last executing test programs:

11.799172203s ago: executing program 3 (id=171):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$VHOST_SET_OWNER(r0, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000400)={0x1, 0x1, 0x0, &(0x7f0000001500)=""/87, 0x0, 0xeeee0000})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000001680))
r1 = eventfd2(0x801, 0x80000)
ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f00000001c0)={0x0, r1})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000240)={0x0, 0x0, 0x0, &(0x7f0000001d00)=""/176, 0x0, 0xffff1000})
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x0, r1})
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f00000000c0)=0x1)
ioctl$VHOST_VSOCK_SET_GUEST_CID(r0, 0x4008af60, &(0x7f0000000140)={@my=0x1})
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r2, &(0x7f0000000200)={0x28, 0x0, 0x0, @my=0x1}, 0x10)
syz_usb_connect$hid(0x5, 0x3f, 0x0, 0x0)

8.432075807s ago: executing program 3 (id=177):
r0 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x1)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r0, 0x40045532, 0x0)
socket$inet_sctp(0x2, 0x1, 0x84)
connect$vsock_stream(0xffffffffffffffff, &(0x7f0000000080)={0x28, 0x0, 0x2710}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x200000000000008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x7)
syz_mount_image$f2fs(&(0x7f0000000040), &(0x7f0000000280)='./file0\x00', 0x200841a, &(0x7f0000000f40)=ANY=[@ANYBLOB="66617374626f6f742c71756f7461000000000000003b814e50a959736d65720f73ecea54b5e5be45ace9a88f723cb005aeff24212c651baef614d442ae89412ad3dcd0b7586d02002a6d6d65cacd4fc5002207ce994dda65c4b1d23a9bd5ba0f4ce5c2b5a5718c6aa918080002223d2753a5cac974110144cd0a1e368652324a41b31e1eb3b32dccbdf8f68bd96a45a75427a5f789d267fd92f6a5540200b81d5b9fa9b40fe4d7fbd50a6afc3a989c6d60045663c59cbdc4c700000000bc7f6b22df0193acf5912afdcc1c061835177068c40f757dd123d2600b1c544f1525aa8d00000000000000000000002e8b5c733d362417bb7f527c0bfebec112d57fc69fabb9b31ef97b2147930ff60cdf666c25244218b1f1a6010000000100000020563b835d0e8e9a09070ef1691fcb2f37bda5d4e3d9d7a2d0ac82b45a53001057f321acc45d5e065a461de90100000077d200000000000040b78f0dd3836f5ab2f6a1a5b798bb7752f192c6b48e568973a59cd9c74bd9a14721856c5499cd8f93f8beaa9cf76718ce7244c8426803000000005c000208886b313bd01a22d576e414011a4f0a897515329f86d4585fa0ea17068f8af349696da4a2b3e24310ca52ec51bc23b57897cb55a2d513e6a00765ee3f58b471c54dd57f0af584afe4a21f92b515d7f2fa6fbb273ca0f751e684584320534667aea39ad7222c8ef531f514939177a47395e94c1723abb3fd44fd64fde4b45cc2f55f4ae05ff48648a4c998257856bcdcf2fa02010000001f54fb936570450e91c8d55abad76a7b7a000016f81ec9da9ccc1191c211632266d907e4d9b23496ae19bac24dc23c43f514f1b4af19988bbe61ee29a368a999435d6872d01b79c7821e875859dfbf3c57e4f1fb0be46cb5f7a0fa13516c0926d19dd2d5862085e1e4cb8279be17cba17ee4d06ad97b4ca282e73ea142b01b4a742fa11c0927ba811dd60903d575db449d775021b542db617086b3ed42e6e60fe043cff79b0c067c584bbf82657974c3736912b4b522052b9467d0da116ccc1652d861a420f09aaf67d3e9f6160100000001000000ae6335ad9896abd3cc00413638cb9bc62ab8054325d72e9144cf4f88702f586507e3147198e0bc4060a7c8f4dce73b653177ecf8228e6e6fae02510000000000000000000000000000f43739fdd2d24e50e0233acfe1c8639070fe00f40b0d01f8a0a35fcfe3ea10faf9c24b8488ed4ed83fb06a9a7c57442ede9e1fc2853b8f4d2241cff61d0125b7750e3fdae6a4ab9c776a191ed8098a780ea2bbaa64978cd3a6458fcc6b949bcbca0dceb7361f66e46731eba4f3aed335e7c8c541e82453218a19d39489e1525466ac93759787e767f601931d94c9c426489b741a6bc8abf475e4bf859e1ce7f7227069e9f51e25fa3d1b18dc565180a1af464a1dd697db85e2b27b90f6bd7cf1b6bc0bcd8ba552ced3d3cfbf9c9bc04f65b6f83cb40173b4bdc393d47e5da95b63a40ac18daf11e8d0706b47795fbe2b56d0ea7ffc5a59ede88621a08b25ca6ebe041317b62373a60951af33eb7954a9731aaa125add0913ed2435a207439e9122512d77096747a4b404459cebc8faff8f7a31758e630c75a1ff90402754d339dc21cf6b8e04e1aedf14df0b4aaf0e03194df3eb41ba066bc343b323a3162d7e7ba687633c2faa8f28b42364b72e3a457476fd6b2a54e670ba798172c44c4390f73fdab743a4cac88b2bd0545b8483f2e2f9846b138a4d8a3332978da70e9050417087c5ae034a735e8b448dd97014043159cbaacebfc912cf05f608e6214c04099fa311b747c37af702d134fb8eec487cfaea91150d1980464ff31cf86e3f3b950b204f6f67810c0826e4e5467c1588de9816bc627fb4662ac5fc8e38f19ec065550e5f9b16f72a91144a2e52ba9f2c6a7e2afbabc533ac731bb7ec51b8c585c2749469da331006ca4d49e136189d21ae50455834b2e75efd81c9d6352e5a814cf002f294475dab27a10d87516e405eff30", @ANYRESOCT], 0x1, 0x553b, &(0x7f00000024c0)="$eJzs3EtvG1UUAOA7TtPSJxFiwa4jVUiJVFt12lSwC9CKh0gV8ViwAsd2LLe2J4odJ2SFBEvEgn+CQGLFkt/AgjU7xALEDgnkuWNKKI9WduKk/T5pfGbujM+cO7ISnRnLAXhiLaS//pyES+FsCGEuhHAhCfl6Uiy51RieCyFcDiGU/rIkxfifA6dDCOdCCJdGyWPOpNj1+dXhlZWf3vjlm+/OnDr/xdffz27WwKw9H0LobsX13W6MWSvGu8V4bdjOY/fGsIhxR/desZ3FuNvcyDPs1sbH1fJ4vRWPz7Z2+qO42anVR7HV3szHt3rxhP1ha5wnf8Pd2na+3Whu5LHdz/LY2o917e3Hv237/UHM0yjyfZinD4PBOMbx5l4zzmfrXh7rvUExHvNmjebeKA6LWJwu1LNOI69jY5Irfby92e7t7KXD5na/nfXSlUr1hUr1Zrm6nTWag+aNcq3buHkjXWx1RoeVB81ad7WVZa1Os1LPukvpYqteL1er6eKt5ka71kur1cr1yrXyylKxdjV99c67aaeRLo7iy+3ezul2p59uZttpfMdSuly5/uJSeqWavr22nq6/dfv22vo77996785La6+/Uhz0QFnp4vK15eVy9Vp5ubp0DOY/+r/7kPMfTDL/T4qiH2H+yWSXB/6bDxjAI3ug/w/6f+DwnfT+P0yz/x+1VPr//+9/S5P3/xP1v8e1/z/B84eJ6P8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ5YP8x/+Vq+shC3zxfjF4uhZ4rtJIRQCiH8/g/mwukDOeeKPPP/cvz832r4Ngl5htE5zhTLuRDCarH89vRhXwUAAAB4fH310eXPYrceXxZmXRBHKd60KV34YEr5khDC/MKPU8pWGr08O6Vk+ef7VNibUrb8BtZTU0oWb7mdmla2hzI3Dh9fvD+YTyiJoXSk5QAAAEdi7kA42i4EAACAo/TprAtgNpIwfpQ5fhacf/P+/qPNswf2AQAAACdQMusCAAAAgEOX9/9+/w8AAAAeb/H3/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4g537uU0ciOIA/GwwsP+0aLX3bWVvUEZKyDHHQAFpghJIC2mAGsgtJUQQYY+QHIEUiXGsoO+TPM7Y0W9mgMsbSwYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6NJztZ4/3v97uDRnt79MntUAAAAAp2yr9bz+Y9r0f6Trv9KlP6lfREQZEadq90GMWpmDlFOd+f/q3RyeIuqEwxjjdHyPiP/peP3d9acAAAAA12uzXM2aar1ppn1PiM/UbNqUP28y5RURUU1fMqWVh+ZvprD69z2Mu0xp9QbWJFNYs+U2PH1vlGuQtkHrlFYyWdRfYt0ruxkXAADoU7sSOFOFAAAAcAVu+54A/SiOzfE547g5pQeC31o9AAAA4Asq+p4AAAAA0Lm6/vf+PwAAALhuzfv/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6NK2Ws83y9Xs3P3FB3N2+8vkWxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwBv7844CIRAGYbB3fWcy9z+sNGhobFIFwsffGAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAm9/95f/E1DiTzL02lp5HkrVTY+vU2Ds3jv4wvn4NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXOzPSwqEQBBEwZzxv5O+/2ElQc8gQgQ0PKqoRQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBFv/vl/8TUOJPMnTaWjkeStavG1lVj70Hj6MF4+zcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXOzcP28cRRQA8Hd7t5c/gDAGuTCgIFFAQ+xLSEgJBcii4CMgWc45GC4EEhckskBuoEKu0yAoEUICmS7fIXUspQldChdGogbt3u5lkxhyiszuEv9+0uy8Pa9m3uydLD/P2gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAafedeCkp4m52mBnH5Wu39jZWsn7ngT5zY+v2fNayuPOoib55++CTb7eXqycn5ionX9WfDAAAAIdDt6zvI+JOur2U9clMXv+n5TVZzf/9M+O4rOcfrPt39jaOFl+aL+v/3369+8JkopnxPNmgq2uj4eLDqfT+oyW23rOPvKKX3/n8dy/d/A1J3t98fjfN72fn25s33+3n4ZE6sgUAHsfJsi+C8uehrB80mRgAh0avUniX9X93ptmcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOqwuxlPlXEnIuZ79+LMzt7Gyn79ja3b82U7e/36VnXMbIg0IlbXRsO0xrW03ZWr1z5ZHo2Gl+sPTkREc7MXwYdTXBPx79cUH89obhX/HHTakUajQVK8P23J5yCD8rN38CM39A0JAIAnVlq0rK6/k24vZa91ZiP++uH++v+1ShxT1v93Pzp7qzpXtf4f1LbC9ltYv/jZwpWr195Yu7h8YXhh+OmbpwZvDU6fO3Pm3EJ2rxYXViMZLjadJgAAAP9j/aJV6/9k9uH9/+OVOKas/z//bvBlda6u+n9f9zb9ms4EAADgMOpPoude+fOPzj5XdPr9+GJ5ff3yYHycnJ8aH2tN9zEdKVq1/u/ONp0VAAAAUIfdzc59+//nK3FMuf//9I8v/lwdsxsRxyIuRcTw5Mql0fn6ltNqdfyhcj5Rv+mVAgAA0JRjRavu/6f58//J5JGHJCJef3Ucl//rapr6v/ve1z9V56o+/3+6viW2UjI3vh95PxfRm2s6IwAAAJ5kR4uWFfu/p9tLH/9y/IO+5/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6vZ3AAAA//+pzDYD")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./bus\x00', 0x800c4, 0xf7)
r2 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1202, 0x0)
write$FUSE_IOCTL(r2, &(0x7f00000000c0)={0x20, 0xffffffffffffffda, 0x0, {0x0, 0x0, 0x401, 0xe2}}, 0x20)
sendfile(r2, r1, 0x0, 0x3ffff)
sendfile(r2, r1, 0x0, 0x7ffff000)

