 to 1024
[  212.374511][ T6846] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  212.376235][ T6846] EXT4-fs (loop4): orphan cleanup on readonly fs
[  212.377320][ T6846] EXT4-fs error (device loop4): ext4_free_blocks:6219: comm syz.4.771: Freeing blocks not in datazone - block = 0, count = 4096
[  212.382723][ T6846] EXT4-fs (loop4): 1 orphan inode deleted
[  212.383904][ T6846] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  212.401529][ T6851] netlink: 9 bytes leftover after parsing attributes in process `syz.0.770'.
[  212.408924][ T6851] device gretap0 entered promiscuous mode
[  212.440835][ T4330] EXT4-fs (loop4): unmounting filesystem.
[  212.451997][ T6851] netlink: 5 bytes leftover after parsing attributes in process `syz.0.770'.
[  212.453417][ T6851] 0ªî{X¹¦: renamed from gretap0
[  212.476701][ T6851] device 
30ªî{X¹¦ left promiscuous mode
[  212.478448][ T6851] A link change request failed with some changes committed already. Interface 
30ªî{X¹¦ may have been left with an inconsistent configuration, please check.
[  212.877552][ T4332] Bluetooth: hci0: command 0x0406 tx timeout
[  213.676846][ T4337] Bluetooth: hci2: command 0x0406 tx timeout
[  213.676871][ T4327] Bluetooth: hci3: command 0x0406 tx timeout
[  213.678873][ T4323] Bluetooth: hci4: command 0x0406 tx timeout
[  213.679794][ T4332] Bluetooth: hci1: command 0x0406 tx timeout
[  213.840387][ T6935] loop2: detected capacity change from 0 to 1024
[  213.854268][ T6935] EXT4-fs: inline encryption not supported
[  213.859425][ T6935] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  213.876668][ T6935] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  213.923236][ T6935] EXT4-fs (loop2): re-mounted. Quota mode: writeback.
[  213.954240][ T4322] EXT4-fs (loop2): unmounting filesystem.
[  214.126377][ T6962] overlayfs: missing 'lowerdir'
[  214.538055][ T7003] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  214.539823][ T7003] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  215.175511][ T7057] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  215.177673][ T7057] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  215.252801][ T7064] device syzkaller0 entered promiscuous mode
[  215.704024][ T7084] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  215.705554][ T7084] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  226.181806][ T7105] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  226.183549][ T7105] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  226.224271][ T7109] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  226.225835][ T7109] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  226.360893][ T7127] netlink: 8 bytes leftover after parsing attributes in process `syz.1.868'.
[  226.397484][ T7127] device ipvlan1 entered promiscuous mode
[  226.398929][ T7127] device ipvlan1 left promiscuous mode
[  226.713324][ T7137] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  226.715034][ T7137] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  226.777062][ T7139] netlink: 20 bytes leftover after parsing attributes in process `syz.3.874'.
[  226.779884][ T7139] device geneve2 entered promiscuous mode
[  226.840502][ T7146] netlink: 5 bytes leftover after parsing attributes in process `syz.1.876'.
[  226.842016][ T7146] 0ªî{X¹¦: renamed from gretap0
[  226.876639][ T7146] A link change request failed with some changes committed already. Interface 
30ªî{X¹¦ may have been left with an inconsistent configuration, please check.
[  226.973906][ T7148] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  226.975523][ T7148] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  227.448887][ T7175] netlink: 8 bytes leftover after parsing attributes in process `syz.4.885'.
[  227.819475][ T7225] netlink: 68 bytes leftover after parsing attributes in process `syz.3.900'.
[  227.825585][ T7227] netlink: 'syz.0.901': attribute type 11 has an invalid length.
[  228.060810][ T7262] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  228.131897][ T7270] ksmbd: Unknown IPC event: 3, ignore.
[  228.425079][ T7312] netlink: 1392 bytes leftover after parsing attributes in process `syz.0.923'.
[  228.695374][ T7342] tipc: Started in network mode
[  228.702073][ T7342] tipc: Node identity ea489b37bbb4, cluster identity 4711
[  228.706288][ T7342] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  228.708340][ T7342] device syzkaller0 entered promiscuous mode
[  228.786462][ T7342] tipc: Resetting bearer <eth:syzkaller0>
[  228.800560][ T7340] tipc: Resetting bearer <eth:syzkaller0>
[  228.876488][ T7340] tipc: Disabling bearer <eth:syzkaller0>
[  228.947421][ T7363] netlink: 20 bytes leftover after parsing attributes in process `syz.2.941'.
[  228.950611][ T7363] device geneve2 entered promiscuous mode
[  229.056640][ T7375] device syzkaller0 entered promiscuous mode
[  229.423680][ T7422] netlink: 8 bytes leftover after parsing attributes in process `syz.4.958'.
[  229.628868][ T7457] netlink: 388 bytes leftover after parsing attributes in process `syz.3.969'.
[  229.729535][ T7472] device syz_tun entered promiscuous mode
[  229.731686][ T7472] netlink: 8 bytes leftover after parsing attributes in process `syz.0.973'.
[  229.733161][ T7472] device syz_tun left promiscuous mode
[  229.779202][ T7477] device team_slave_0 entered promiscuous mode
[  229.780441][ T7477] device team_slave_1 entered promiscuous mode
[  229.781881][ T7477] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  229.973543][ T7508] netlink: 'syz.2.987': attribute type 1 has an invalid length.
[  229.974772][ T7508] netlink: 'syz.2.987': attribute type 2 has an invalid length.
[  230.105307][ T7526] device macsec0 entered promiscuous mode
[  230.143052][ T7521] device syz_tun entered promiscuous mode
[  230.144114][ T7521] device macvtap2 entered promiscuous mode
[  230.177898][ T7521] device syz_tun left promiscuous mode
[  230.206783][ T7521] device macvtap2 left promiscuous mode
[  230.210421][ T7529] device geneve2 entered promiscuous mode
[  230.336253][ T7550] device syzkaller0 entered promiscuous mode
[  230.429323][ T7564] device erspan0 entered promiscuous mode
[  230.430334][ T7564] device macvtap1 entered promiscuous mode
[  230.434775][ T7564] device erspan0 left promiscuous mode
[  230.447098][ T7564] device macvtap1 left promiscuous mode
[  230.743295][ T7599] device syzkaller0 entered promiscuous mode
[  230.941784][ T7612] device geneve2 entered promiscuous mode
[  231.012633][ T7618] device syzkaller0 entered promiscuous mode
[  231.054203][ T7622] bridge0: port 1(bridge_slave_0) entered disabled state
[  231.058958][ T7622] bridge0: port 2(bridge_slave_1) entered disabled state
[  231.062645][ T7628] Driver unsupported XDP return value 0 on prog  (id 11) dev N/A, expect packet loss!
[  231.278407][ T7650] device syzkaller0 entered promiscuous mode
[  231.348907][ T7656] tipc: Started in network mode
[  231.350627][ T7656] tipc: Node identity 02979a997545, cluster identity 4711
[  231.351906][ T7656] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  231.371745][ T7661] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  231.374036][ T7661] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  231.375311][ T7661] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  231.376878][ T7661] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  231.392876][ T7662] netlink: 'syz.0.1050': attribute type 1 has an invalid length.
[  231.397246][ T7656] device syzkaller0 entered promiscuous mode
[  231.398772][ T7656] tipc: Resetting bearer <eth:syzkaller0>
[  231.404285][ T7661] __nla_validate_parse: 12 callbacks suppressed
[  231.404302][ T7661] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1051'.
[  231.413078][ T7661] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1051'.
[  231.418944][ T7655] tipc: Resetting bearer <eth:syzkaller0>
[  242.391660][ T7655] tipc: Disabling bearer <eth:syzkaller0>
[  242.401183][ T7661] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1051'.
[  242.468600][ T4370] tipc: Node number set to 2010290841
[  242.539423][ T7694] xt_hashlimit: size too large, truncated to 1048576
[  242.573459][ T7703] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  242.582632][ T7703] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  242.666532][ T7710] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1067'.
[  242.675204][ T7710] device bond_slave_0 entered promiscuous mode
[  242.676560][ T7710] device bond_slave_1 entered promiscuous mode
[  242.686232][ T7710] device macvtap2 entered promiscuous mode
[  242.687230][ T7710] device bond0 entered promiscuous mode
[  242.691168][ T7710] 8021q: adding VLAN 0 to HW filter on device macvtap2
[  243.257591][ T7740] IPVS: nq: FWM 3 0x00000003 - no destination available
[  243.367543][ T7743] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1074'.
[  243.624237][ T7754] 8021q: VLANs not supported on vcan0
[  244.035684][ T7782] IPVS: nq: FWM 3 0x00000003 - no destination available
[  244.125610][ T7791] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  244.199669][ T7799] device batadv0 entered promiscuous mode
[  244.222595][ T7799] device team0 entered promiscuous mode
[  244.223653][ T7799] device team_slave_0 entered promiscuous mode
[  244.224910][ T7799] device team_slave_1 entered promiscuous mode
[  244.266620][ T7799] device hsr1 entered promiscuous mode
[  244.267763][ T7799] 8021q: adding VLAN 0 to HW filter on device hsr1
[  244.271704][ T4992] IPv6: ADDRCONF(NETDEV_CHANGE): hsr1: link becomes ready
[  244.366085][ T7816] IPVS: nq: FWM 3 0x00000003 - no destination available
[  244.608796][ T7843] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  244.610453][ T7843] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  244.793632][ T7853] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  244.799637][ T7853] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  244.801358][ T7853] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  244.808835][ T7853] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  244.817739][ T7853] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  244.824477][ T7853] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  244.838870][ T7853] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  244.840454][ T7853] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  244.861407][ T7853] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  244.863273][ T7853] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  244.874090][ T7853] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  244.876835][ T7853] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  244.882803][ T7853] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  244.884463][ T7853] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  244.890235][ T7853] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  244.892011][ T7853] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  245.123464][ T1677] nci: nci_rsp_packet: unknown rsp opcode 0x6
[  245.155369][ T7884] netlink: 68 bytes leftover after parsing attributes in process `syz.1.1122'.
[  245.266222][ T7895] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1124'.
[  245.269402][ T7895] device geneve2 entered promiscuous mode
[  245.429063][ T7902] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  245.739795][ T7922] netlink: 'syz.0.1133': attribute type 21 has an invalid length.
[  245.741253][ T7922] netlink: 156 bytes leftover after parsing attributes in process `syz.0.1133'.
[  245.775518][ T7926] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1135'.
[  245.791274][ T7922] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1133'.
[  248.047435][ T7877] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  248.595768][ T7961] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1146'.
[  248.753034][ T7978] device syzkaller0 entered promiscuous mode
[  248.798107][ T2061] ieee802154 phy0 wpan0: encryption failed: -22
[  248.799323][ T2061] ieee802154 phy1 wpan1: encryption failed: -22
[  259.857612][ T7997] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1159'.
[  259.861267][ T8004] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1161'.
[  260.031458][ T8020] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  260.052330][ T8020] device syzkaller0 entered promiscuous mode
[  260.059388][ T8020] tipc: Resetting bearer <eth:syzkaller0>
[  260.065727][ T8027] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  260.068916][ T8027] device syzkaller0 entered promiscuous mode
[  260.077250][ T8019] tipc: Resetting bearer <eth:syzkaller0>
[  260.463853][ T8043] netlink: 232 bytes leftover after parsing attributes in process `syz.0.1175'.
[  271.040779][ T8019] tipc: Disabling bearer <eth:syzkaller0>
[  271.127837][ T8041] tipc: Resetting bearer <eth:syzkaller0>
[  271.135327][ T8025] tipc: Resetting bearer <eth:syzkaller0>
[  271.187384][ T8025] tipc: Disabling bearer <eth:syzkaller0>
[  271.189374][    T7] tipc: Node number set to 1375509303
[  271.191381][ T8059] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1177'.