7.300539908s ago: executing program 3 (id=182):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x2800, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x64, 0x0, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r4, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, 0x0}], 0x1, 0x4, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, 0x0}], 0x1, 0x43, 0x0, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000040)=@arm64={0x0, 0xb, 0xd, '\x00', 0x2})
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$KVM_SET_IRQCHIP(r4, 0x8208ae63, &(0x7f0000000380)={0x2, 0x0, @ioapic={0x8000000, 0x9, 0x10001, 0xfffffffe, 0x0, [{0x2, 0x4, 0x87, '\x00', 0x8}, {0x9, 0x8, 0x2, '\x00', 0xb}, {0xff, 0x7f, 0xd3, '\x00', 0x67}, {0x0, 0x5, 0xf5, '\x00', 0xf}, {0x7, 0x9, 0xc, '\x00', 0xfb}, {0x0, 0x4, 0x54, '\x00', 0xff}, {0x71, 0xd5, 0xf1, '\x00', 0x7f}, {0x3, 0x4, 0xc}, {0x7f, 0x5, 0xb, '\x00', 0x8}, {0xd7, 0xd, 0x8, '\x00', 0x6}, {0x0, 0x28, 0x80, '\x00', 0xdc}, {0xff, 0x1, 0xfe, '\x00', 0x1}, {0xfe, 0x7, 0x26}, {0xcf, 0x3, 0x1, '\x00', 0x6}, {0xf, 0xee, 0x7, '\x00', 0x3}, {0x39, 0x2, 0x6, '\x00', 0xb}, {0x9, 0x6, 0x2, '\x00', 0x8}, {0x5, 0xc, 0x5, '\x00', 0xc}, {0x7, 0x1, 0x7, '\x00', 0xc2}, {0x0, 0x80, 0xe, '\x00', 0x7f}, {0x1, 0xc, 0x80, '\x00', 0x7f}, {0x10, 0x6, 0x3, '\x00', 0x10}, {0x1, 0x23, 0xf3, '\x00', 0x4}, {0x7, 0x6, 0x4}]}})

6.273550306s ago: executing program 0 (id=185):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
recvmsg$unix(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$inet(r3, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(r2, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmsg$inet(r5, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(r4, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000900), 0x100}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000680)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
sendmsg$inet(r6, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(r7, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000440), 0xfd}, 0x2062)
socketpair$unix(0x1, 0x1, 0x0, 0x0)

5.991110644s ago: executing program 0 (id=187):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000180)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x1, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_sfb={{0x8}, {0x2c, 0x2, @TCA_SFB_PARMS={0x28, 0x1, {0x4, 0x9, 0x4, 0xb47e, 0xb, 0x3, 0xd, 0xf, 0x1ff}}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x40088c1}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000080)=@newqdisc={0x34, 0x24, 0x4ee4e6a52ff56541, 0x70bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x0, 0xd}, {0xffff, 0xb}, {0xffff, 0xffe0}}, [@qdisc_kind_options=@q_pfifo_fast={0xf}]}, 0x34}, 0x1, 0x0, 0x0, 0x240040e0}, 0x4890)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r4 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r4, 0x107, 0xf, &(0x7f0000000100)=0x4207, 0x4)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000040)={'syzkaller0\x00', <r5=>0x0})
sendto$packet(r4, &(0x7f00000002c0)="05031400d3fc14a888004788031c09102c28", 0xfdef, 0x4, &(0x7f0000000140)={0x11, 0x88a8, r5, 0x1, 0x0, 0x6, @multicast}, 0x14)

5.913250336s ago: executing program 1 (id=188):
add_key$user(0x0, &(0x7f0000000000)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffe)
bind$inet(0xffffffffffffffff, &(0x7f0000000240)={0x2, 0x4e20, @multicast1}, 0x10)
socket$kcm(0x29, 0x5, 0x0)
r0 = syz_open_dev$dvb_demux(&(0x7f0000000280), 0x8, 0x400200)
ioctl$DVB_DEMUX_DMX_START(r0, 0x6f29)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r1, &(0x7f0000032680)=""/102392, 0x18ff8)
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
listen(r2, 0x90004)

4.948768783s ago: executing program 1 (id=190):
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000100)=0x5)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000032680)=""/102392, 0x18ff8)
openat$vimc1(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)

4.947064353s ago: executing program 0 (id=191):
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$int_in(r0, 0x40000000af01, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x2})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000002880))
r2 = dup(r1)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x220002, 0x0)
r4 = fcntl$dupfd(r0, 0x0, r3)
ioctl$VHOST_SET_VRING_ADDR(r4, 0x4028af11, &(0x7f0000000340)={0x0, 0x0, 0x0, &(0x7f0000000180)=""/251, 0x0, 0xe000})
ioctl$VHOST_NET_SET_BACKEND(r4, 0x4008af30, &(0x7f0000000080)={0x0, r2})
getrandom(&(0x7f0000000240)=""/286, 0xffffff9a, 0x0)
r5 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})

3.207501001s ago: executing program 1 (id=192):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x8080, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000180)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x1, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_sfb={{0x8}, {0x2c, 0x2, @TCA_SFB_PARMS={0x28, 0x1, {0x4, 0x9, 0x4, 0xb47e, 0xb, 0x3, 0xd, 0xf, 0x1ff}}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x40088c1}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000080)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70b926, 0x25dfdbff, {0x0, 0x0, 0x0, r3, {0x0, 0xd}, {0xffff, 0xb}, {0xffff, 0xffe0}}, [@qdisc_kind_options=@q_gred={{0x9}, {0x14, 0x2, [@TCA_GRED_DPS={0x10, 0x3, {0xb, 0x3, 0x0, 0x3}}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x240040e0}, 0x4890)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r4)
sendmsg$TIPC_CMD_ENABLE_BEARER(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)

3.066230095s ago: executing program 3 (id=193):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100)={0x73622a85, 0x1100, 0x2})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000004a80)={0x73622a85, 0x100, 0x1})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000004c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000fc0)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})
ioctl$BINDER_THREAD_EXIT(r0, 0x40046208, 0x0)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x50, 0x0, &(0x7f0000000580)="b3185d7bb56f70f003360fa8bf71ac3086aedebf6fff904f92849a7a07395ee7f0e4cb1d78001c08a0ab73ffcf5ad07693727980eea946e6cba1723e81bfa5c3688803c8a124dcb27df7938e7ddfdd52"})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000240)={0x4c, 0x0, &(0x7f0000000a40)=[@reply_sg={0x40486312, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})

2.916726769s ago: executing program 3 (id=195):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c0000002000020026bd70000300df250a"], 0x1c}, 0x1, 0x0, 0x0, 0x20008081}, 0x0)
write$binfmt_script(r2, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x0)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x64, 0x0, 0x0)
sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(r2, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x800}, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

2.558289329s ago: executing program 2 (id=196):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x42}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=@newtfilter={0xc4, 0x2c, 0xd27, 0x70bd24, 0x25dfdbfc, {0x0, 0x0, 0x0, r3, {0x4}, {}, {0x6, 0x8}}, [@filter_kind_options=@f_u32={{0x8}, {0x98, 0x2, [@TCA_U32_SEL={0x94, 0x5, {0x0, 0x6, 0x8, 0x101, 0x4, 0xe, 0x7, 0x7, [{0x8e5, 0x8b39, 0x3a, 0x40}, {0x8, 0x3, 0x9, 0x2d}, {0xffffff8a, 0x9d2, 0x2, 0x10000}, {0x9, 0xc, 0x8, 0x8}, {0x0, 0xde74, 0x3b7, 0x5}, {0x553e3387, 0x3, 0x8000, 0x2}, {0x8001, 0x4, 0x1}, {0x1000, 0xa8c, 0xfffffff8, 0xd}]}}]}}]}, 0xc4}, 0x1, 0x0, 0x0, 0x10}, 0x20000000)
sendmsg$nl_route_sched(r1, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=@gettfilter={0x24, 0x2e, 0x205, 0x70bd2c, 0x25dfdafd, {0x0, 0x0, 0x0, r3, {0xc, 0xc}, {0x0, 0xfff1}}}, 0x24}, 0x1, 0x0, 0x0, 0x20000801}, 0x4041080)
r4 = socket(0x400000000010, 0x3, 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000001700)=@newtfilter={0x38, 0x2c, 0xd27, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r6, {0xf, 0xf}, {}, {0xffff, 0x6}}, [@filter_kind_options=@f_matchall={{0xd}, {0x4}}]}, 0x38}, 0x1, 0x0, 0x0, 0x10}, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r1)

2.377404724s ago: executing program 3 (id=197):
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12013f00000000407f04ffff0000000000010902240001000000000904"], 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)
fcntl$lock(0xffffffffffffffff, 0x0, &(0x7f0000000000)={0x0, 0x2, 0x0, 0x8000040000000002, 0xffffffffffffffff})
write$binfmt_script(r2, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x64, 0x0, 0x0)
sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(r2, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4880}, 0x4000)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

2.082155282s ago: executing program 2 (id=198):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz1\x00'}]}, @NFT_MSG_NEWRULE={0x3c, 0x6, 0xa, 0x481, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x20, 0x4, 0x0, 0x1, [{0x1c, 0x1, 0x0, 0x1, @xfrm={{0x9}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_XFRM_KEY={0x8, 0x2, 0x1, 0x0, 0x2}]}}}]}]}], {0x14}}, 0xb0}}, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x10, 0x0, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, &(0x7f00000000c0)='xfrm0\x00', 0x10)
setsockopt$SO_J1939_SEND_PRIO(0xffffffffffffffff, 0x6b, 0x3, &(0x7f00000000c0)=0x2, 0x4)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000000740)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)=[@ip_ttl={{0x14, 0x0, 0x2, 0x2}}], 0x18}}], 0x1, 0x20000800)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f0000000180)="420fc7bc4898580000640f01c50f01c566baf80cb864c95782ef66bafc0cec67670f1b0166b8fb008ec046d9c3c442b90a2c81c442812852fcc744240012000000c74424020b000000ff1c24", 0x4c}], 0x1, 0x0, 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000180)='task\x00')
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000240)={[0x692, 0x7d, 0x80006, 0x4000000010000e51, 0x102, 0x547a, 0x103d, 0x200000000006, 0xfffffffffffffffd, 0x3aa, 0xfffffffffffff9de, 0x1, 0x5, 0x40000000009, 0x378, 0xfffffffffffff802], 0x6000, 0x194110})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

1.922784807s ago: executing program 0 (id=199):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r1, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x6, 0x4, &(0x7f0000000580)=ANY=[@ANYBLOB="18020000000000020000000000000000850000001700000095"], &(0x7f00000005c0)='GPL\x00'}, 0x94)
r4 = socket(0x10, 0x803, 0x8)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000005c0)={0x6, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2}, 0x50)
sendmsg$IPVS_CMD_SET_INFO(r4, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x2d}, 0x1, 0x0, 0x0, 0x8801}, 0x8000)
r5 = socket$netlink(0x10, 0x3, 0x0)
getsockname$packet(r4, &(0x7f0000000600)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000180)=0x14)
sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)=ANY=[@ANYBLOB="3c0000001000850600000000ff6122314a000800", @ANYRES32=r6, @ANYBLOB="00001000252155b21c0012000c000100626f6e64"], 0x3c}}, 0x40000)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000001c0)={r3, r6, 0x25, 0x0, @val=@netkit={@void, @value=r3}}, 0x1c)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000005c0)=ANY=[@ANYBLOB="3c0000001000030400"/20, @ANYRES32=r2, @ANYBLOB="46ff0f00000000001c00128009000100626f6e64000000000c000280050001"], 0x3c}, 0x1, 0x0, 0x0, 0x690}, 0x20048040)

1.918242397s ago: executing program 2 (id=200):
openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet6_udp(0xa, 0x2, 0x0)
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$dsp(r0, &(0x7f0000000200)='m', 0x1)
r1 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x801)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r1, 0x40045532, &(0x7f0000000100))
r2 = syz_open_dev$sndpcmp(&(0x7f0000001200), 0x0, 0xa2c65)
write$snddsp(r2, &(0x7f0000000200)="a3", 0x1)
ioctl$SNDRV_PCM_IOCTL_DRAIN(r2, 0x4144, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0xfffffffffffffffd, 0x4, 0x9, 0x80, 0x0, 0xfffffffffffffffe}, 0x0, &(0x7f0000000080)={0x3ff, 0x30e3, 0x3, 0x400003, 0x8, 0x8000000000, 0x80000001, 0xfffffffffffffc01}, 0x0, 0x0)
ioctl$SNDRV_PCM_IOCTL_REWIND(r2, 0x40084146, &(0x7f0000000140)=0xfff)

1.758147291s ago: executing program 2 (id=201):
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000000)=0x10000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000100)={@local})
ioctl$IOCTL_VMCI_CTX_SET_CPT_STATE(r0, 0x7b2, &(0x7f0000001680)={&(0x7f0000000680)=[0x100000, 0x8, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x7980, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd5, 0x0, 0x7, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x1, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc5a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0xfffffff7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x49, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffc0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x8000000, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x4, 0x0, 0xfffffffe, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x100003, 0x4, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x200000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x3, 0x10001, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x934a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0xf14, 0x0, 0x0, 0x1b19, 0x4, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x4], 0x1, 0x400})
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r2, 0x7a7, &(0x7f0000000040)=0x90000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r2, 0x7a0, &(0x7f0000000000)={@local})
ioctl$IOCTL_VMCI_CTX_ADD_NOTIFICATION(r2, 0x7af, &(0x7f0000000080)={@hyper})
r3 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r3, 0x7a7, &(0x7f0000000040)=0x90000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r3, 0x7a0, &(0x7f0000000240)={@hyper})
close_range(r1, 0xffffffffffffffff, 0x0)

1.662996864s ago: executing program 2 (id=202):
r0 = socket$kcm(0x11, 0x3, 0x0)
r1 = socket$unix(0x1, 0x5, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x9102})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x40480, 0x0)
close(r3)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000640)=@newqdisc={0x6c, 0x24, 0x4ee4e6a52ff56541, 0xfffffffe, 0x25dfdbfd, {0x0, 0x0, 0x0, r5, {0x0, 0x10}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x40, 0x2, [@TCA_TBF_PRATE64={0xc, 0x5, 0xd51104f402b26c83}, @TCA_TBF_PBURST={0x8, 0x7, 0x410}, @TCA_TBF_PARMS={0x28, 0x1, {{0x9, 0x0, 0xa, 0x5, 0x1d0c, 0xffff1265}, {0x3, 0x2, 0xd, 0xa9, 0x7, 0x7}, 0x7, 0xbd4, 0x839}}]}}]}, 0x6c}, 0x1, 0x0, 0x0, 0x40088c1}, 0x0)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
setsockopt$sock_attach_bpf(r0, 0x107, 0xf, &(0x7f0000000600), 0x56)
sendmsg$kcm(r0, &(0x7f00000000c0)={&(0x7f0000000580)=@xdp={0x2c, 0x300, r6, 0x3e}, 0x80, &(0x7f0000003600)=[{&(0x7f0000000180)="27030200590214000600006fb96dbcf706e105000000890600001144ee1611", 0x1f}, {&(0x7f0000000f00)="0b676ae7ce0aa301d6ff23b6557b3e02be56268cb67cc8df76c62092c9dc73bf02e2fbfd0d14f594db9a8faca2d1ee15bc4c2c588479eb0b462fed8714ae90e42c4c1477864b7c37d96279e5c380cb5f53b2983f7e1ec1fb074a8d4be7374be1c9b65b8587e435b5dc319cd5d25258ed81710608c0331449192c63736d71c7fbb72bd9ef8a3be726b464f445638ea32879fe12b88ebe8e141ba4b0efe8ae02c225a3c07cbd1c65a5f9a57267f88213743ea2ab323a2f8f1c50ecca7b6ee9a0fea79147e75e0eca42d7cf6d4d9a1e658e44cd8dc36a7b91cca77237962b41d760dd6e3aed631486ad0f453ef4501e60f923d992103a3845a67fca331897cac2bd51790acf2661efa41d90eda2061ce1aa53cbeab80229844f3954fe9ac6447af516907739ea3e6bbb832770194e6e655ec3a7ab80374b17059080c1fa21970d0147401a1ca1e58e3c86d77d116f4208299d7a3665898b2009c3752c786e4b45042b51366a133974ec564c9d2f0d7cbad234223a19b52e0efeccd654fd2bdd57df81cd7b478ef2b59f8446075d812f9d62e63d1b38375765aa7d63965484ef4d9b0b90ec00b39ac0430cbfee05cd73c34ad9922f50292d69194220339e3c923a9121d0e5ab3b7fc0bc6a33cc87d4cc23eb205848aa1febd8dd07bc25978ee5c6f83db659433b6187af151b76870a994fe4440c46b27fc4fae2e4ed9d711e652e6c397ccd89fc7181d168405d21d9f218508d0af65af34d43b95a83cdeb6a2bed82a8b75dcd514403aa7201818b9a0b5fe9c6ef1ce91bb73a66ee7c1a9a66b736f5556eb0d06ddef99bd96b0e9385db94623bbb509536211963e99cf3cacab5e61491086104702d8df708e72b81f4ad4e045b51deece6dc18ea", 0x278}, {&(0x7f0000000240)="acf7aad9756b30b5270e3f3cdf07e0a9dcad2900fbdd735362e4bc61914f291a898418ceeb9c7b62b2150c93a629d18e5a5032b098de85cda1f19e1479f35d4189736cde69a5da42390c0714f69d1cc78062b5e660f8cbb3e538110925c63649288d", 0x62}, {&(0x7f00000022c0)="c1cc6316b04e1180368f8d022708e1f23fb7295c22407c0efd450c4178f6f739e481f136a220101c7650e99f085a2ebb821de18fd510ed7bd6d4fa08c84d414ea15d86ea7bbf8c87aaf443e2f5ea92c1b371c91e652d552aff720fa0811ab30a483ace91278152125ae2299aceafe392a66e0a671a1e235f2850de518d6bfdd2ce8d009bcba53aa07d47ca8954be70ba978d1a2aa1f027db43c290ff21cdccabd7b7759f1513a608b59f5aab453b300f3ee503c772c1577caa855c7c2dba1f7cf50f87a131ed287ef59828f1600c11ee43996532f68a992cb4ec9142652a9191c30d6c0321d81fd7006227606242385d2d0d29d610ffc955911e418d79c658beae98d43ec1f6b1465eaf1c1c79ef", 0x10e}], 0x4}, 0x0)