[  271.198170][ T8070] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1180'.
[  271.215402][ T8073] 8021q: adding VLAN 0 to HW filter on device bond1
[  271.221826][ T8070] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1180'.
[  271.239000][ T8079] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  271.252748][ T8076] bond1: (slave ip6gretap1): Enslaving as a backup interface with an up link
[  271.316821][ T1677] bond1: Warning: No 802.3ad response from the link partner for any adapters in the bond
[  271.319647][ T1677] IPv6: ADDRCONF(NETDEV_CHANGE): bond1: link becomes ready
[  271.362032][ T8099] device syzkaller1 entered promiscuous mode
[  271.377727][ T8088] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1186'.
[  271.427388][   T11] bond1: Warning: No 802.3ad response from the link partner for any adapters in the bond
[  271.763802][ T8109] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1192'.
[  271.825606][ T8111] device syzkaller0 entered promiscuous mode
[  272.007815][ T8119] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1197'.
[  272.021484][ T8119] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1197'.
[  272.066130][ T8125] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1199'.
[  272.136637][ T8131] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1202'.
[  272.138271][ T8131] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1202'.
[  272.141672][ T8131] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  272.143205][ T8131] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  272.144540][ T8131] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  272.146095][ T8131] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  272.389831][ T8143] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  272.392287][ T8143] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  272.395706][ T8143] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  272.399726][ T8143] device bridge_slave_0 left promiscuous mode
[  272.400956][ T8143] bridge0: port 1(bridge_slave_0) entered disabled state
[  272.449715][ T8143] device bridge_slave_1 left promiscuous mode
[  272.450877][ T8143] bridge0: port 2(bridge_slave_1) entered disabled state
[  272.477599][ T8143] bond0: (slave bond_slave_0): Releasing backup interface
[  272.520913][ T8143] bond0: (slave bond_slave_1): Releasing backup interface
[  272.562186][ T8143] device team_slave_0 left promiscuous mode
[  272.572790][ T8143] team0: Port device team_slave_0 removed
[  272.574930][ T8143] device team_slave_1 left promiscuous mode
[  272.582100][ T8143] team0: Port device team_slave_1 removed
[  272.583549][ T8143] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  272.584842][ T8143] batman_adv: batadv0: Removing interface: batadv_slave_0
[  272.587308][ T8143] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  272.588590][ T8143] batman_adv: batadv0: Removing interface: batadv_slave_1
[  274.241168][ T8081] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  274.420465][ T8200] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  274.964506][ T8237] tipc: Can't bind to reserved service type 1
[  275.301423][ T8284] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  275.302841][ T8284] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  275.304390][ T8284] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  275.306248][ T8284] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  275.605663][ T8323] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  275.607468][ T8323] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  275.608870][ T8323] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  275.610340][ T8323] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  275.613802][ T8312] netlink: 'syz.2.1278': attribute type 10 has an invalid length.
[  275.624013][ T8312] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  276.245711][ T8405] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  276.332753][ T8415] __nla_validate_parse: 24 callbacks suppressed
[  276.332765][ T8415] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1308'.
[  276.343339][ T8417] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1309'.
[  276.344967][ T8417] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1309'.
[  276.357867][ T8417] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  276.359349][ T8417] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  276.360726][ T8417] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  276.362074][ T8417] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  276.378904][ T8417] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1309'.
[  276.380344][ T8417] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1309'.
[  276.445100][ T8427] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1315'.
[  276.699202][ T8439] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1318'.
[  276.711725][ T8457] device syzkaller0 entered promiscuous mode
[  276.719453][ T8458] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1321'.
[  276.779581][ T8462] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1326'.
[  276.781094][ T8462] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1326'.
[  277.192390][ T8495] netlink: 'syz.1.1337': attribute type 3 has an invalid length.
[  277.764665][ T8577] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  277.786967][ T8577] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  279.150414][ T8728] device syzkaller0 entered promiscuous mode
[  279.371438][ T8747] MPTCP: kernel_bind error, err=-98
[  279.447630][ T8739] loop4: detected capacity change from 0 to 32768
[  279.471103][ T8739] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 scanned by syz.4.1420 (8739)
[  279.503084][ T8739] BTRFS info (device loop4): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  279.506002][ T8739] BTRFS info (device loop4): using sha256 (sha256-ce) checksum algorithm
[  279.511708][ T8739] BTRFS info (device loop4): force zlib compression, level 3
[  279.514137][ T8739] BTRFS info (device loop4): setting nodatasum
[  279.515253][ T8739] BTRFS info (device loop4): using free space tree
[  279.648543][ T8739] BTRFS info (device loop4): enabling ssd optimizations
[  279.665744][ T8739] BTRFS info (device loop4): scrub: started on devid 1
[  279.686579][ T8739] BTRFS info (device loop4): scrub: finished on devid 1 with status: 0
[  279.745482][ T4330] BTRFS info (device loop4): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  279.842205][ T8064] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 10 /dev/loop4 scanned by udevd (8064)
[  279.883096][ T8808] MPTCP: kernel_bind error, err=-98
[  279.988516][ T8811] netdevsim netdevsim0 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  279.991346][ T8811] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  280.007104][ T8803] loop4: detected capacity change from 0 to 32768
[  280.015733][ T8803] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 scanned by syz.4.1436 (8803)
[  280.023798][ T8803] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  280.025521][ T8803] BTRFS info (device loop4): using sha256 (sha256-ce) checksum algorithm
[  280.027192][ T8803] BTRFS info (device loop4): force clearing of disk cache
[  280.028424][ T8803] BTRFS info (device loop4): force zlib compression, level 3
[  280.029717][ T8803] BTRFS info (device loop4): enabling auto defrag
[  280.030965][ T8803] BTRFS info (device loop4): max_inline at 0
[  280.032033][ T8803] BTRFS info (device loop4): turning on async discard
[  280.033204][ T8803] BTRFS info (device loop4): using free space tree
[  280.130597][ T8811] netdevsim netdevsim0 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  280.133191][ T8811] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  280.178282][ T8803] BTRFS info (device loop4): enabling ssd optimizations
[  280.181386][ T8803] BTRFS info (device loop4): rebuilding free space tree
[  280.229808][ T8811] netdevsim netdevsim0 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  280.231633][ T8811] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  280.273450][ T4330] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  280.359950][ T8811] netdevsim netdevsim0 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  280.361788][ T8811] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  280.618581][ T8811] netdevsim netdevsim0 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  280.623323][ T8811] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  280.634699][ T8811] netdevsim netdevsim0 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  280.646917][ T8811] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  280.657999][ T8811] netdevsim netdevsim0 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  280.659627][ T8811] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  280.671435][ T8865] MPTCP: kernel_bind error, err=-98
[  280.711825][ T8811] netdevsim netdevsim0 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  280.714205][ T8811] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  280.970406][ T8873] loop4: detected capacity change from 0 to 32768
[  280.974364][ T8873] gfs2: quota_quantum mount option requires a positive numeric argument
[  281.031968][ T8064] I/O error, dev loop4, sector 32640 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  281.078863][ T8894] loop2: detected capacity change from 0 to 512
[  281.097798][ T8895] MPTCP: kernel_bind error, err=-98
[  281.156700][ T8894] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  281.659722][ T8921] __nla_validate_parse: 28 callbacks suppressed
[  281.659735][ T8921] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1472'.
[  281.680688][ T8894] EXT4-fs error (device loop2): ext4_validate_block_bitmap:420: comm syz.2.1463: bg 0: bad block bitmap checksum
[  281.684835][ T8894] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6179: Filesystem failed CRC
[  281.714987][ T4322] EXT4-fs (loop2): unmounting filesystem.
[  281.810461][ T8930] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1476'.
[  281.817718][ T8932] MPTCP: kernel_bind error, err=-98
[  281.882086][ T8937] loop2: detected capacity change from 0 to 128
[  281.891010][ T8937] EXT4-fs: Ignoring removed bh option
[  281.904580][ T8937] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  281.925378][ T4322] EXT4-fs (loop2): unmounting filesystem.
[  282.029789][ T8950] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1484'.
[  282.144192][ T8958] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1488'.
[  282.181995][ T8961] loop4: detected capacity change from 0 to 64
[  282.199809][ T8965] MPTCP: kernel_bind error, err=-98
[  282.232733][ T8961] hfs: node 4:3 still has 1 user(s)!
[  282.330475][ T8982] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1496'.
[  282.354341][ T8984] device syzkaller0 entered promiscuous mode
[  282.512864][ T9001] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  282.548353][ T8993] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  282.601824][ T8993] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  282.605093][ T8993] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  282.608508][ T8993] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  282.726227][ T6344] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  283.178201][ T8997] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1502'.
[  283.208504][ T9006] MPTCP: kernel_bind error, err=-98
[  283.245253][ T9008] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1505'.
[  283.250044][ T9008] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1505'.
[  283.251824][ T9008] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1505'.
[  283.253319][ T9008] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1505'.
[  283.554867][ T9024] device syzkaller0 entered promiscuous mode
[  283.809827][ T9035] MPTCP: kernel_bind error, err=-98
[  284.028568][ T9061] device syzkaller0 entered promiscuous mode
[  284.715700][ T3896] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  284.809794][ T9131] device syzkaller0 entered promiscuous mode
[  285.094085][ T9151] netlink: 'syz.2.1554': attribute type 1 has an invalid length.
[  285.122611][ T9154] netlink: 'syz.3.1555': attribute type 3 has an invalid length.
[  285.673089][ T9188] loop4: detected capacity change from 0 to 32768
[  285.701829][ T9188] (syz.4.1562,9188,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  285.717505][ T9188] (syz.4.1562,9188,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  285.765629][ T9188] JBD2: Ignoring recovery information on journal
[  285.814849][ T9188] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  285.819656][ T9188] (syz.4.1562,9188,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xe54c5487, computed 0xd9bf75ee. Applying ECC.
[  285.822092][ T9188] (syz.4.1562,9188,1):ocfs2_block_check_validate:416 ERROR: Fixed CRC32 failed: stored: 0xe54c5487, computed 0xd9bf75ee
[  285.824404][ T9188] (syz.4.1562,9188,1):ocfs2_read_virt_blocks:1021 ERROR: status = -5
[  285.828316][ T9188] (syz.4.1562,9188,1):ocfs2_read_quota_block:150 ERROR: status = -5
[  285.829775][ T9188] (syz.4.1562,9188,1):ocfs2_local_check_quota_file:177 ERROR: status = -5
[  285.831256][ T9188] (syz.4.1562,9188,1):ocfs2_local_check_quota_file:179 ERROR: failed to read quota file header (type=0)
[  285.833230][ T9188] (syz.4.1562,9188,1):ocfs2_enable_quotas:939 ERROR: status = -22
[  285.834668][ T9188] (syz.4.1562,9188,1):ocfs2_fill_super:1143 ERROR: status = -22
[  285.850885][ T9188] ocfs2: Unmounting device (7,4) on (node local)
[  286.571165][ T9183] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  286.572752][ T9183] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  286.574158][ T9183] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  286.575564][ T9183] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  286.634562][ T9183] netdevsim netdevsim4 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[  286.636183][ T9183] netdevsim netdevsim4 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[  286.637642][ T9183] netdevsim netdevsim4 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[  286.638973][ T9183] netdevsim netdevsim4 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[  286.762077][ T9210] netlink: 'syz.0.1566': attribute type 1 has an invalid length.
[  286.814473][ T9217] netlink: 'syz.2.1568': attribute type 3 has an invalid length.
[  286.914260][ T9230] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  286.981051][ T9230] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  286.984413][ T9230] netlink: 'syz.4.1574': attribute type 10 has an invalid length.