1.563047557s ago: executing program 0 (id=203):
openat$dir(0xffffffffffffff9c, 0x0, 0x40, 0x16f)
move_pages(0x0, 0x1efe, &(0x7f0000000080), 0x0, &(0x7f0000000040), 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$unix(0x1, 0x2, 0x0)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000100)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)={0x44, r2, 0x1, 0x70bd28, 0x25dfdbfd, {{}, {@void, @val={0x8, 0x3, r3}, @val={0xc, 0x99, {0x7ff, 0x70}}}}, [@NL80211_ATTR_IFNAME={0x14, 0x4, 'syzkaller0\x00'}, @NL80211_ATTR_IFTYPE={0x8, 0x5, 0x6}]}, 0x44}, 0x1, 0x0, 0x0, 0x81}, 0x24044884)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8b18, &(0x7f0000000000)={'wlan1\x00'})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r7=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r6, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0)

1.555458867s ago: executing program 1 (id=204):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbee6, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000380)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmsg$unix(r3, &(0x7f0000000d80)={0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000080)="03", 0x1}], 0x1, &(0x7f0000000280)=ANY=[@ANYBLOB="14000000000000000100000001"], 0x18}, 0x0)
recvmmsg(r4, &(0x7f0000001140), 0x700, 0x2, 0x0)

451.397757ms ago: executing program 2 (id=205):
syz_open_dev$sndctrl(0x0, 0x458, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_ublk_setup_io_uring(0x1d, &(0x7f0000000040)={0x0, 0x30b5, 0x0, 0x2, 0x158}, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0, &(0x7f0000000140)=<r3=>0x0)
syz_ublk_add_dev(r0, r1, r2, r3, &(0x7f0000000200)={0x2e, 0x14, 0x0, 0xffffffffffffffff, 0xc0207504, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, '\x00', {0xffffffff, 0xffff, 0x40, &(0x7f00000004c0)=@any_dev={0x3, 0xe26, 0x0, 0x0, 0x1000, 0x10000, 0xffffffffffffffff, 0x0, 0x4d}}}, &(0x7f0000000480)=<r4=>0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
r6 = dup(r5)
syz_ublk_setup_queues(r6, r4, &(0x7f0000000180)={0x0, 0x1, 0x0, 0x1, 0x255}, &(0x7f0000000800)=[{0x0, 0x0, 0xffffffffffffffff, {0x0, 0x7ffffe, 0x200, 0x2000, 0x10000004, 0x0, r6}}, {0x0, 0x0, 0xffffffffffffffff, {0x0, 0xffffed7c, 0x0, 0x0, 0x146}}, {0x0, 0x0, 0xffffffffffffffff, {0x0, 0xf910, 0x800, 0x1, 0x0, 0x0, r6}}, {0x0, 0x0, 0xffffffffffffffff, {0x0, 0x0, 0x8200, 0x1, 0x367}}], 0x1, &(0x7f0000000340)={0x2e, 0x44, 0x0, 0xffffffffffffffff, 0xc0107520, 0x0, 0x0, 0x700, 0x0, {}, 0x1f, 0x0, '\x00', {0xfff9, 0x4, 0x0, 0x0}}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, 0x0, 0x0)
r7 = socket$nl_sock_diag(0x10, 0x3, 0x4)
ioctl$sock_SIOCETHTOOL(r7, 0x8946, &(0x7f0000000240)={'wlan1\x00', &(0x7f00000002c0)=@ethtool_stats})
ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, 0x0)

166.891235ms ago: executing program 1 (id=206):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=ANY=[@ANYBLOB="600000000206050000000000000000000000000005000400000000000900020073797a32000000001400078005"], 0x60}}, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x42, 0x80)
acct(&(0x7f00000000c0)='./file1\x00')
acct(0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x181c42, 0x56)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r1, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xe, 0x6, &(0x7f0000000000)=ANY=[@ANYBLOB="05000000000000007111670000000000851000000200000085000000b200000095000000000000009500000000000000"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x6}, 0x70)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=ANY=[@ANYBLOB="240100003b0007010000000000000000047c0000040000000c00018006000600800a000000010280f90014"], 0x124}, 0x1, 0x0, 0x0, 0x1}, 0xc000)
r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), r0)
sendmsg$TIPC_NL_BEARER_ADD(r0, &(0x7f0000000380)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000340)={&(0x7f0000000200)={0x12c, r2, 0x8, 0x70bd2d, 0x25dfdbff, {}, [@TIPC_NLA_LINK={0x54, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_PROP={0x2c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x5}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xb}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x13}]}]}, @TIPC_NLA_NET={0x38, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ID={0x8, 0x1, 0x6}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x1}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x8}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x8}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x81}]}, @TIPC_NLA_BEARER={0x8c, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0xf, 0x1, @l2={'ib', 0x3a, 'geneve0\x00'}}, @TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x4e24, @remote}}, {0x14, 0x2, @in={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1e}}}}}, @TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x0, 0xff, @private1, 0x7}}, {0x20, 0x2, @in6={0xa, 0x4e24, 0x5, @empty, 0xff}}}}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x8}]}]}, 0x12c}, 0x1, 0x0, 0x0, 0xc0}, 0x4000000)

110.670526ms ago: executing program 0 (id=207):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x1, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000780)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x1, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x3, 0xfffffffe, 0x6361, 0x7, 0xffffffff, 0x3}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40088c1}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000800)=@newqdisc={0x30, 0x24, 0x4ee4e6a52ff56541, 0x70b922, 0x25dfdc01, {0x0, 0x0, 0x0, r3, {0x0, 0xd}, {0xffff, 0xb}, {0x7, 0xf}}, [@qdisc_kind_options=@q_fq={{0x7}, {0x4}}]}, 0x30}, 0x1, 0x0, 0x0, 0x240040a1}, 0x4890)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r4 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r4, 0x107, 0xf, &(0x7f0000000100)=0x207, 0x4)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000040)={'syzkaller0\x00', <r5=>0x0})
sendto$packet(r4, &(0x7f00000002c0)="05031600d3fc140000004788031c09102c28", 0xfdef, 0x4, &(0x7f0000000140)={0x11, 0x86dd, r5, 0x1, 0x0, 0x6, @multicast}, 0x14)

0s ago: executing program 1 (id=208):
socket$nl_route(0x10, 0x3, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000380)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x143102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = syz_ublk_setup_io_uring(0x20, &(0x7f0000000040)={0x0, 0x2, 0x1000, 0x1}, &(0x7f0000000000)=<r2=>0x0, &(0x7f0000000100)=<r3=>0x0, &(0x7f0000000140)=<r4=>0x0)
unshare(0x28000080)
syz_ublk_add_dev(r1, r2, r3, r4, &(0x7f0000000180)={0x2e, 0x0, 0x0, 0xffffffffffffffff, 0xc0207504, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, <r5=>0x0, '\x00', {0xffffffff, 0xffff, 0x40, &(0x7f00000000c0)=@any_dev={0x1, 0xe50, 0x0, 0x0, 0x1000, 0x2000003, 0x0, 0x0, 0x16}}}, &(0x7f0000000280)=<r6=>0x0)
syz_ublk_setup_queues(r1, r6, &(0x7f0000000200)={0x0, 0x1460, 0x400, 0x3, 0xb4}, &(0x7f00000002c0)=[{0x0, 0x0, 0xffffffffffffffff, {0x0, 0x181b, 0x0, 0x2, 0x2ae, 0x0, r1}}, {0x0, 0x0, 0xffffffffffffffff, {0x0, 0x1e40, 0x1, 0x9, 0x502, 0x0, r1}}, {0x0, 0x0, 0xffffffffffffffff, {0x0, 0x3cb5, 0x1000, 0x3, 0x102c4, 0x0, r1}}, {0x0, 0x0, 0xffffffffffffffff, {0x0, 0x3a0f, 0x1000, 0x2, 0x21b, 0x0, r1}}], 0x4, &(0x7f0000001540)={0x2e, 0x4, 0x0, 0xffffffffffffffff, 0xc0107520, 0x0, 0x0, 0x0, 0x0, {0x6}, 0x0, r5, '\x00', {0x8001, 0x48a, 0x0, 0x0}}, 0x0)