[  286.994859][ T9230] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  287.114301][ T9225] loop2: detected capacity change from 0 to 32768
[  287.143299][ T9225] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  287.144745][ T9225] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  287.159324][ T9225] gfs2: fsid=syz:syz.0: fatal: filesystem consistency error
[  287.159324][ T9225]   inode = 1 18
[  287.159324][ T9225]   function = gfs2_check_internal_file_size, file = fs/gfs2/inode.h, line = 87
[  287.162815][ T9225] gfs2: fsid=syz:syz.0: G:  s:SH n:2/12 f:qob t:SH d:EX/0 a:0 v:0 r:3 m:20 p:1
[  287.164219][ T9225] gfs2: fsid=syz:syz.0:  H: s:SH f:eEcH e:0 p:0 [(none)] init_inodes+0xe0/0x2d4
[  287.165825][ T9225] gfs2: fsid=syz:syz.0:  I: n:1/18 t:8 f:0x00 d:0x00000200 s:98304 p:0
[  287.167786][ T9225] gfs2: fsid=syz:syz.0: about to withdraw this file system
[  287.172139][ T9225] gfs2: fsid=syz:syz.0: Journal recovery skipped for jid 0 until next mount.
[  287.173725][ T9225] gfs2: fsid=syz:syz.0: Glock dequeues delayed: 0
[  287.174805][ T9225] gfs2: fsid=syz:syz.0: File system withdrawn
[  287.175754][ T9225] CPU: 0 PID: 9225 Comm: syz.2.1571 Not tainted syzkaller #0
[  287.176907][ T9225] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/26/2026
[  287.178472][ T9225] Call trace:
[  287.178960][ T9225]  dump_backtrace+0x1c0/0x1ec
[  287.179655][ T9225]  show_stack+0x2c/0x3c
[  287.180312][ T9225]  __dump_stack+0x30/0x40
[  287.180995][ T9225]  dump_stack_lvl+0xf4/0x15c
[  287.181717][ T9225]  dump_stack+0x1c/0x5c
[  287.182362][ T9225]  gfs2_withdraw+0xfa4/0x1390
[  287.183109][ T9225]  gfs2_consist_inode_i+0xf0/0x10c
[  287.183910][ T9225]  gfs2_jdesc_check+0x12c/0x264
[  287.184705][ T9225]  init_journal+0xad8/0x1e94
[  287.185516][ T9225]  init_inodes+0xe0/0x2d4
[  287.186260][ T9225]  gfs2_fill_super+0x11c0/0x194c
[  287.187072][ T9225]  get_tree_bdev+0x358/0x544
[  287.187882][ T9225]  gfs2_get_tree+0x54/0x1b4
[  287.188658][ T9225]  vfs_get_tree+0x90/0x274
[  287.189420][ T9225]  do_new_mount+0x228/0x810
[  287.190160][ T9225]  path_mount+0x5bc/0xe80
[  287.190955][ T9225]  __arm64_sys_mount+0x49c/0x59c
[  287.191822][ T9225]  invoke_syscall+0x98/0x2b4
[  287.192608][ T9225]  el0_svc_common+0x138/0x258
[  287.193376][ T9225]  do_el0_svc+0x58/0x130
[  287.194084][ T9225]  el0_svc+0x58/0x128
[  287.194729][ T9225]  el0t_64_sync_handler+0x84/0xf0
[  287.195570][ T9225]  el0t_64_sync+0x18c/0x190
[  287.200897][ T9225] gfs2: fsid=syz:syz.0: my journal (0) is bad: -5
[  287.237137][ T9254] netlink: 'syz.0.1580': attribute type 1 has an invalid length.
[  287.819302][ T9286] device syzkaller0 entered promiscuous mode
[  287.877985][ T9294] netlink: 'syz.3.1592': attribute type 3 has an invalid length.
[  287.936037][ T9292] __nla_validate_parse: 10 callbacks suppressed
[  287.936051][ T9292] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1591'.
[  288.422139][ T9321] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  288.425151][ T9321] device bridge_slave_0 left promiscuous mode
[  288.426880][ T9321] bridge0: port 1(bridge_slave_0) entered disabled state
[  288.468259][ T9321] device bridge_slave_1 left promiscuous mode
[  288.469555][ T9321] bridge0: port 2(bridge_slave_1) entered disabled state
[  288.510743][ T9321] bond0: (slave bond_slave_0): Releasing backup interface
[  288.546467][ T9321] device bond_slave_0 left promiscuous mode
[  288.551993][ T9321] bond0: (slave bond_slave_1): Releasing backup interface
[  288.589494][ T9321] device bond_slave_1 left promiscuous mode
[  288.594128][ T9321] device team_slave_0 left promiscuous mode
[  288.607773][ T9321] team0: Port device team_slave_0 removed
[  288.609229][ T9321] device team_slave_1 left promiscuous mode
[  288.617892][ T9321] team0: Port device team_slave_1 removed
[  288.619296][ T9321] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  288.620579][ T9321] batman_adv: batadv0: Removing interface: batadv_slave_0
[  288.622318][ T9321] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  288.623640][ T9321] batman_adv: batadv0: Removing interface: batadv_slave_1
[  288.631962][ T9321] bond1: (slave ip6gretap1): Removing an active aggregator
[  288.633645][ T9321] bond1: (slave ip6gretap1): Releasing backup interface
[  288.656144][ T8800] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  288.720618][ T9330] device syzkaller0 entered promiscuous mode
[  288.723028][ T9324] team0: Mode changed to "broadcast"
[  288.766246][ T9334] device syzkaller0 entered promiscuous mode
[  288.769521][ T9336] netlink: 'syz.1.1606': attribute type 3 has an invalid length.
[  288.838789][ T9338] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1607'.
[  288.992417][ T9348] device syzkaller0 entered promiscuous mode
[  289.342421][ T9368] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1618'.
[  289.356280][ T4370] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  289.357953][ T9372] MPTCP: kernel_bind error, err=-98
[  289.377947][ T9374] netlink: 'syz.2.1620': attribute type 3 has an invalid length.
[  289.473001][ T9382] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  289.474623][ T9382] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  289.679838][ T9382] loop2: detected capacity change from 0 to 65536
[  289.699410][ T9382] XFS (loop2): Mounting V5 filesystem in no-recovery mode. Filesystem will be inconsistent.
[  289.705214][ T4372] XFS (loop2): Metadata CRC error detected at xfs_agi_read_verify+0x15c/0x234, xfs_agi block 0x8002 
[  289.708302][ T4372] XFS (loop2): Unmount and run xfs_repair
[  289.709302][ T4372] XFS (loop2): First 128 bytes of corrupted metadata buffer:
[  289.710591][ T4372] 00000000: 58 41 47 49 00 00 00 01 00 00 00 01 00 00 40 00  XAGI..........@.
[  289.712145][ T4372] 00000010: 00 00 00 00 00 00 00 04 00 00 00 01 00 00 00 00  ................
[  289.715236][ T4372] 00000020: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff  ................
[  289.719554][ T4372] 00000030: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff  ................
[  289.721302][ T4372] 00000040: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff  ................
[  289.722961][ T4372] 00000050: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff  ................
[  289.724606][ T4372] 00000060: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff  ................
[  289.733635][ T4372] 00000070: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff  ................
[  289.737442][ T9382] XFS (loop2): metadata I/O error in "xfs_read_agi+0x250/0x630" at daddr 0x8002 len 1 error 74
[  290.349673][ T9433] IPv6: ADDRCONF(NETDEV_CHANGE): bpq0: link becomes ready
[  290.581058][ T9459] MPTCP: kernel_bind error, err=-98
[  290.687383][ T9467] device syzkaller0 entered promiscuous mode
[  292.316070][ T3896] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  299.997249][ T4988] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  301.916030][ T6344] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  301.977834][ T9480] team0: No ports can be present during mode change
[  302.042432][ T9501] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  302.046740][ T9501] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  302.749941][ T9533] netlink: 'syz.3.1670': attribute type 3 has an invalid length.
[  302.794904][ T9540] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  302.797949][ T9540] device syzkaller0 entered promiscuous mode
[  302.857452][ T9549] tipc: Resetting bearer <eth:syzkaller0>
[  302.863520][ T9539] tipc: Resetting bearer <eth:syzkaller0>
[  302.966616][ T9539] tipc: Disabling bearer <eth:syzkaller0>
[  302.971578][ T9560] netlink: 'syz.3.1678': attribute type 10 has an invalid length.
[  303.038669][ T9560] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  303.093056][ T9571] netlink: 'syz.3.1682': attribute type 3 has an invalid length.
[  303.208564][ T9585] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1688'.
[  303.272211][ T9590] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1690'.
[  303.273835][ T9590] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1690'.
[  303.278614][ T9590] netlink: 232 bytes leftover after parsing attributes in process `syz.0.1690'.
[  303.524065][ T9627] device syzkaller0 entered promiscuous mode
[  303.622765][ T9632] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1702'.
[  303.624531][ T9632] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1702'.
[  303.629643][ T9632] netlink: 232 bytes leftover after parsing attributes in process `syz.0.1702'.
[  303.836082][    C0] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  305.127314][    T7] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  305.756087][ T4988] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  310.236915][ T2061] ieee802154 phy0 wpan0: encryption failed: -22
[  310.238022][ T2061] ieee802154 phy1 wpan1: encryption failed: -22
[  310.876113][ T4988] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  314.504693][ T9646] device bond0 entered promiscuous mode
[  314.505629][ T9646] device bond_slave_0 entered promiscuous mode
[  314.517766][ T9646] device bond_slave_1 entered promiscuous mode
[  314.518796][ T9646] device wlan1 entered promiscuous mode
[  314.644554][ T9677] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1714'.
[  314.648446][ T9677] netlink: 232 bytes leftover after parsing attributes in process `syz.3.1714'.
[  314.716303][    T7] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  314.728949][ T9679] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1715'.
[  314.734717][ T9684] bridge0: port 3(syz_tun) entered blocking state
[  314.736400][ T9684] bridge0: port 3(syz_tun) entered disabled state
[  314.744048][ T9684] device syz_tun entered promiscuous mode
[  314.745749][ T9684] bridge0: port 3(syz_tun) entered blocking state
[  314.746897][ T9684] bridge0: port 3(syz_tun) entered forwarding state
[  315.062481][ T9713] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1725'.
[  315.064713][ T9713] netlink: 232 bytes leftover after parsing attributes in process `syz.1.1725'.
[  315.160806][ T9719] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1728'.
[  315.255165][ T9728] loop2: detected capacity change from 0 to 64
[  315.290940][ T9733] IPVS: nq: FWM 3 0x00000003 - no destination available
[  315.292755][ T9733] IPVS: nq: FWM 3 0x00000003 - no destination available
[  315.314025][ T9728] hfs: node 4:3 still has 1 user(s)!
[  315.569413][ T9749] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1739'.
[  315.571344][ T9749] netlink: 232 bytes leftover after parsing attributes in process `syz.4.1739'.
[  315.630991][ T9756] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1741'.
[  315.792918][ T9770] loop2: detected capacity change from 0 to 64
[  316.007355][ T9788] netlink: 232 bytes leftover after parsing attributes in process `syz.2.1752'.
[  316.636360][ T4992] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  316.989034][ T9885] loop2: detected capacity change from 0 to 32768
[  317.013343][ T9885] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 scanned by syz.2.1785 (9885)
[  317.024121][ T9912] device syzkaller1 entered promiscuous mode
[  317.036025][ T9885] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  317.037968][ T9885] BTRFS info (device loop2): using sha256 (sha256-ce) checksum algorithm
[  317.039373][ T9885] BTRFS info (device loop2): force clearing of disk cache
[  317.040561][ T9885] BTRFS info (device loop2): using default commit interval 30s
[  317.041854][ T9885] BTRFS info (device loop2): enabling auto defrag
[  317.042937][ T9885] BTRFS info (device loop2): turning on sync discard
[  317.044023][ T9885] BTRFS info (device loop2): enabling disk space caching
[  317.045209][ T9885] BTRFS info (device loop2): disk space caching is enabled
[  317.142609][ T9885] BTRFS info (device loop2): enabling ssd optimizations
[  317.144192][ T9885] BTRFS info (device loop2): rebuilding free space tree
[  317.159875][ T9885] BTRFS info (device loop2): disabling free space tree
[  317.161232][ T9885] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  317.163710][ T9885] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  317.219610][ T4322] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  317.340711][ T9658] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 11 /dev/loop2 scanned by udevd (9658)
[  317.545498][ T9994] device syzkaller1 entered promiscuous mode
[  317.930684][T10055] loop2: detected capacity change from 0 to 256
[  317.955462][T10054] loop4: detected capacity change from 0 to 2048
[  317.958352][T10055] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xe619cb59, utbl_chksum : 0xe619d30d)
[  318.010090][T10061] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  318.071671][T10061] NILFS (loop4): vblocknr = 18 has abnormal lifetime: start cno (= 504403158265495554) > current cno (= 3)
[  318.073645][T10061] NILFS error (device loop4): nilfs_bmap_propagate: broken bmap (inode number=2)
[  318.080852][T10061] Remounting filesystem read-only
[  318.083152][ T4330] NILFS (loop4): disposed unprocessed dirty file(s) when stopping log writer
[  318.407258][T10104] netdevsim netdevsim3 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  318.409075][T10104] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  318.418070][T10111] device syzkaller1 entered promiscuous mode
[  318.517216][T10104] netdevsim netdevsim3 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  318.519538][T10104] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  318.616678][T10104] netdevsim netdevsim3 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  318.633152][T10104] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  318.705574][T10136] loop2: detected capacity change from 0 to 2048
[  318.742044][T10136] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  318.749420][T10104] netdevsim netdevsim3 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  318.750984][T10136] fs-verity: sha512 using implementation "sha512-ce"
[  318.750990][T10104] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  318.807612][ T4322] EXT4-fs (loop2): unmounting filesystem.
[  318.863777][T10104] netdevsim netdevsim3 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  318.865326][T10104] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  318.919758][T10104] netdevsim netdevsim3 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  318.921161][T10104] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  318.924245][T10104] netdevsim netdevsim3 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  318.925599][T10104] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  318.939574][T10104] netdevsim netdevsim3 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  318.940963][T10104] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  319.114617][T10183] IPVS: nq: FWM 3 0x00000003 - no destination available
[  319.268522][T10179] loop4: detected capacity change from 0 to 32768
[  319.287961][T10179] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 scanned by syz.4.1872 (10179)
[  319.293807][T10179] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  319.295662][T10179] BTRFS info (device loop4): using crc32c (crc32c-generic) checksum algorithm
[  319.297440][T10179] BTRFS warning (device loop4): 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  319.299187][T10179] BTRFS info (device loop4): trying to use backup root at mount time
[  319.300931][T10179] BTRFS info (device loop4): setting nodatasum
[  319.302248][T10179] BTRFS info (device loop4): enabling ssd optimizations
[  319.303821][T10179] BTRFS info (device loop4): using spread ssd allocation scheme
[  319.305254][T10179] BTRFS info (device loop4): turning on flush-on-commit
[  319.306522][T10179] BTRFS info (device loop4): force zlib compression, level 3
[  319.310028][T10179] BTRFS info (device loop4): using free space tree
[  319.398665][ T4330] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  319.680461][T10243] __nla_validate_parse: 26 callbacks suppressed
[  319.680472][T10243] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1884'.
[  319.750219][T10246] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1886'.
[  319.793603][T10251] IPVS: nq: FWM 3 0x00000003 - no destination available
[  319.803350][T10241] loop4: detected capacity change from 0 to 32768
[  319.812718][T10241] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 scanned by syz.4.1883 (10241)
[  319.828103][T10241] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  319.829839][T10241] BTRFS info (device loop4): using crc32c (crc32c-generic) checksum algorithm
[  319.831176][T10241] BTRFS info (device loop4): turning on sync discard
[  319.832240][T10241] BTRFS info (device loop4): setting nodatacow, compression disabled
[  319.846555][T10241] BTRFS info (device loop4): turning off barriers
[  319.847706][T10241] BTRFS warning (device loop4): 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  319.849443][T10241] BTRFS info (device loop4): trying to use backup root at mount time
[  319.850818][T10241] BTRFS info (device loop4): metadata ratio 32769
[  319.851903][T10241] BTRFS info (device loop4): max_inline at 0
[  319.852870][T10241] BTRFS info (device loop4): using free space tree
[  319.885277][T10261] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1889'.
[  319.888572][T10261] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1889'.
[  319.953434][ T4988] BTRFS warning (device loop4): checksum verify failed on logical 5337088 mirror 1 wanted 0xe63dbdda found 0xc926492d level 0
[  319.956639][T10241] BTRFS error (device loop4): failed to load root extent
[  319.957704][T10241] BTRFS warning (device loop4): try to load backup roots slot 1
[  319.959302][ T4988] BTRFS warning (device loop4): checksum verify failed on logical 5324800 mirror 1 wanted 0x9f73850b found 0x80379423 level 0
[  319.961660][T10241] BTRFS warning (device loop4): couldn't read tree root
[  319.962740][T10241] BTRFS warning (device loop4): try to load backup roots slot 2
[  319.964685][T10241] BTRFS error (device loop4): parent transid verify failed on logical 5255168 mirror 1 wanted 5 found 7
[  319.967047][T10241] BTRFS warning (device loop4): couldn't read tree root
[  319.968244][T10241] BTRFS warning (device loop4): try to load backup roots slot 3
[  319.978271][T10273] netdevsim netdevsim3 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  319.980004][T10273] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  319.983135][T10275] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1892'.
[  320.005258][T10241] BTRFS info (device loop4): enabling ssd optimizations
[  320.008254][T10241] BTRFS info (device loop4): rebuilding free space tree
[  320.015549][T10241] BTRFS info (device loop4): checking UUID tree
[  320.055637][T10273] netdevsim netdevsim3 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  320.060407][T10273] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  320.093247][ T4330] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  320.129543][T10273] netdevsim netdevsim3 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  320.131585][T10273] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  320.212372][T10273] netdevsim netdevsim3 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  320.213975][T10273] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  320.237002][T10299] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1895'.
[  320.293902][T10307] IPVS: sh: FWM 3 0x00000003 - no destination available
[  320.359093][T10315] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1903'.
[  320.476568][ T5019] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  320.529919][T10337] loop4: detected capacity change from 0 to 64
[  320.579410][T10337] hfs: node 4:3 still has 1 user(s)!
[  320.612300][T10345] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1910'.
[  320.629892][T10348] overlayfs: failed to clone upperpath
[  320.632363][T10348] overlayfs: failed to clone upperpath
[  320.661210][T10350] batman_adv: batadv0: Adding interface: dummy0
[  320.662367][T10350] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  320.667108][T10350] batman_adv: batadv0: Not using interface dummy0 (retrying later): interface not active
[  320.711111][T10357] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1915'.
[  320.760028][T10363] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1918'.
[  320.890512][T10372] loop4: detected capacity change from 0 to 64
[  320.937911][T10372] hfs: node 4:3 still has 1 user(s)!
[  321.202363][T10403] device syzkaller0 entered promiscuous mode
[  321.217131][T10404] device syzkaller0 entered promiscuous mode
[  321.553558][T10429] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  321.556608][T10429] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  321.945379][ T4992] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  322.295112][T10478] netlink: 'syz.2.1956': attribute type 15 has an invalid length.
[  322.454474][T10486] netlink: 'syz.1.1960': attribute type 21 has an invalid length.
[  322.816999][T10518] netlink: 'syz.1.1971': attribute type 21 has an invalid length.
[  323.178604][T10551] netlink: 'syz.1.1983': attribute type 21 has an invalid length.
[  323.574015][T10579] netlink: 'syz.1.1994': attribute type 21 has an invalid length.
[  324.072439][T10610] netlink: 'syz.2.2005': attribute type 21 has an invalid length.
[  324.223372][T10613] loop2: detected capacity change from 0 to 32768
[  324.236561][T10613] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  324.240176][T10613] BTRFS info (device loop2): using sha256 (sha256-ce) checksum algorithm
[  324.243413][T10613] BTRFS info (device loop2): force clearing of disk cache
[  324.244660][T10613] BTRFS info (device loop2): max_inline at 0
[  324.245613][T10613] BTRFS info (device loop2): enabling auto defrag
[  324.252439][T10613] BTRFS info (device loop2): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  324.257523][T10613] BTRFS info (device loop2): force zstd compression, level 3
[  324.258780][T10613] BTRFS info (device loop2): enabling disk space caching
[  324.263191][T10613] BTRFS info (device loop2): disk space caching is enabled
[  324.324127][T10613] BTRFS info (device loop2): enabling ssd optimizations
[  324.325812][T10613] BTRFS info (device loop2): rebuilding free space tree
[  324.331303][T10613] BTRFS info (device loop2): disabling free space tree
[  324.332602][T10613] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  324.335363][T10613] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  324.373456][ T4992] BTRFS info (device loop2): qgroup scan completed (inconsistency flag cleared)
[  324.428365][ T4322] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  324.697436][T10672] netlink: 'syz.0.2016': attribute type 21 has an invalid length.
[  324.698790][T10672] __nla_validate_parse: 23 callbacks suppressed
[  324.698800][T10672] netlink: 156 bytes leftover after parsing attributes in process `syz.0.2016'.
[  324.725248][T10273] netdevsim netdevsim3 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  324.730199][T10273] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  324.733779][T10273] netdevsim netdevsim3 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  324.735142][T10273] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  324.773443][T10273] netdevsim netdevsim3 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  324.774813][T10273] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  324.785970][T10690] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  324.787549][T10690] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  324.787787][T10273] netdevsim netdevsim3 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  324.790063][T10273] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  324.818616][T10692] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  324.820320][T10692] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  325.211411][T10709] netlink: 72 bytes leftover after parsing attributes in process `syz.3.2028'.
[  325.298455][T10715] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2031'.
[  325.370566][T10736] netdevsim netdevsim3 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  325.372500][T10736] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  325.431250][T10736] netdevsim netdevsim3 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  325.433968][T10736] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  325.475210][T10745] device bridge_slave_0 left promiscuous mode
[  325.476554][T10745] bridge0: port 1(bridge_slave_0) entered disabled state
[  325.508659][T10745] device bridge_slave_1 left promiscuous mode
[  325.510015][T10745] bridge0: port 2(bridge_slave_1) entered disabled state
[  325.527046][ T1631] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  325.547844][T10745] bond0: (slave bond_slave_0): Releasing backup interface
[  325.593071][T10745] bond0: (slave bond_slave_1): Releasing backup interface
[  325.655386][T10745] team0: Port device team_slave_0 removed
[  325.663428][T10745] team0: Port device team_slave_1 removed
[  325.664845][T10745] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  325.666419][T10745] batman_adv: batadv0: Removing interface: batadv_slave_0
[  325.668276][T10745] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  325.669535][T10745] batman_adv: batadv0: Removing interface: batadv_slave_1
[  325.676796][T10736] netdevsim netdevsim3 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  325.679039][T10736] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  325.700822][T10751] netlink: 72 bytes leftover after parsing attributes in process `syz.0.2041'.
[  325.730157][T10736] netdevsim netdevsim3 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  325.732291][T10736] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  325.962281][T10763] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2045'.
[  326.270735][T10786] infiniband syz1: set active
[  326.271826][T10786] infiniband syz1: added syz_tun
[  326.288416][T10786] RDS/IB: syz1: added
[  326.289549][T10786] smc: adding ib device syz1 with port count 1
[  326.290634][T10786] smc:    ib device syz1 port 1 has pnetid 
[  326.299966][T10790] bridge0: port 1(syz_tun) entered blocking state
[  326.301311][T10790] bridge0: port 1(syz_tun) entered disabled state
[  326.303036][T10790] device syz_tun entered promiscuous mode
[  326.305632][T10790] bridge0: port 1(syz_tun) entered blocking state
[  326.306818][T10790] bridge0: port 1(syz_tun) entered forwarding state
[  326.503196][T10803] netlink: 48 bytes leftover after parsing attributes in process `syz.0.2056'.