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.0.206' (ED25519) to the list of known hosts.
[   77.324839][ T5762] cgroup: Unknown subsys name 'net'
[   77.487984][ T5762] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   79.106606][ T5762] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   81.405228][   T51] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   81.413896][ T5787] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   81.422174][ T5787] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   81.430274][ T5787] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   81.438234][   T51] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   81.446456][   T51] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   81.483994][ T5788] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   81.490375][   T51] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   81.493188][ T5788] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   81.506071][ T5788] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   81.515109][ T5788] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   81.522999][ T5788] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[   81.530192][   T51] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   81.537244][ T5788] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   81.544519][ T5787] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   81.552541][   T51] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[   81.560682][ T5787] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   81.569843][ T5787] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   81.572288][ T5085] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   81.589894][ T5085] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   81.598063][ T5085] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   81.622623][ T5085] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   81.635202][ T5085] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[   81.643943][ T5085] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   82.031888][ T5773] chnl_net:caif_netlink_parms(): no params data found
[   82.203139][ T5776] chnl_net:caif_netlink_parms(): no params data found
[   82.215033][ T5773] bridge0: port 1(bridge_slave_0) entered blocking state
[   82.222994][ T5773] bridge0: port 1(bridge_slave_0) entered disabled state
[   82.230413][ T5773] bridge_slave_0: entered allmulticast mode
[   82.237403][ T5773] bridge_slave_0: entered promiscuous mode
[   82.251479][ T5774] chnl_net:caif_netlink_parms(): no params data found
[   82.276233][ T5773] bridge0: port 2(bridge_slave_1) entered blocking state
[   82.283691][ T5773] bridge0: port 2(bridge_slave_1) entered disabled state
[   82.291059][ T5773] bridge_slave_1: entered allmulticast mode
[   82.298222][ T5773] bridge_slave_1: entered promiscuous mode
[   82.401457][ T5773] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   82.426041][ T5773] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   82.446610][ T5775] chnl_net:caif_netlink_parms(): no params data found
[   82.493330][ T5773] team0: Port device team_slave_0 added
[   82.542314][ T5773] team0: Port device team_slave_1 added
[   82.548468][ T5776] bridge0: port 1(bridge_slave_0) entered blocking state
[   82.555860][ T5776] bridge0: port 1(bridge_slave_0) entered disabled state
[   82.563290][ T5776] bridge_slave_0: entered allmulticast mode
[   82.570700][ T5776] bridge_slave_0: entered promiscuous mode
[   82.588865][ T5774] bridge0: port 1(bridge_slave_0) entered blocking state
[   82.596132][ T5774] bridge0: port 1(bridge_slave_0) entered disabled state
[   82.603849][ T5774] bridge_slave_0: entered allmulticast mode
[   82.611312][ T5774] bridge_slave_0: entered promiscuous mode
[   82.629089][ T5776] bridge0: port 2(bridge_slave_1) entered blocking state
[   82.637664][ T5776] bridge0: port 2(bridge_slave_1) entered disabled state
[   82.644950][ T5776] bridge_slave_1: entered allmulticast mode
[   82.652738][ T5776] bridge_slave_1: entered promiscuous mode
[   82.665393][ T5774] bridge0: port 2(bridge_slave_1) entered blocking state
[   82.675335][ T5774] bridge0: port 2(bridge_slave_1) entered disabled state
[   82.682675][ T5774] bridge_slave_1: entered allmulticast mode
[   82.689575][ T5774] bridge_slave_1: entered promiscuous mode
[   82.729294][ T5774] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   82.749667][ T5773] batman_adv: batadv0: Adding interface: batadv_slave_0
[   82.756729][ T5773] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   82.782903][ T5773] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   82.805007][ T5774] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   82.825663][ T5773] batman_adv: batadv0: Adding interface: batadv_slave_1
[   82.833217][ T5773] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   82.859353][ T5773] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   82.885542][ T5776] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   82.931309][ T5774] team0: Port device team_slave_0 added
[   82.942631][ T5776] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   82.979485][ T5775] bridge0: port 1(bridge_slave_0) entered blocking state
[   82.986834][ T5775] bridge0: port 1(bridge_slave_0) entered disabled state
[   82.994972][ T5775] bridge_slave_0: entered allmulticast mode
[   83.002579][ T5775] bridge_slave_0: entered promiscuous mode
[   83.014107][ T5774] team0: Port device team_slave_1 added
[   83.035345][ T5776] team0: Port device team_slave_0 added
[   83.041771][ T5775] bridge0: port 2(bridge_slave_1) entered blocking state
[   83.049143][ T5775] bridge0: port 2(bridge_slave_1) entered disabled state
[   83.057137][ T5775] bridge_slave_1: entered allmulticast mode
[   83.065033][ T5775] bridge_slave_1: entered promiscuous mode
[   83.107388][ T5776] team0: Port device team_slave_1 added
[   83.135479][ T5775] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   83.176299][ T5774] batman_adv: batadv0: Adding interface: batadv_slave_0
[   83.183441][ T5774] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   83.209674][ T5774] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   83.234675][ T5775] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   83.245265][ T5776] batman_adv: batadv0: Adding interface: batadv_slave_0
[   83.252678][ T5776] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   83.279003][ T5776] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   83.292164][ T5776] batman_adv: batadv0: Adding interface: batadv_slave_1
[   83.299144][ T5776] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   83.325169][ T5776] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   83.338424][ T5774] batman_adv: batadv0: Adding interface: batadv_slave_1
[   83.345867][ T5774] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   83.372031][ T5774] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   83.388952][ T5773] hsr_slave_0: entered promiscuous mode
[   83.396320][ T5773] hsr_slave_1: entered promiscuous mode
[   83.436182][ T5775] team0: Port device team_slave_0 added
[   83.452044][ T5775] team0: Port device team_slave_1 added
[   83.550714][ T5775] batman_adv: batadv0: Adding interface: batadv_slave_0
[   83.557685][ T5775] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   83.584256][ T5775] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   83.610495][ T5774] hsr_slave_0: entered promiscuous mode
[   83.616831][ T5774] hsr_slave_1: entered promiscuous mode
[   83.623681][ T5774] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   83.631946][ T5778] Bluetooth: hci1: command tx timeout
[   83.632106][ T5774] Cannot create hsr debugfs directory
[   83.650722][ T5775] batman_adv: batadv0: Adding interface: batadv_slave_1
[   83.657707][ T5775] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   83.684956][ T5775] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   83.700060][ T5778] Bluetooth: hci3: command tx timeout
[   83.705733][ T5778] Bluetooth: hci2: command tx timeout
[   83.711859][ T5085] Bluetooth: hci0: command tx timeout
[   83.737594][ T5776] hsr_slave_0: entered promiscuous mode
[   83.744033][ T5776] hsr_slave_1: entered promiscuous mode
[   83.750373][ T5776] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   83.757977][ T5776] Cannot create hsr debugfs directory
[   83.858572][ T5775] hsr_slave_0: entered promiscuous mode
[   83.868368][ T5775] hsr_slave_1: entered promiscuous mode
[   83.874864][ T5775] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   83.883929][ T5775] Cannot create hsr debugfs directory
[   84.228988][ T5773] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   84.242677][ T5773] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   84.255103][ T5773] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   84.268960][ T5773] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   84.358968][ T5776] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   84.369189][ T5776] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   84.382182][ T5776] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   84.397443][ T5776] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   84.476060][ T5774] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   84.493176][ T5774] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   84.504127][ T5774] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   84.527867][ T5774] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   84.551913][ T5773] 8021q: adding VLAN 0 to HW filter on device bond0
[   84.649028][ T5773] 8021q: adding VLAN 0 to HW filter on device team0
[   84.659170][ T5775] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   84.680777][ T5775] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   84.696363][ T3421] bridge0: port 1(bridge_slave_0) entered blocking state
[   84.703837][ T3421] bridge0: port 1(bridge_slave_0) entered forwarding state
[   84.721822][ T5775] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   84.733999][ T5775] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   84.767187][ T3421] bridge0: port 2(bridge_slave_1) entered blocking state
[   84.774362][ T3421] bridge0: port 2(bridge_slave_1) entered forwarding state
[   84.916673][ T5776] 8021q: adding VLAN 0 to HW filter on device bond0
[   84.956455][ T5774] 8021q: adding VLAN 0 to HW filter on device bond0
[   84.977878][ T5776] 8021q: adding VLAN 0 to HW filter on device team0
[   85.016256][ T3538] bridge0: port 1(bridge_slave_0) entered blocking state
[   85.023477][ T3538] bridge0: port 1(bridge_slave_0) entered forwarding state
[   85.055503][ T5774] 8021q: adding VLAN 0 to HW filter on device team0
[   85.073549][ T5775] 8021q: adding VLAN 0 to HW filter on device bond0
[   85.094521][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[   85.102007][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[   85.113144][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[   85.120382][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[   85.168295][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[   85.175532][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[   85.203531][ T5775] 8021q: adding VLAN 0 to HW filter on device team0
[   85.252574][ T3421] bridge0: port 1(bridge_slave_0) entered blocking state
[   85.259733][ T3421] bridge0: port 1(bridge_slave_0) entered forwarding state
[   85.314973][ T3421] bridge0: port 2(bridge_slave_1) entered blocking state
[   85.322160][ T3421] bridge0: port 2(bridge_slave_1) entered forwarding state
[   85.445117][ T5773] 8021q: adding VLAN 0 to HW filter on device batadv0
[   85.605420][ T5773] veth0_vlan: entered promiscuous mode
[   85.656088][ T5773] veth1_vlan: entered promiscuous mode
[   85.701281][ T5778] Bluetooth: hci1: command tx timeout
[   85.756920][ T5773] veth0_macvtap: entered promiscuous mode
[   85.779947][ T5778] Bluetooth: hci2: command tx timeout
[   85.785420][ T5778] Bluetooth: hci0: command tx timeout
[   85.794500][ T5085] Bluetooth: hci3: command tx timeout
[   85.817314][ T5773] veth1_macvtap: entered promiscuous mode
[   85.897586][ T5773] batman_adv: batadv0: Interface activated: batadv_slave_0
[   85.925510][ T5774] 8021q: adding VLAN 0 to HW filter on device batadv0
[   85.953322][ T5776] 8021q: adding VLAN 0 to HW filter on device batadv0
[   85.972194][ T5773] batman_adv: batadv0: Interface activated: batadv_slave_1
[   85.984151][ T5773] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   85.993766][ T5773] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   86.002917][ T5773] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   86.011803][ T5773] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   86.083304][ T5775] 8021q: adding VLAN 0 to HW filter on device batadv0
[   86.138086][ T5774] veth0_vlan: entered promiscuous mode
[   86.191087][ T5774] veth1_vlan: entered promiscuous mode
[   86.201225][ T5776] veth0_vlan: entered promiscuous mode
[   86.248364][ T1145] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   86.257921][ T1145] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   86.295913][ T5776] veth1_vlan: entered promiscuous mode
[   86.314328][ T5775] veth0_vlan: entered promiscuous mode
[   86.358725][ T5775] veth1_vlan: entered promiscuous mode
[   86.373591][   T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   86.382567][   T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   86.421210][ T5776] veth0_macvtap: entered promiscuous mode
[   86.455791][ T5776] veth1_macvtap: entered promiscuous mode
[   86.477781][ T5774] veth0_macvtap: entered promiscuous mode
[   86.507744][ T5774] veth1_macvtap: entered promiscuous mode
[   86.528932][ T5776] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   86.543804][ T5776] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   86.555957][ T5776] batman_adv: batadv0: Interface activated: batadv_slave_0
[   86.567363][ T5776] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   86.580450][ T5776] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   86.593667][ T5776] batman_adv: batadv0: Interface activated: batadv_slave_1
[   86.639043][ T5775] veth0_macvtap: entered promiscuous mode
[   86.658529][ T5775] veth1_macvtap: entered promiscuous mode
[   86.683492][ T5774] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   86.697335][ T5774] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   86.708139][ T5774] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   86.724286][ T5774] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   86.738050][ T5774] batman_adv: batadv0: Interface activated: batadv_slave_0
[   86.756631][ T5776] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   86.765790][ T5776] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   86.776607][ T5776] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   86.785801][ T5776] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   86.812041][ T5774] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   86.823484][ T5774] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   86.835041][ T5774] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   86.846119][ T5774] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   86.858314][ T5774] batman_adv: batadv0: Interface activated: batadv_slave_1
[   86.882354][ T5774] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   86.891473][ T5774] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   86.914867][ T5774] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   86.925318][ T5774] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   86.957159][ T5775] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   86.968127][ T5775] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   87.000845][ T5775] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   87.018132][ T5775] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   87.030864][ T5775] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   87.042049][ T5775] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   87.062560][ T5775] batman_adv: batadv0: Interface activated: batadv_slave_0
[   87.104877][ T5775] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   87.136240][ T5775] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   87.149601][ T5775] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   87.160225][ T5775] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   87.170147][ T5775] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   87.180975][ T5775] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   87.192841][ T5775] batman_adv: batadv0: Interface activated: batadv_slave_1
[   87.239061][ T5775] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   87.258680][ T5775] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   87.268346][ T5775] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   87.282585][ T5775] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   87.507573][ T3421] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   87.533358][ T3421] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   87.592983][ T1124] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   87.606074][ T1124] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   87.654297][ T1124] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   87.675000][ T1124] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   87.758170][ T1124] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   87.781991][ T5778] Bluetooth: hci1: command tx timeout
[   87.797388][ T1124] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   87.860575][ T5085] Bluetooth: hci0: command tx timeout
[   87.861371][ T5781] Bluetooth: hci3: command tx timeout
[   87.866264][ T5778] Bluetooth: hci2: command tx timeout
[   87.884114][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   87.932554][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   87.949297][   T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   87.985448][   T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   88.088327][ T5845] <
[   89.341816][ T5865] syz.2.6[5865]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set
[   89.407621][ T5865] loop2: detected capacity change from 0 to 512
[   89.761566][ T5870] syzkaller0: entered promiscuous mode
[   89.767707][ T5870] syzkaller0: entered allmulticast mode
[   89.889210][ T5778] Bluetooth: hci1: command tx timeout
[   89.941863][ T5778] Bluetooth: hci3: command tx timeout
[   89.942470][ T5781] Bluetooth: hci2: command tx timeout
[   89.947370][ T5778] Bluetooth: hci0: command tx timeout
[   90.090975][ T5870] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[   90.144147][ T3538] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[   90.317893][ T5877] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[   92.024604][   T27] cfg80211: failed to load regulatory.db
[   92.051776][ T5887] loop1: detected capacity change from 0 to 32768
[   92.105486][ T5887] (syz.1.13,5887,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[   92.146295][ T5887] (syz.1.13,5887,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[   92.293933][ T5887] JBD2: Ignoring recovery information on journal
[   93.238476][ T5887] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[   94.090990][   T28] audit: type=1800 audit(1782170398.070:2): pid=5887 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.13" name="file1" dev="loop1" ino=16978 res=0 errno=0
[   94.191862][   T28] audit: type=1800 audit(1782170398.190:3): pid=5911 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.13" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="loop1" ino=16979 res=0 errno=0
[   94.332471][ T5911] syz.1.13 (5911) used greatest stack depth: 17752 bytes left
[   94.454032][ T5774] ocfs2: Unmounting device (7,1) on (node local)
[   94.456395][ T5922] loop0: detected capacity change from 0 to 512
[   94.494675][ T5918] syzkaller0: entered promiscuous mode
[   94.523978][ T5918] syzkaller0: entered allmulticast mode
[   94.544961][ T5920] syzkaller0: entered promiscuous mode
[   94.571536][ T5920] syzkaller0: entered allmulticast mode
[   95.626216][ T5934] syzkaller0: entered promiscuous mode
[   95.635256][ T5934] syzkaller0: entered allmulticast mode
[   98.892272][ T5967] Bluetooth: MGMT ver 1.22
[  100.110803][   T28] audit: type=1326 audit(1782170404.090:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5957 comm="syz.1.32" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdf83f9ce59 code=0x7fc00000
[  100.322830][ T5976] syzkaller0: entered promiscuous mode
[  100.323039][ T5981] loop1: detected capacity change from 0 to 512
[  100.328400][ T5976] syzkaller0: entered allmulticast mode
[  103.306725][ T5995] capability: warning: `syz.2.46' uses deprecated v2 capabilities in a way that may be insecure
[  105.459683][ T6037] syzkaller0: entered promiscuous mode
[  105.480692][ T6037] syzkaller0: entered allmulticast mode
[  105.725758][ T6042] syzkaller0: entered promiscuous mode
[  105.739913][ T6042] syzkaller0: entered allmulticast mode
[  109.299096][ T6049] loop2: detected capacity change from 0 to 32768