[  326.611467][T10809] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2058'.
[  327.047277][T10852] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2070'.
[  327.212236][T10876] netlink: 'syz.0.2078': attribute type 15 has an invalid length.
[  327.213657][T10876] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2078'.
[  327.235415][T10879] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  327.281580][T10879] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  327.336211][T10888] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  327.339444][T10879] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  327.458506][T10894] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2083'.
[  327.516997][ T4992] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  327.869762][T10912] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  327.880657][T10912] ------------[ cut here ]------------
[  327.881767][T10912] WARNING: CPU: 1 PID: 10912 at net/mac80211/chan.c:2017 ieee80211_link_release_channel+0x16c/0x19c
[  327.883579][T10912] Modules linked in:
[  327.884228][T10912] CPU: 1 PID: 10912 Comm: syz.2.2089 Not tainted syzkaller #0
[  327.885471][T10912] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/26/2026
[  327.887069][T10912] pstate: 82400005 (Nzcv daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--)
[  327.888280][T10912] pc : ieee80211_link_release_channel+0x16c/0x19c
[  327.889279][T10912] lr : ieee80211_link_release_channel+0x16c/0x19c
[  327.890342][T10912] sp : ffff800021327100
[  327.890981][T10912] x29: ffff800021327100 x28: ffff0000de0a5c80 x27: dfff800000000000
[  327.892276][T10912] x26: 1fffe0001bc14d68 x25: 1fffe0001ee61000 x24: ffff0000de0a6b42
[  327.893507][T10912] x23: 1fffe0001bc14ab5 x22: dfff800000000000 x21: 0000000000000000
[  327.894726][T10912] x20: ffff0000de0a6228 x19: ffff0000de0a55a8 x18: 0000000000000000
[  327.896027][T10912] x17: ffff800018349000 x16: ffff8000082d7ca0 x15: 0000000000000000
[  327.897347][T10912] x14: 0000000000000001 x13: 1ffff00004264dd0 x12: 0000000000080000
[  327.898880][T10912] x11: 00000000000348b2 x10: ffff8000276ba000 x9 : ffff800011352afc
[  327.900133][T10912] x8 : 00000000000348b3 x7 : ffff8000113529fc x6 : 0000000000000000
[  327.901423][T10912] x5 : 0000000000000000 x4 : 0000000000000001 x3 : ffff8000082d0490
[  327.902681][T10912] x2 : ffff0001023f3780 x1 : 0000000000000000 x0 : 0000000000000000
[  327.904003][T10912] Call trace:
[  327.904497][T10912]  ieee80211_link_release_channel+0x16c/0x19c
[  327.905473][T10912]  ieee80211_link_stop+0x9c/0xc4
[  327.906305][T10912]  ieee80211_if_change_type+0x1d8/0xc68
[  327.907251][T10912]  ieee80211_change_iface+0x68/0x400
[  327.908177][T10912]  cfg80211_change_iface+0x718/0xf24
[  327.909038][T10912]  nl80211_set_interface+0x428/0x6fc
[  327.909943][T10912]  genl_family_rcv_msg_doit+0x204/0x308
[  327.910826][T10912]  genl_rcv_msg+0x44c/0x640
[  327.911554][T10912]  netlink_rcv_skb+0x218/0x3e8
[  327.912277][T10912]  genl_rcv+0x38/0x50
[  327.912883][T10912]  netlink_unicast+0x60c/0x814
[  327.913614][T10912]  netlink_sendmsg+0x6f4/0x9c0
[  327.914340][T10912]  ____sys_sendmsg+0x5c8/0x938
[  327.915100][T10912]  __sys_sendmsg+0x288/0x374
[  327.915772][T10912]  __arm64_sys_sendmsg+0x80/0x94
[  327.916511][T10912]  invoke_syscall+0x98/0x2b4
[  327.917258][T10912]  el0_svc_common+0x138/0x258
[  327.917992][T10912]  do_el0_svc+0x58/0x130
[  327.918676][T10912]  el0_svc+0x58/0x128
[  327.919304][T10912]  el0t_64_sync_handler+0x84/0xf0
[  327.920027][T10912]  el0t_64_sync+0x18c/0x190
[  327.920708][T10912] irq event stamp: 3622
[  327.921324][T10912] hardirqs last  enabled at (3621): [<ffff8000081fa53c>] __cancel_work_timer+0x2c4/0x458
[  327.922810][T10912] hardirqs last disabled at (3622): [<ffff800011a288ec>] el1_dbg+0x24/0x80
[  327.924093][T10912] softirqs last  enabled at (2236): [<ffff80001117a8bc>] cfg80211_mgmt_registrations_update+0x444/0x840
[  327.925901][T10912] softirqs last disabled at (2234): [<ffff80001117a588>] cfg80211_mgmt_registrations_update+0x110/0x840
[  327.927801][T10912] ---[ end trace 0000000000000000 ]---
[  327.933051][T10912] ------------[ cut here ]------------
[  327.933880][T10912] wlan1: Failed check-sdata-in-driver check, flags: 0x0
[  327.935305][T10912] WARNING: CPU: 1 PID: 10912 at net/mac80211/driver-ops.c:315 drv_unassign_vif_chanctx+0x358/0x638
[  327.937002][T10912] Modules linked in:
[  327.937610][T10912] CPU: 1 PID: 10912 Comm: syz.2.2089 Tainted: G        W          syzkaller #0
[  327.939032][T10912] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/26/2026
[  327.940684][T10912] pstate: 62400005 (nZCv daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--)
[  327.941932][T10912] pc : drv_unassign_vif_chanctx+0x358/0x638
[  327.942843][T10912] lr : drv_unassign_vif_chanctx+0x358/0x638
[  327.943731][T10912] sp : ffff800021326fb0
[  327.944361][T10912] x29: ffff800021326fb0 x28: 0000000000000000 x27: ffff0000de0a4c80
[  327.945600][T10912] x26: ffff0000de0a6668 x25: dfff800000000000 x24: ffff0000de0a67b8
[  327.946841][T10912] x23: 0000000000000000 x22: ffff0000dfb01200 x21: ffff0000de0a67b8
[  327.948143][T10912] x20: ffff800017bda000 x19: ffff0000de0a4c80 x18: 0000000000000000
[  327.949419][T10912] x17: 0000000000000000 x16: ffff8000082d91a4 x15: 0000000000000002
[  327.950653][T10912] x14: 0000000000000001 x13: 1fffe00033eac9a3 x12: 0000000000080000
[  327.951880][T10912] x11: 000000000005f557 x10: ffff8000276ba000 x9 : 069dd281bd38dd00
[  327.953108][T10912] x8 : 069dd281bd38dd00 x7 : 0000000000000001 x6 : 0000000000000001
[  327.954285][T10912] x5 : ffff800021326a38 x4 : ffff8000152f4cc0 x3 : ffff80000853854c
[  327.955524][T10912] x2 : 0000000000000001 x1 : 0000000100000000 x0 : 0000000000000000
[  327.956831][T10912] Call trace:
[  327.957368][T10912]  drv_unassign_vif_chanctx+0x358/0x638
[  327.958243][T10912]  ieee80211_assign_link_chanctx+0x140/0x82c
[  327.959250][T10912]  __ieee80211_link_release_channel+0x29c/0x55c
[  327.960330][T10912]  ieee80211_link_release_channel+0x130/0x19c
[  327.961285][T10912]  ieee80211_link_stop+0x9c/0xc4
[  327.962037][T10912]  ieee80211_if_change_type+0x1d8/0xc68
[  327.962905][T10912]  ieee80211_change_iface+0x68/0x400
[  327.963732][T10912]  cfg80211_change_iface+0x718/0xf24
[  327.964535][T10912]  nl80211_set_interface+0x428/0x6fc
[  327.965339][T10912]  genl_family_rcv_msg_doit+0x204/0x308
[  327.966209][T10912]  genl_rcv_msg+0x44c/0x640
[  327.966926][T10912]  netlink_rcv_skb+0x218/0x3e8
[  327.967752][T10912]  genl_rcv+0x38/0x50
[  327.968443][T10912]  netlink_unicast+0x60c/0x814
[  327.969266][T10912]  netlink_sendmsg+0x6f4/0x9c0
[  327.970061][T10912]  ____sys_sendmsg+0x5c8/0x938
[  327.970828][T10912]  __sys_sendmsg+0x288/0x374
[  327.971608][T10912]  __arm64_sys_sendmsg+0x80/0x94
[  327.972446][T10912]  invoke_syscall+0x98/0x2b4
[  327.973269][T10912]  el0_svc_common+0x138/0x258
[  327.974027][T10912]  do_el0_svc+0x58/0x130
[  327.974708][T10912]  el0_svc+0x58/0x128
[  327.975345][T10912]  el0t_64_sync_handler+0x84/0xf0
[  327.976150][T10912]  el0t_64_sync+0x18c/0x190
[  327.976912][T10912] irq event stamp: 3826
[  327.977544][T10912] hardirqs last  enabled at (3825): [<ffff80000830f9ac>] __up_console_sem+0xb4/0xfc
[  327.979046][T10912] hardirqs last disabled at (3826): [<ffff800011a288ec>] el1_dbg+0x24/0x80
[  327.980433][T10912] softirqs last  enabled at (3800): [<ffff8000081ac37c>] handle_softirqs+0xaec/0xc60
[  327.981954][T10912] softirqs last disabled at (3625): [<ffff800008020164>] __do_softirq+0x14/0x20
[  327.983382][T10912] ---[ end trace 0000000000000000 ]---
[  327.988153][T10912] ------------[ cut here ]------------
[  327.989048][T10912] wlan1: Failed check-sdata-in-driver check, flags: 0x0
[  327.990520][T10912] WARNING: CPU: 1 PID: 10912 at net/mac80211/driver-ops.h:156 ieee80211_vif_cfg_change_notify+0x21c/0x25c
[  327.992227][T10912] Modules linked in:
[  327.992837][T10912] CPU: 1 PID: 10912 Comm: syz.2.2089 Tainted: G        W          syzkaller #0
[  327.994209][T10912] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/26/2026
[  327.995657][T10912] pstate: 62400005 (nZCv daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--)
[  327.996881][T10912] pc : ieee80211_vif_cfg_change_notify+0x21c/0x25c
[  327.997794][T10912] lr : ieee80211_vif_cfg_change_notify+0x21c/0x25c
[  327.998777][T10912] sp : ffff800021326fb0
[  327.999427][T10912] x29: ffff800021326fb0 x28: ffff800015210000 x27: ffff800015210384
[  328.000751][T10912] x26: ffff0000dfb01220 x25: 0000000000000000 x24: dfff800000000000
[  328.002053][T10912] x23: 0000000000000000 x22: ffff0000de0a6760 x21: ffff0000f7308ea0
[  328.003335][T10912] x20: ffff800017bda000 x19: ffff0000de0a4c80 x18: ffff800011b8bf60
[  328.004510][T10912] x17: 1fffe00033eac97e x16: ffff8000082d91a4 x15: ffff80001520d000
[  328.005832][T10912] x14: 0000000000000001 x13: 1fffe000189543d0 x12: 0000000000000000
[  328.007171][T10912] x11: 0000000000000000 x10: ffff6000189543d1 x9 : 069dd281bd38dd00