[  109.307095][ T6049] =======================================================
[  109.307095][ T6049] WARNING: The mand mount option has been deprecated and
[  109.307095][ T6049]          and is ignored by this kernel. Remove the mand
[  109.307095][ T6049]          option from the mount to silence this warning.
[  109.307095][ T6049] =======================================================
[  109.410196][ T6049] workqueue: Failed to create a rescuer kthread for wq "ocfs2_wq": -EINTR
[  109.410508][ T6049] (syz.2.56,6049,0):ocfs2_initialize_super:2285 ERROR: status = -12
[  109.457412][ T6049] (syz.2.56,6049,0):ocfs2_fill_super:1178 ERROR: status = -12
[  109.517065][ T6064] syzkaller0: entered promiscuous mode
[  111.511440][ T6064] syzkaller0: entered allmulticast mode
[  112.771930][ T6079] tipc: Started in network mode
[  112.830321][ T6079] tipc: Node identity 5acd6a6d1779, cluster identity 4711
[  112.885013][ T6079] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  113.131705][ T6078] tipc: Disabling bearer <eth:syzkaller0>
[  113.663367][ T6094] sch_tbf: burst 14 is lower than device syzkaller0 mtu (1500) !
[  113.725479][ T6094] syzkaller0: entered promiscuous mode
[  113.743499][ T6094] syzkaller0: entered allmulticast mode
[  114.219749][    C0] sched: RT throttling activated
[  114.374635][ T6101] Bluetooth: hci0: invalid length 0, exp 2 for type 9
[  114.560104][ T6103] syzkaller0: entered promiscuous mode
[  114.573522][ T6103] syzkaller0: entered allmulticast mode
[  116.748022][ T6122] loop2: detected capacity change from 0 to 512
[  117.663482][ T6136] loop3: detected capacity change from 0 to 128
[  117.820913][ T6138] loop2: detected capacity change from 0 to 64
[  117.929555][ T6140] loop1: detected capacity change from 0 to 512
[  117.956037][ T6140] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[  118.044017][ T6140] EXT4-fs error (device loop1): ext4_orphan_get:1430: comm syz.1.86: bad orphan inode 13
[  118.068802][ T6140] ext4_test_bit(bit=12, block=18) = 1
[  118.074666][ T5817] usb 4-1: new low-speed USB device number 2 using dummy_hcd
[  118.088377][ T6140] is_bad_inode(inode)=0
[  118.095160][ T6140] NEXT_ORPHAN(inode)=0
[  118.099313][ T6140] max_ino=32
[  118.107539][ T6140] i_nlink=1
[  118.115864][ T6140] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0008-000000000000 r/w without journal. Quota mode: writeback.
[  118.494285][ T6149] EXT4-fs warning (device loop1): ext4_update_dynamic_rev:1154: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  118.537718][ T6149] EXT4-fs error (device loop1): ext4_validate_block_bitmap:439: comm syz.1.86: bg 0: block 248: padding at end of block bitmap is not set
[  118.584181][ T6149] Quota error (device loop1): write_blk: dquota write failed
[  118.609036][ T6149] Quota error (device loop1): qtree_write_dquot: Error -28 occurred while creating quota
[  118.626004][ T6149] EXT4-fs error (device loop1): ext4_acquire_dquot:6953: comm syz.1.86: Failed to acquire dquot type 1
[  119.145834][ T6151] loop2: detected capacity change from 0 to 8192
[  119.193129][ T5817] usb 4-1: unable to get BOS descriptor or descriptor too short
[  119.208246][ T5817] usb 4-1: config 1 interface 0 altsetting 241 endpoint 0x81 has invalid maxpacket 64, setting to 8
[  119.242599][ T5817] usb 4-1: config 1 interface 0 altsetting 241 endpoint 0x82 is Bulk; changing to Interrupt
[  119.298918][ T5817] usb 4-1: config 1 interface 0 altsetting 241 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  119.317620][ T5817] usb 4-1: config 1 interface 0 has no altsetting 0
[  119.332559][ T5817] usb 4-1: string descriptor 0 read error: -22
[  119.343239][ T5774] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0008-000000000000.
[  119.346818][ T5817] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  119.385130][ T5817] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  119.446479][ T6136] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  119.477599][ T6136] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  119.499493][ T6136] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  119.558918][ T5817] cdc_ether: probe of 4-1:1.0 failed with error -22
[  119.630220][ T6153] syzkaller0: entered promiscuous mode
[  119.668141][ T6153] syzkaller0: entered allmulticast mode
[  119.701038][ T6157] tipc: Started in network mode
[  119.728852][ T6157] tipc: Node identity 96c03604a63b, cluster identity 4711
[  119.760178][ T6157] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  119.787674][ T6152] tipc: Resetting bearer <eth:syzkaller0>
[  119.864339][ T6161] ieee802154 phy0 wpan0: encryption failed: -22
[  119.873865][ T6152] tipc: Disabling bearer <eth:syzkaller0>
[  120.293559][ T6158] loop2: detected capacity change from 0 to 32768
[  120.429895][   T10] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  120.630020][   T10] usb 1-1: Using ep0 maxpacket: 16
[  120.645625][   T10] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  120.665537][   T10] usb 1-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  120.683727][   T10] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  120.699969][   T10] usb 1-1: Product: syz
[  120.704298][   T10] usb 1-1: Manufacturer: syz
[  120.708928][   T10] usb 1-1: SerialNumber: syz
[  120.737068][   T10] usb 1-1: config 0 descriptor??
[  120.758172][   T10] em28xx 1-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  120.782097][   T10] em28xx 1-1:0.0: DVB interface 0 found: bulk
[  120.826239][ T5817] usb 4-1: USB disconnect, device number 2
[  120.954739][ T6172] loop3: detected capacity change from 0 to 256
[  121.049302][ T6172] FAT-fs (loop3): Directory bread(block 64) failed
[  121.066742][ T6172] FAT-fs (loop3): Directory bread(block 65) failed
[  121.094705][ T6172] FAT-fs (loop3): Directory bread(block 66) failed
[  121.109972][ T6172] FAT-fs (loop3): Directory bread(block 67) failed
[  121.129428][ T6172] FAT-fs (loop3): Directory bread(block 68) failed
[  121.157194][ T6172] FAT-fs (loop3): Directory bread(block 69) failed
[  121.175658][ T6172] FAT-fs (loop3): Directory bread(block 70) failed
[  121.193967][ T6172] FAT-fs (loop3): Directory bread(block 71) failed
[  121.223499][ T6172] FAT-fs (loop3): Directory bread(block 72) failed
[  121.243204][ T6172] FAT-fs (loop3): Directory bread(block 73) failed
[  121.393679][   T10] em28xx 1-1:0.0: unknown em28xx chip ID (0)
[  121.617804][ T6176] loop2: detected capacity change from 0 to 2048
[  121.635715][ T6176] EXT4-fs: Ignoring removed nomblk_io_submit option
[  121.845977][ T6176] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  122.046086][   T10] em28xx 1-1:0.0: reading from i2c device at 0xa0 failed (error=-5)
[  122.171052][ T5773] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  122.293105][   T10] em28xx 1-1:0.0: board has no eeprom
[  123.032211][   T10] em28xx 1-1:0.0: Identified as PCTV tripleStick (292e) (card=94)
[  123.043494][ T6197] netlink: 'syz.1.99': attribute type 64 has an invalid length.
[  123.094757][   T10] em28xx 1-1:0.0: dvb set to bulk mode.
[  123.645152][   T10] em28xx 1-1:0.0: Binding DVB extension
[  123.961535][ T6166] em28xx 1-1:0.0: reading from i2c device at 0xe failed (error=-5)
[  124.040033][    T8] usb 1-1: USB disconnect, device number 2
[  124.046998][    T8] em28xx 1-1:0.0: Disconnecting em28xx
[  124.099908][   T28] audit: type=1326 audit(1782170427.990:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6200 comm="syz.2.101" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f923cf9ce59 code=0x7ffc0000
[  124.220387][ T6203] loop1: detected capacity change from 0 to 32768
[  124.229997][   T28] audit: type=1326 audit(1782170427.990:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6200 comm="syz.2.101" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f923cf9ce59 code=0x7ffc0000
[  124.258849][   T28] audit: type=1326 audit(1782170427.990:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6200 comm="syz.2.101" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f923cf9ce59 code=0x7ffc0000
[  124.291486][   T10] em28xx 1-1:0.0: Registering input extension
[  124.301484][   T28] audit: type=1326 audit(1782170428.010:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6200 comm="syz.2.101" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=426 compat=0 ip=0x7f923cf9ce59 code=0x7ffc0000
[  124.331185][ T6203] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  124.345694][   T28] audit: type=1326 audit(1782170428.070:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6200 comm="syz.2.101" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f923cf9ce59 code=0x7ffc0000
[  124.356589][    T8] em28xx 1-1:0.0: Closing input extension
[  124.382019][   T28] audit: type=1326 audit(1782170428.070:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6200 comm="syz.2.101" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f923cf9ce59 code=0x7ffc0000
[  124.457244][   T28] audit: type=1326 audit(1782170428.070:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6200 comm="syz.2.101" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f923cf9ce59 code=0x7ffc0000
[  124.498830][   T28] audit: type=1326 audit(1782170428.070:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6200 comm="syz.2.101" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f923cf9ce59 code=0x7ffc0000
[  124.523561][    T8] em28xx 1-1:0.0: Freeing device
[  124.539119][ T6210] Zero length message leads to an empty skb
[  124.707350][   T28] audit: type=1326 audit(1782170428.070:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6200 comm="syz.2.101" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f923cf9ce59 code=0x7ffc0000
[  124.815466][   T28] audit: type=1326 audit(1782170428.070:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6200 comm="syz.2.101" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f923cf5d68e code=0x7ffc0000
[  124.829682][ T6215] loop0: detected capacity change from 0 to 128
[  124.850364][ T6215] ext4: Unknown parameter 'fsmagic'
[  125.755636][ T5774] ocfs2: Unmounting device (7,1) on (node local)
[  126.438750][ T6223] syzkaller0: entered promiscuous mode
[  126.456803][ T6223] syzkaller0: entered allmulticast mode
[  126.599950][    T8] usb 4-1: new full-speed USB device number 3 using dummy_hcd
[  126.646000][ T6228] netlink: 4 bytes leftover after parsing attributes in process `syz.1.106'.
[  126.660104][ T5085] Bluetooth: hci2: command tx timeout
[  126.791488][ T6228] team0: Port device team_slave_0 removed