[  328.008441][T10912] x8 : 069dd281bd38dd00 x7 : ffff80000825796c x6 : 0000000000000000
[  328.009708][T10912] x5 : 0000000000000080 x4 : 0000000000000001 x3 : ffff800008246798
[  328.010981][T10912] x2 : 0000000000000001 x1 : 0000000000000004 x0 : 0000000000000001
[  328.012231][T10912] Call trace:
[  328.012787][T10912]  ieee80211_vif_cfg_change_notify+0x21c/0x25c
[  328.013794][T10912]  ieee80211_assign_link_chanctx+0x6e8/0x82c
[  328.014765][T10912]  __ieee80211_link_release_channel+0x29c/0x55c
[  328.015764][T10912]  ieee80211_link_release_channel+0x130/0x19c
[  328.016774][T10912]  ieee80211_link_stop+0x9c/0xc4
[  328.017535][T10912]  ieee80211_if_change_type+0x1d8/0xc68
[  328.018401][T10912]  ieee80211_change_iface+0x68/0x400
[  328.019308][T10912]  cfg80211_change_iface+0x718/0xf24
[  328.020173][T10912]  nl80211_set_interface+0x428/0x6fc
[  328.021066][T10912]  genl_family_rcv_msg_doit+0x204/0x308
[  328.021985][T10912]  genl_rcv_msg+0x44c/0x640
[  328.022688][T10912]  netlink_rcv_skb+0x218/0x3e8
[  328.023477][T10912]  genl_rcv+0x38/0x50
[  328.024137][T10912]  netlink_unicast+0x60c/0x814
[  328.024912][T10912]  netlink_sendmsg+0x6f4/0x9c0
[  328.025650][T10912]  ____sys_sendmsg+0x5c8/0x938
[  328.026401][T10912]  __sys_sendmsg+0x288/0x374
[  328.027179][T10912]  __arm64_sys_sendmsg+0x80/0x94
[  328.027975][T10912]  invoke_syscall+0x98/0x2b4
[  328.028731][T10912]  el0_svc_common+0x138/0x258
[  328.029507][T10912]  do_el0_svc+0x58/0x130
[  328.030195][T10912]  el0_svc+0x58/0x128
[  328.030855][T10912]  el0t_64_sync_handler+0x84/0xf0
[  328.031633][T10912]  el0t_64_sync+0x18c/0x190
[  328.032382][T10912] irq event stamp: 3926
[  328.033056][T10912] hardirqs last  enabled at (3925): [<ffff800008257a00>] finish_lock_switch+0xb0/0x1c4
[  328.034584][T10912] hardirqs last disabled at (3926): [<ffff800011a288ec>] el1_dbg+0x24/0x80
[  328.035991][T10912] softirqs last  enabled at (3896): [<ffff8000081ac37c>] handle_softirqs+0xaec/0xc60
[  328.037453][T10912] softirqs last disabled at (3829): [<ffff800008020164>] __do_softirq+0x14/0x20
[  328.038957][T10912] ---[ end trace 0000000000000000 ]---
[  328.043891][T10912] ------------[ cut here ]------------
[  328.044696][T10912] WARNING: CPU: 1 PID: 10912 at net/mac80211/iface.c:113 ieee80211_recalc_idle+0x298/0x338
[  328.046287][T10912] Modules linked in:
[  328.046933][T10912] CPU: 1 PID: 10912 Comm: syz.2.2089 Tainted: G        W          syzkaller #0
[  328.048493][T10912] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/26/2026
[  328.050081][T10912] pstate: 62400005 (nZCv daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--)
[  328.051348][T10912] pc : ieee80211_recalc_idle+0x298/0x338
[  328.052185][T10912] lr : ieee80211_recalc_idle+0x298/0x338
[  328.053075][T10912] sp : ffff800021326fa0
[  328.053715][T10912] x29: ffff800021326fa0 x28: 0000000000000000 x27: ffff800015210000
[  328.054962][T10912] x26: ffff0000dfb01220 x25: 0000000000000000 x24: dfff800000000000
[  328.056258][T10912] x23: 000000000000096c x22: 1fffe0001ee611db x21: dfff800000000000
[  328.057568][T10912] x20: 0000000000000000 x19: ffff0000f7308ea0 x18: ffff800011b8bf60
[  328.058884][T10912] x17: 1fffe00033eac97e x16: ffff8000082d7ca0 x15: 0000000000000002
[  328.060159][T10912] x14: 0000000000000007 x13: 1ffff00002a42071 x12: 0000000000080000
[  328.061373][T10912] x11: 000000000007ffff x10: ffff8000276ba000 x9 : ffff80001128b4dc
[  328.062579][T10912] x8 : 0000000000080000 x7 : ffff80001122b0f4 x6 : 0000000000000000
[  328.063815][T10912] x5 : 0000000000000000 x4 : 0000000000000000 x3 : 0000000000000002
[  328.065113][T10912] x2 : 0000000000000008 x1 : 0000000000000000 x0 : 0000000000000000
[  328.066497][T10912] Call trace:
[  328.067030][T10912]  ieee80211_recalc_idle+0x298/0x338
[  328.067905][T10912]  ieee80211_del_chanctx+0x35c/0x70c
[  328.068749][T10912]  ieee80211_free_chanctx+0x250/0x334
[  328.069601][T10912]  __ieee80211_link_release_channel+0x3d4/0x55c
[  328.070658][T10912]  ieee80211_link_release_channel+0x130/0x19c
[  328.071632][T10912]  ieee80211_link_stop+0x9c/0xc4
[  328.072405][T10912]  ieee80211_if_change_type+0x1d8/0xc68
[  328.073340][T10912]  ieee80211_change_iface+0x68/0x400
[  328.074175][T10912]  cfg80211_change_iface+0x718/0xf24
[  328.074939][T10912]  nl80211_set_interface+0x428/0x6fc
[  328.075857][T10912]  genl_family_rcv_msg_doit+0x204/0x308
[  328.076848][T10912]  genl_rcv_msg+0x44c/0x640
[  328.077568][T10912]  netlink_rcv_skb+0x218/0x3e8
[  328.078295][T10912]  genl_rcv+0x38/0x50
[  328.078912][T10912]  netlink_unicast+0x60c/0x814
[  328.079684][T10912]  netlink_sendmsg+0x6f4/0x9c0
[  328.080480][T10912]  ____sys_sendmsg+0x5c8/0x938
[  328.081306][T10912]  __sys_sendmsg+0x288/0x374
[  328.082042][T10912]  __arm64_sys_sendmsg+0x80/0x94
[  328.082804][T10912]  invoke_syscall+0x98/0x2b4
[  328.083532][T10912]  el0_svc_common+0x138/0x258
[  328.084308][T10912]  do_el0_svc+0x58/0x130
[  328.085003][T10912]  el0_svc+0x58/0x128
[  328.085699][T10912]  el0t_64_sync_handler+0x84/0xf0
[  328.086526][T10912]  el0t_64_sync+0x18c/0x190
[  328.087295][T10912] irq event stamp: 4222
[  328.087909][T10912] hardirqs last  enabled at (4221): [<ffff800011a2a894>] exit_to_kernel_mode+0xcc/0xfc
[  328.089434][T10912] hardirqs last disabled at (4222): [<ffff800011a288ec>] el1_dbg+0x24/0x80
[  328.090808][T10912] softirqs last  enabled at (4216): [<ffff8000081ac37c>] handle_softirqs+0xaec/0xc60
[  328.092297][T10912] softirqs last disabled at (3929): [<ffff800008020164>] __do_softirq+0x14/0x20
[  328.093764][T10912] ---[ end trace 0000000000000000 ]---
[  328.101077][T10912] ------------[ cut here ]------------
[  328.102016][T10912] ODEBUG: init active (active state 0) object type: timer_list hint: 0x0
[  328.103793][T10912] WARNING: CPU: 1 PID: 10912 at lib/debugobjects.c:518 __debug_object_init+0x2c4/0x42c
[  328.105304][T10912] Modules linked in:
[  328.105925][T10912] CPU: 1 PID: 10912 Comm: syz.2.2089 Tainted: G        W          syzkaller #0
[  328.107374][T10912] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/26/2026
[  328.108963][T10912] pstate: 62400005 (nZCv daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--)
[  328.110237][T10912] pc : __debug_object_init+0x2c4/0x42c
[  328.111082][T10912] lr : __debug_object_init+0x2c4/0x42c
[  328.111958][T10912] sp : ffff800021326fd0
[  328.112596][T10912] x29: ffff800021326fd0 x28: dfff800000000000 x27: ffff0000ccc22fe0
[  328.113814][T10912] x26: ffff0000de0a59f8 x25: 0000000000000000 x24: 0000000000000003
[  328.115159][T10912] x23: ffff800011bab020 x22: ffff80001207c320 x21: 0000000000000000
[  328.116476][T10912] x20: ffff800011bab020 x19: ffff0000de0a59f8 x18: ffff800011b8bf60
[  328.117812][T10912] x17: 1fffe00033eac97e x16: ffff8000082d91a4 x15: ffff80001520d000
[  328.119153][T10912] x14: 0000000000000001 x13: 1fffe000189543d0 x12: 0000000000000000
[  328.120489][T10912] x11: 0000000000000000 x10: ffff6000189543d1 x9 : 069dd281bd38dd00
[  328.121874][T10912] x8 : 069dd281bd38dd00 x7 : ffff80000825796c x6 : 0000000000000000
[  328.123274][T10912] x5 : 0000000000000080 x4 : 0000000000000001 x3 : ffff800008246798
[  328.124599][T10912] x2 : 0000000000000001 x1 : 0000000000000004 x0 : 0000000000000001
[  328.125914][T10912] Call trace:
[  328.126427][T10912]  __debug_object_init+0x2c4/0x42c
[  328.127276][T10912]  debug_object_init+0x20/0x2c
[  328.128021][T10912]  init_timer_key+0x54/0x498
[  328.128727][T10912]  ieee80211_sta_setup_sdata+0x2c8/0x5c4
[  328.129591][T10912]  ieee80211_setup_sdata+0x7dc/0xa54
[  328.130397][T10912]  ieee80211_if_change_type+0x1e4/0xc68
[  328.131310][T10912]  ieee80211_change_iface+0x68/0x400
[  328.132178][T10912]  cfg80211_change_iface+0x718/0xf24
[  328.132985][T10912]  nl80211_set_interface+0x428/0x6fc
[  328.133810][T10912]  genl_family_rcv_msg_doit+0x204/0x308
[  328.134674][T10912]  genl_rcv_msg+0x44c/0x640
[  328.135394][T10912]  netlink_rcv_skb+0x218/0x3e8
[  328.136167][T10912]  genl_rcv+0x38/0x50
[  328.136792][T10912]  netlink_unicast+0x60c/0x814
[  328.137524][T10912]  netlink_sendmsg+0x6f4/0x9c0
[  328.138274][T10912]  ____sys_sendmsg+0x5c8/0x938
[  328.139089][T10912]  __sys_sendmsg+0x288/0x374
[  328.139861][T10912]  __arm64_sys_sendmsg+0x80/0x94
[  328.140621][T10912]  invoke_syscall+0x98/0x2b4
[  328.141359][T10912]  el0_svc_common+0x138/0x258
[  328.142116][T10912]  do_el0_svc+0x58/0x130
[  328.142765][T10912]  el0_svc+0x58/0x128
[  328.143358][T10912]  el0t_64_sync_handler+0x84/0xf0
[  328.144153][T10912]  el0t_64_sync+0x18c/0x190
[  328.144903][T10912] irq event stamp: 4408
[  328.145608][T10912] hardirqs last  enabled at (4407): [<ffff800008257a00>] finish_lock_switch+0xb0/0x1c4
[  328.147251][T10912] hardirqs last disabled at (4408): [<ffff800011a288ec>] el1_dbg+0x24/0x80
[  328.148712][T10912] softirqs last  enabled at (4348): [<ffff8000081ac37c>] handle_softirqs+0xaec/0xc60
[  328.150393][T10912] softirqs last disabled at (4225): [<ffff800008020164>] __do_softirq+0x14/0x20
[  328.151872][T10912] ---[ end trace 0000000000000000 ]---
[  328.165691][T10912] INFO: trying to register non-static key.
[  328.166627][T10912] The code is fine but needs lockdep annotation, or maybe
[  328.167697][T10912] you didn't initialize this object before use?
[  328.168763][T10912] turning off the locking correctness validator.
[  328.169809][T10912] CPU: 1 PID: 10912 Comm: syz.2.2089 Tainted: G        W          syzkaller #0
[  328.171264][T10912] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/26/2026
[  328.172961][T10912] Call trace:
[  328.173497][T10912]  dump_backtrace+0x1c0/0x1ec
[  328.174292][T10912]  show_stack+0x2c/0x3c
[  328.174973][T10912]  __dump_stack+0x30/0x40
[  328.175648][T10912]  dump_stack_lvl+0xf4/0x15c
[  328.176389][T10912]  dump_stack+0x1c/0x5c
[  328.177112][T10912]  assign_lock_key+0x230/0x264
[  328.177861][T10912]  register_lock_class+0x1ac/0x694
[  328.178676][T10912]  __lock_acquire+0x164/0x6800
[  328.179493][T10912]  lock_acquire+0x20c/0x63c
[  328.180226][T10912]  __timer_delete_sync+0xa0/0x21c
[  328.181020][T10912]  timer_fixup_init+0x40/0x70
[  328.181774][T10912]  __debug_object_init+0x30c/0x42c
[  328.182646][T10912]  debug_object_init+0x20/0x2c
[  328.183411][T10912]  init_timer_key+0x54/0x498
[  328.184142][T10912]  ieee80211_sta_setup_sdata+0x2c8/0x5c4
[  328.185038][T10912]  ieee80211_setup_sdata+0x7dc/0xa54
[  328.185884][T10912]  ieee80211_if_change_type+0x1e4/0xc68
[  328.186770][T10912]  ieee80211_change_iface+0x68/0x400
[  328.187594][T10912]  cfg80211_change_iface+0x718/0xf24
[  328.188435][T10912]  nl80211_set_interface+0x428/0x6fc
[  328.189343][T10912]  genl_family_rcv_msg_doit+0x204/0x308
[  328.190226][T10912]  genl_rcv_msg+0x44c/0x640
[  328.190955][T10912]  netlink_rcv_skb+0x218/0x3e8
[  328.191731][T10912]  genl_rcv+0x38/0x50
[  328.192394][T10912]  netlink_unicast+0x60c/0x814
[  328.193129][T10912]  netlink_sendmsg+0x6f4/0x9c0
[  328.193864][T10912]  ____sys_sendmsg+0x5c8/0x938
[  328.194610][T10912]  __sys_sendmsg+0x288/0x374
[  328.195350][T10912]  __arm64_sys_sendmsg+0x80/0x94
[  328.196166][T10912]  invoke_syscall+0x98/0x2b4
[  328.196912][T10912]  el0_svc_common+0x138/0x258
[  328.197660][T10912]  do_el0_svc+0x58/0x130
[  328.198375][T10912]  el0_svc+0x58/0x128
[  328.199046][T10912]  el0t_64_sync_handler+0x84/0xf0
[  328.199902][T10912]  el0t_64_sync+0x18c/0x190
[  328.202640][T10912] ------------[ cut here ]------------
[  328.203511][T10912] ODEBUG: init active (active state 0) object type: timer_list hint: 0x0
[  328.204921][T10912] WARNING: CPU: 1 PID: 10912 at lib/debugobjects.c:518 __debug_object_init+0x2c4/0x42c
[  328.206458][T10912] Modules linked in:
[  328.207097][T10912] CPU: 1 PID: 10912 Comm: syz.2.2089 Tainted: G        W          syzkaller #0
[  328.208482][T10912] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/26/2026
[  328.210064][T10912] pstate: 62400005 (nZCv daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--)
[  328.211282][T10912] pc : __debug_object_init+0x2c4/0x42c
[  328.212144][T10912] lr : __debug_object_init+0x2c4/0x42c
[  328.213015][T10912] sp : ffff800021326f40
[  328.213695][T10912] x29: ffff800021326f40 x28: dfff800000000000 x27: ffff0000ccc22fe0
[  328.214939][T10912] x26: ffff0000de0a59f8 x25: 0000000000000000 x24: 0000000000000003
[  328.216231][T10912] x23: ffff800011bab020 x22: ffff80001207c320 x21: 0000000000000000
[  328.217508][T10912] x20: ffff800011bab020 x19: ffff0000de0a59f8 x18: ffff800011b8bf60
[  328.218708][T10912] x17: 6e6968207473696c x16: ffff80000804309c x15: 0000000000000002
[  328.220013][T10912] x14: 0000000000000001 x13: 1fffe00033eac9a3 x12: 0000000000080000
[  328.221218][T10912] x11: 000000000007ffff x10: ffff8000276ba000 x9 : 069dd281bd38dd00
[  328.222580][T10912] x8 : 069dd281bd38dd00 x7 : 0000000000000001 x6 : 0000000000000001
[  328.223881][T10912] x5 : ffff8000213269d8 x4 : ffff8000152f4cc0 x3 : ffff80000853854c
[  328.225098][T10912] x2 : 0000000000000001 x1 : 0000000100000000 x0 : 0000000000000000
[  328.226457][T10912] Call trace:
[  328.226989][T10912]  __debug_object_init+0x2c4/0x42c
[  328.227797][T10912]  debug_object_init+0x20/0x2c
[  328.228520][T10912]  timer_fixup_init+0x50/0x70
[  328.229295][T10912]  __debug_object_init+0x30c/0x42c
[  328.230097][T10912]  debug_object_init+0x20/0x2c
[  328.230905][T10912]  init_timer_key+0x54/0x498
[  328.231636][T10912]  ieee80211_sta_setup_sdata+0x2c8/0x5c4
[  328.232493][T10912]  ieee80211_setup_sdata+0x7dc/0xa54
[  328.233340][T10912]  ieee80211_if_change_type+0x1e4/0xc68
[  328.234181][T10912]  ieee80211_change_iface+0x68/0x400
[  328.235001][T10912]  cfg80211_change_iface+0x718/0xf24
[  328.235821][T10912]  nl80211_set_interface+0x428/0x6fc
[  328.236611][T10912]  genl_family_rcv_msg_doit+0x204/0x308
[  328.237417][T10912]  genl_rcv_msg+0x44c/0x640
[  328.238193][T10912]  netlink_rcv_skb+0x218/0x3e8
[  328.238969][T10912]  genl_rcv+0x38/0x50
[  328.239571][T10912]  netlink_unicast+0x60c/0x814
[  328.240313][T10912]  netlink_sendmsg+0x6f4/0x9c0
[  328.241075][T10912]  ____sys_sendmsg+0x5c8/0x938
[  328.241808][T10912]  __sys_sendmsg+0x288/0x374
[  328.242515][T10912]  __arm64_sys_sendmsg+0x80/0x94
[  328.243312][T10912]  invoke_syscall+0x98/0x2b4
[  328.244018][T10912]  el0_svc_common+0x138/0x258
[  328.244782][T10912]  do_el0_svc+0x58/0x130
[  328.245488][T10912]  el0_svc+0x58/0x128
[  328.246150][T10912]  el0t_64_sync_handler+0x84/0xf0
[  328.246986][T10912]  el0t_64_sync+0x18c/0x190
[  328.247786][T10912] irq event stamp: 4500
[  328.248487][T10912] hardirqs last  enabled at (4499): [<ffff800011a2a894>] exit_to_kernel_mode+0xcc/0xfc
[  328.250063][T10912] hardirqs last disabled at (4500): [<ffff8000083b3fec>] __timer_delete_sync+0x78/0x21c
[  328.251568][T10912] softirqs last  enabled at (4486): [<ffff8000081ac37c>] handle_softirqs+0xaec/0xc60
[  328.253010][T10912] softirqs last disabled at (4411): [<ffff800008020164>] __do_softirq+0x14/0x20
[  328.254415][T10912] ---[ end trace 0000000000000000 ]---
[  328.256388][T10912] ------------[ cut here ]------------
[  328.257246][T10912] ODEBUG: init active (active state 0) object type: timer_list hint: 0x0
[  328.258674][T10912] WARNING: CPU: 1 PID: 10912 at lib/debugobjects.c:518 __debug_object_init+0x2c4/0x42c
[  328.260193][T10912] Modules linked in:
[  328.260831][T10912] CPU: 1 PID: 10912 Comm: syz.2.2089 Tainted: G        W          syzkaller #0
[  328.262264][T10912] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/26/2026
[  328.263832][T10912] pstate: 62400005 (nZCv daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--)
[  328.265113][T10912] pc : __debug_object_init+0x2c4/0x42c
[  328.266013][T10912] lr : __debug_object_init+0x2c4/0x42c
[  328.266912][T10912] sp : ffff800021326eb0
[  328.267578][T10912] x29: ffff800021326eb0 x28: dfff800000000000 x27: ffff0000ccc22fe0
[  328.268878][T10912] x26: ffff0000de0a59f8 x25: 0000000000000000 x24: 0000000000000003
[  328.270153][T10912] x23: ffff800011bab020 x22: ffff80001207c320 x21: 0000000000000000
[  328.271454][T10912] x20: ffff800011bab020 x19: ffff0000de0a59f8 x18: ffff800011b8bf60
[  328.272786][T10912] x17: 6e6968207473696c x16: ffff80000804309c x15: 0000000000000002
[  328.274133][T10912] x14: 0000000000000001 x13: 1fffe00033eac9a3 x12: 0000000000080000
[  328.275440][T10912] x11: 000000000007ffff x10: ffff8000276ba000 x9 : 069dd281bd38dd00
[  328.276730][T10912] x8 : 069dd281bd38dd00 x7 : 0000000000000001 x6 : 0000000000000001
[  328.278006][T10912] x5 : ffff800021326938 x4 : ffff8000152f4cc0 x3 : ffff80000853854c
[  328.279249][T10912] x2 : 0000000000000001 x1 : 0000000100000000 x0 : 0000000000000000
[  328.280578][T10912] Call trace:
[  328.281090][T10912]  __debug_object_init+0x2c4/0x42c
[  328.281925][T10912]  debug_object_init+0x20/0x2c
[  328.282628][T10912]  timer_fixup_init+0x50/0x70
[  328.283391][T10912]  __debug_object_init+0x30c/0x42c
[  328.284208][T10912]  debug_object_init+0x20/0x2c
[  328.284946][T10912]  timer_fixup_init+0x50/0x70
[  328.285659][T10912]  __debug_object_init+0x30c/0x42c
[  328.286530][T10912]  debug_object_init+0x20/0x2c
[  328.287375][T10912]  init_timer_key+0x54/0x498
[  328.288161][T10912]  ieee80211_sta_setup_sdata+0x2c8/0x5c4
[  328.289096][T10912]  ieee80211_setup_sdata+0x7dc/0xa54
[  328.289949][T10912]  ieee80211_if_change_type+0x1e4/0xc68
[  328.290862][T10912]  ieee80211_change_iface+0x68/0x400
[  328.291751][T10912]  cfg80211_change_iface+0x718/0xf24
[  328.292598][T10912]  nl80211_set_interface+0x428/0x6fc
[  328.293451][T10912]  genl_family_rcv_msg_doit+0x204/0x308
[  328.294344][T10912]  genl_rcv_msg+0x44c/0x640
[  328.295063][T10912]  netlink_rcv_skb+0x218/0x3e8
[  328.295829][T10912]  genl_rcv+0x38/0x50
[  328.296448][T10912]  netlink_unicast+0x60c/0x814
[  328.297200][T10912]  netlink_sendmsg+0x6f4/0x9c0
[  328.297975][T10912]  ____sys_sendmsg+0x5c8/0x938
[  328.298776][T10912]  __sys_sendmsg+0x288/0x374
[  328.299493][T10912]  __arm64_sys_sendmsg+0x80/0x94
[  328.300306][T10912]  invoke_syscall+0x98/0x2b4
[  328.301026][T10912]  el0_svc_common+0x138/0x258
[  328.301763][T10912]  do_el0_svc+0x58/0x130
[  328.302426][T10912]  el0_svc+0x58/0x128
[  328.303070][T10912]  el0t_64_sync_handler+0x84/0xf0
[  328.303818][T10912]  el0t_64_sync+0x18c/0x190
[  328.304506][T10912] irq event stamp: 4500
[  328.305199][T10912] hardirqs last  enabled at (4499): [<ffff800011a2a894>] exit_to_kernel_mode+0xcc/0xfc
[  328.306775][T10912] hardirqs last disabled at (4500): [<ffff8000083b3fec>] __timer_delete_sync+0x78/0x21c
[  328.308303][T10912] softirqs last  enabled at (4486): [<ffff8000081ac37c>] handle_softirqs+0xaec/0xc60
[  328.309823][T10912] softirqs last disabled at (4411): [<ffff800008020164>] __do_softirq+0x14/0x20
[  328.311359][T10912] ---[ end trace 0000000000000000 ]---
[  328.313665][T10912] ------------[ cut here ]------------
[  328.314502][T10912] ODEBUG: init active (active state 0) object type: timer_list hint: 0x0
[  328.316115][T10912] WARNING: CPU: 1 PID: 10912 at lib/debugobjects.c:518 __debug_object_init+0x2c4/0x42c
[  328.317584][T10912] Modules linked in:
[  328.318186][T10912] CPU: 1 PID: 10912 Comm: syz.2.2089 Tainted: G        W          syzkaller #0
[  328.319619][T10912] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/26/2026
[  328.321130][T10912] pstate: 62400005 (nZCv daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--)
[  328.322355][T10912] pc : __debug_object_init+0x2c4/0x42c
[  328.323179][T10912] lr : __debug_object_init+0x2c4/0x42c
[  328.324014][T10912] sp : ffff800021326e20
[  328.324683][T10912] x29: ffff800021326e20 x28: dfff800000000000 x27: ffff0000ccc22fe0
[  328.325930][T10912] x26: ffff0000de0a59f8 x25: 0000000000000000 x24: 0000000000000003
[  328.327229][T10912] x23: ffff800011bab020 x22: ffff80001207c320 x21: 0000000000000000
[  328.328490][T10912] x20: ffff800011bab020 x19: ffff0000de0a59f8 x18: ffff800011b8bf60
[  328.329718][T10912] x17: 1fffe00033eac97e x16: ffff80000804309c x15: 0000000040000000
[  328.330958][T10912] x14: 0000000000000001 x13: 1fffe00033eaf030 x12: 0000000000ff0100
[  328.332195][T10912] x11: ff00800008048348 x10: 0000000040000002 x9 : 069dd281bd38dd00
[  328.333410][T10912] x8 : 069dd281bd38dd00 x7 : 0000000000000004 x6 : ffff80000825796c
[  328.334688][T10912] x5 : 0000000000000000 x4 : 0000000000000001 x3 : 0000000000000000
[  328.335987][T10912] x2 : ffff8000213269c0 x1 : 0000000000000000 x0 : ffff800008257a00
[  328.337219][T10912] Call trace:
[  328.337723][T10912]  __debug_object_init+0x2c4/0x42c
[  328.338549][T10912]  debug_object_init+0x20/0x2c
[  328.339310][T10912]  timer_fixup_init+0x50/0x70
[  328.340058][T10912]  __debug_object_init+0x30c/0x42c
[  328.340914][T10912]  debug_object_init+0x20/0x2c
[  328.341710][T10912]  timer_fixup_init+0x50/0x70
[  328.342434][T10912]  __debug_object_init+0x30c/0x42c
[  328.343283][T10912]  debug_object_init+0x20/0x2c
[  328.344037][T10912]  timer_fixup_init+0x50/0x70
[  328.344805][T10912]  __debug_object_init+0x30c/0x42c
[  328.345638][T10912]  debug_object_init+0x20/0x2c
[  328.346411][T10912]  init_timer_key+0x54/0x498
[  328.347131][T10912]  ieee80211_sta_setup_sdata+0x2c8/0x5c4
[  328.348048][T10912]  ieee80211_setup_sdata+0x7dc/0xa54
[  328.348886][T10912]  ieee80211_if_change_type+0x1e4/0xc68
[  328.349718][T10912]  ieee80211_change_iface+0x68/0x400
[  328.350590][T10912]  cfg80211_change_iface+0x718/0xf24
[  328.351419][T10912]  nl80211_set_interface+0x428/0x6fc
[  328.352262][T10912]  genl_family_rcv_msg_doit+0x204/0x308
[  328.353140][T10912]  genl_rcv_msg+0x44c/0x640
[  328.353892][T10912]  netlink_rcv_skb+0x218/0x3e8
[  328.354664][T10912]  genl_rcv+0x38/0x50
[  328.355289][T10912]  netlink_unicast+0x60c/0x814
[  328.355999][T10912]  netlink_sendmsg+0x6f4/0x9c0
[  328.356773][T10912]  ____sys_sendmsg+0x5c8/0x938
[  328.357587][T10912]  __sys_sendmsg+0x288/0x374
[  328.358379][T10912]  __arm64_sys_sendmsg+0x80/0x94
[  328.359193][T10912]  invoke_syscall+0x98/0x2b4
[  328.359963][T10912]  el0_svc_common+0x138/0x258
[  328.360677][T10912]  do_el0_svc+0x58/0x130
[  328.361318][T10912]  el0_svc+0x58/0x128
[  328.361941][T10912]  el0t_64_sync_handler+0x84/0xf0
[  328.362714][T10912]  el0t_64_sync+0x18c/0x190
[  328.363368][T10912] irq event stamp: 4500
[  328.363978][T10912] hardirqs last  enabled at (4499): [<ffff800011a2a894>] exit_to_kernel_mode+0xcc/0xfc
[  328.365421][T10912] hardirqs last disabled at (4500): [<ffff8000083b3fec>] __timer_delete_sync+0x78/0x21c
[  328.366822][T10912] softirqs last  enabled at (4486): [<ffff8000081ac37c>] handle_softirqs+0xaec/0xc60
[  328.368202][T10912] softirqs last disabled at (4411): [<ffff800008020164>] __do_softirq+0x14/0x20
[  328.369502][T10912] ---[ end trace 0000000000000000 ]---
[  328.371177][T10912] ------------[ cut here ]------------
[  328.372108][T10912] ODEBUG: init active (active state 0) object type: timer_list hint: 0x0
[  328.374127][T10912] WARNING: CPU: 1 PID: 10912 at lib/debugobjects.c:518 __debug_object_init+0x2c4/0x42c
[  328.375664][T10912] Modules linked in:
[  328.376343][T10912] CPU: 1 PID: 10912 Comm: syz.2.2089 Tainted: G        W          syzkaller #0
[  328.377727][T10912] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/26/2026
[  328.379339][T10912] pstate: 62400005 (nZCv daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--)
[  328.380621][T10912] pc : __debug_object_init+0x2c4/0x42c
[  328.381522][T10912] lr : __debug_object_init+0x2c4/0x42c
[  328.382422][T10912] sp : ffff800021326d90
[  328.383114][T10912] x29: ffff800021326d90 x28: dfff800000000000 x27: ffff0000ccc22fe0
[  328.384416][T10912] x26: ffff0000de0a59f8 x25: 0000000000000000 x24: 0000000000000003
[  328.385675][T10912] x23: ffff800011bab020 x22: ffff80001207c320 x21: 0000000000000000
[  328.386954][T10912] x20: ffff800011bab020 x19: ffff0000de0a59f8 x18: ffff800011b8bf60
[  328.388217][T10912] x17: 1fffe00033eac97e x16: ffff80000804309c x15: 0000000040000000
[  328.389461][T10912] x14: 0000000000000001 x13: 1fffe00033eaf030 x12: 0000000000ff0100
[  328.390754][T10912] x11: ff00800008048348 x10: 0000000040000002 x9 : 069dd281bd38dd00
[  328.392108][T10912] x8 : 069dd281bd38dd00 x7 : 0000000000000004 x6 : ffff80000825796c
[  328.393525][T10912] x5 : 0000000000000000 x4 : 0000000000000001 x3 : 0000000000000000
[  328.394897][T10912] x2 : ffff800021326920 x1 : 0000000000000000 x0 : ffff800008257a00
[  328.396159][T10912] Call trace:
[  328.396656][T10912]  __debug_object_init+0x2c4/0x42c
[  328.397463][T10912]  debug_object_init+0x20/0x2c
[  328.398157][T10912]  timer_fixup_init+0x50/0x70
[  328.398946][T10912]  __debug_object_init+0x30c/0x42c
[  328.399788][T10912]  debug_object_init+0x20/0x2c
[  328.400534][T10912]  timer_fixup_init+0x50/0x70
[  328.401265][T10912]  __debug_object_init+0x30c/0x42c
[  328.402087][T10912]  debug_object_init+0x20/0x2c
[  328.402848][T10912]  timer_fixup_init+0x50/0x70
[  328.403567][T10912]  __debug_object_init+0x30c/0x42c
[  328.404442][T10912]  debug_object_init+0x20/0x2c
[  328.405300][T10912]  timer_fixup_init+0x50/0x70
[  328.406081][T10912]  __debug_object_init+0x30c/0x42c
[  328.406955][T10912]  debug_object_init+0x20/0x2c
[  328.407710][T10912]  init_timer_key+0x54/0x498
[  328.408501][T10912]  ieee80211_sta_setup_sdata+0x2c8/0x5c4
[  328.409463][T10912]  ieee80211_setup_sdata+0x7dc/0xa54
[  328.410279][T10912]  ieee80211_if_change_type+0x1e4/0xc68
[  328.411203][T10912]  ieee80211_change_iface+0x68/0x400
[  328.412031][T10912]  cfg80211_change_iface+0x718/0xf24
[  328.412940][T10912]  nl80211_set_interface+0x428/0x6fc
[  328.413864][T10912]  genl_family_rcv_msg_doit+0x204/0x308
[  328.414756][T10912]  genl_rcv_msg+0x44c/0x640
[  328.415468][T10912]  netlink_rcv_skb+0x218/0x3e8
[  328.416265][T10912]  genl_rcv+0x38/0x50
[  328.416945][T10912]  netlink_unicast+0x60c/0x814
[  328.417765][T10912]  netlink_sendmsg+0x6f4/0x9c0
[  328.418558][T10912]  ____sys_sendmsg+0x5c8/0x938
[  328.419355][T10912]  __sys_sendmsg+0x288/0x374
[  328.420164][T10912]  __arm64_sys_sendmsg+0x80/0x94
[  328.421012][T10912]  invoke_syscall+0x98/0x2b4
[  328.421758][T10912]  el0_svc_common+0x138/0x258
[  328.422553][T10912]  do_el0_svc+0x58/0x130
[  328.423239][T10912]  el0_svc+0x58/0x128
[  328.423926][T10912]  el0t_64_sync_handler+0x84/0xf0
[  328.424713][T10912]  el0t_64_sync+0x18c/0x190
[  328.425450][T10912] irq event stamp: 4500
[  328.426125][T10912] hardirqs last  enabled at (4499): [<ffff800011a2a894>] exit_to_kernel_mode+0xcc/0xfc
[  328.427688][T10912] hardirqs last disabled at (4500): [<ffff8000083b3fec>] __timer_delete_sync+0x78/0x21c
[  328.429234][T10912] softirqs last  enabled at (4486): [<ffff8000081ac37c>] handle_softirqs+0xaec/0xc60
[  328.430786][T10912] softirqs last disabled at (4411): [<ffff800008020164>] __do_softirq+0x14/0x20
[  328.432278][T10912] ---[ end trace 0000000000000000 ]---