[  126.802246][    T8] usb 4-1: config 3 has an invalid descriptor of length 0, skipping remainder of the config
[  126.815638][    T8] usb 4-1: config 3 has 0 interfaces, different from the descriptor's value: 1
[  126.827534][ T6229] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  126.836786][    T8] usb 4-1: New USB device found, idVendor=03f0, idProduct=0f9b, bcdDevice=d2.cf
[  126.861185][    T8] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  126.869241][    T8] usb 4-1: Product: syz
[  126.877442][ T6225] tipc: Disabling bearer <eth:syzkaller0>
[  126.903875][    T8] usb 4-1: Manufacturer: syz
[  126.908886][    T8] usb 4-1: SerialNumber: syz
[  127.140763][ T6236] syzkaller0: entered promiscuous mode
[  127.146807][ T6236] syzkaller0: entered allmulticast mode
[  127.577529][ T5837] usb 4-1: USB disconnect, device number 3
[  127.974790][ T6239] syzkaller0: entered promiscuous mode
[  127.988307][ T6239] syzkaller0: entered allmulticast mode
[  128.013077][ T6241] netlink: 28 bytes leftover after parsing attributes in process `syz.0.114'.
[  128.038407][ T6241] netlink: 28 bytes leftover after parsing attributes in process `syz.0.114'.
[  128.108213][ T6241] syzkaller0: entered promiscuous mode
[  128.114662][ T6241] syzkaller0: entered allmulticast mode
[  128.408858][ T6243] syzkaller0: entered promiscuous mode
[  128.429795][ T6243] syzkaller0: entered allmulticast mode
[  128.619718][ T6245] loop3: detected capacity change from 0 to 4096
[  129.837746][ T6245] EXT4-fs: Ignoring removed orlov option
[  130.077501][ T6245] EXT4-fs (loop3): Test dummy encryption mode enabled
[  130.861675][ T6262] iommufd_mock iommufd_mock1: Adding to iommu group 0
[  131.971975][ T6245] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  132.184482][ T5776] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  132.260422][ T6265] 9pnet_fd: Insufficient options for proto=fd
[  133.200742][ T1292] ieee802154 phy0 wpan0: encryption failed: -22
[  133.207219][ T1292] ieee802154 phy1 wpan1: encryption failed: -22
[  133.592974][ T6275] warning: `syz.3.125' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  133.639613][ T6273] sch_tbf: burst 255 is lower than device syzkaller0 mtu (1514) !
[  135.543464][ T6297] binder: 6296:6297 ioctl c0306201 2000000006c0 returned -14
[  135.893914][ T6291] loop3: detected capacity change from 0 to 40427
[  135.919295][ T6291] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  135.943615][ T6291] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  135.976191][ T6291] F2FS-fs (loop3): invalid crc value
[  136.057930][ T6291] F2FS-fs (loop3): Found nat_bits in checkpoint
[  136.859408][ T6291] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  136.907462][ T6291] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  137.779014][ T6291] netlink: 32 bytes leftover after parsing attributes in process `syz.3.130'.
[  139.859471][ T6344] loop2: detected capacity change from 0 to 128
[  139.986543][ T6344] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  140.087701][ T6344] ext4 filesystem being mounted at /41/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  140.141625][ T6351] tipc: Failed to remove unknown binding: 66,0,0/0:3938601846/3938601848
[  140.216422][ T6350] tipc: Failed to remove unknown binding: 66,0,0/0:2783184126/2783184127
[  140.227780][ T6350] tipc: Failed to remove unknown binding: 66,0,0/0:2783184126/2783184127
[  142.200498][ T6364] binder: 6363:6364 ioctl c0306201 0 returned -14
[  142.208929][ T6364] binder: 6363:6364 ioctl 4018620d 0 returned -22
[  142.228967][ T6354] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  142.267925][ T6366] binder: 6363:6366 ioctl c0306201 0 returned -14
[  142.275784][ T6366] binder: 6363:6366 ioctl 4018620d 0 returned -22
[  142.313895][ T6366] binder: 6363:6366 ioctl c0306201 0 returned -14
[  143.850105][ T6377] netlink: 8 bytes leftover after parsing attributes in process `syz.3.152'.
[  144.615644][ T6388] loop3: detected capacity change from 0 to 128
[  145.394633][ T6399] netlink: 'syz.0.159': attribute type 1 has an invalid length.
[  145.479108][ T6399] 8021q: adding VLAN 0 to HW filter on device bond1
[  145.488563][ T6401] bond1: up delay (136) is not a multiple of miimon (100), value rounded to 100 ms
[  145.552572][ T6401] bond1: entered allmulticast mode
[  145.588915][ T6399] bond1: (slave ip6gretap1): Enslaving as an active interface with an up link
[  145.747089][ T6409] loop3: detected capacity change from 0 to 512
[  147.225397][ T6422] netdevsim netdevsim0: Direct firmware load for ./file0 failed with error -2
[  147.234786][ T6422] netdevsim netdevsim0: Falling back to sysfs fallback for: ./file0
[  149.065792][ T6442] syzkaller0: entered promiscuous mode
[  149.083517][ T6442] syzkaller0: entered allmulticast mode
[  152.500082][ T6472] loop3: detected capacity change from 0 to 40427
[  152.516656][ T6472] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  152.524524][ T6472] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  152.558105][ T6472] F2FS-fs (loop3): Found nat_bits in checkpoint
[  152.624183][ T6472] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  152.631326][ T6472] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  152.771277][   T28] kauditd_printk_skb: 67 callbacks suppressed
[  152.771294][   T28] audit: type=1804 audit(1782170456.760:82): pid=6472 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.177" name="/newroot/39/file0/bus" dev="loop3" ino=10 res=1 errno=0
[  152.979995][   T28] audit: type=1804 audit(1782170456.970:83): pid=6485 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.178" name="/newroot/45/file1" dev="fuse" ino=1 res=1 errno=0
[  153.061992][   T28] audit: type=1800 audit(1782170457.000:84): pid=6485 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.178" name="/" dev="fuse" ino=1 res=0 errno=0
[  153.144043][   T28] audit: type=1800 audit(1782170457.000:85): pid=6483 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.178" name="/" dev="fuse" ino=1 res=0 errno=0
[  153.264202][ T6491] syzkaller0: entered promiscuous mode
[  153.286329][ T6491] syzkaller0: entered allmulticast mode
[  154.705400][ T6514] syzkaller0: entered promiscuous mode
[  154.717672][ T6514] syzkaller0: entered allmulticast mode
[  157.543527][ T6534] syz.0.191 uses obsolete (PF_INET,SOCK_PACKET)
[  158.649927][   T10] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  158.686373][ T6559] syzkaller0: entered promiscuous mode
[  158.700326][ T6559] syzkaller0: entered allmulticast mode
[  158.724101][   T49] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  158.745151][ T6559] tipc: Started in network mode
[  158.760432][ T6559] tipc: Node identity 1e3ff5e2baa, cluster identity 4711
[  158.776458][ T6559] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  158.785582][ T6559] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  158.796541][ T6561] netlink: 12 bytes leftover after parsing attributes in process `syz.0.199'.
[  158.832040][ T6558] tipc: Resetting bearer <eth:syzkaller0>
[  158.842327][   T10] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  158.858554][   T10] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  158.879979][   T10] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  158.898368][   T10] usb 4-1: config 0 descriptor??
[  158.914153][ T6558] tipc: Disabling bearer <eth:syzkaller0>
[  158.949601][ T6561] bond2: entered promiscuous mode
[  158.959644][ T6561] bond2: entered allmulticast mode
[  160.502994][   T27] usb 4-1: USB disconnect, device number 4
[  160.550223][   T10] Process accounting resumed
[  160.589558][ T6591] openvswitch: netlink: Actions may not be safe on all matching packets
[  160.715347][ T6593] 
[  160.717781][ T6593] =============================
[  160.722939][ T6593] WARNING: suspicious RCU usage
[  160.727832][ T6593] syzkaller #0 Not tainted
[  160.732344][ T6593] -----------------------------
[  160.737203][ T6593] net/mac80211/iface.c:378 suspicious rcu_dereference_protected() usage!
[  160.745744][ T6593] 
[  160.745744][ T6593] other info that might help us debug this:
[  160.745744][ T6593] 
[  160.756051][ T6593] 
[  160.756051][ T6593] rcu_scheduler_active = 2, debug_locks = 1
[  160.764731][ T6593] 1 lock held by syz.0.207/6593:
[  160.769924][ T6593]  #0: ffffffff8e3bfe48 (rtnl_mutex){+.+.}-{3:3}, at: dev_ioctl+0x7a4/0x1140
[  160.778779][ T6593] 
[  160.778779][ T6593] stack backtrace:
[  160.785265][ T6593] CPU: 0 PID: 6593 Comm: syz.0.207 Not tainted syzkaller #0
[  160.792602][ T6593] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  160.802686][ T6593] Call Trace:
[  160.806015][ T6593]  <TASK>
[  160.808958][ T6593]  dump_stack_lvl+0x18c/0x250
[  160.813669][ T6593]  ? load_image+0x420/0x420
[  160.818215][ T6593]  ? show_regs_print_info+0x20/0x20
[  160.823451][ T6593]  ? load_image+0x420/0x420
[  160.827970][ T6593]  ? print_tainted+0x14c/0x170
[  160.832791][ T6593]  lockdep_rcu_suspicious+0x1e1/0x300
[  160.838188][ T6593]  ieee80211_check_concurrent_iface+0x46b/0x950
[  160.844480][ T6593]  ieee80211_open+0xc1/0x200
[  160.849148][ T6593]  __dev_open+0x2cb/0x430
[  160.853550][ T6593]  ? dev_open+0x190/0x190
[  160.857906][ T6593]  __dev_change_flags+0x1e8/0x6a0
[  160.862963][ T6593]  ? dev_load+0x21/0x1f0
[  160.867258][ T6593]  ? __lock_acquire+0x7d80/0x7d80
[  160.872318][ T6593]  ? dev_get_flags+0x1c0/0x1c0
[  160.877100][ T6593]  ? full_name_hash+0x92/0xe0
[  160.881808][ T6593]  dev_change_flags+0x7c/0x1a0
[  160.886601][ T6593]  dev_ioctl+0x7b4/0x1140
[  160.890998][ T6593]  sock_do_ioctl+0x239/0x310
[  160.895616][ T6593]  ? sock_show_fdinfo+0xb0/0xb0
[  160.900496][ T6593]  sock_ioctl+0x5be/0x7e0
[  160.904838][ T6593]  ? sock_poll+0x3e0/0x3e0
[  160.909280][ T6593]  ? bpf_lsm_file_ioctl+0x9/0x10
[  160.914225][ T6593]  ? security_file_ioctl+0x80/0xa0
[  160.919346][ T6593]  ? sock_poll+0x3e0/0x3e0
[  160.923779][ T6593]  __se_sys_ioctl+0xfd/0x170
[  160.928387][ T6593]  do_syscall_64+0x55/0xb0
[  160.932822][ T6593]  ? clear_bhb_loop+0x40/0x90
[  160.937508][ T6593]  ? clear_bhb_loop+0x40/0x90
[  160.942196][ T6593]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  160.948133][ T6593] RIP: 0033:0x7fc3d779ce59
[  160.952589][ T6593] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  160.972214][ T6593] RSP: 002b:00007fc3d8611028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  160.980644][ T6593] RAX: ffffffffffffffda RBX: 00007fc3d7a15fa0 RCX: 00007fc3d779ce59
[  160.988625][ T6593] RDX: 0000200000002280 RSI: 0000000000008914 RDI: 0000000000000004
[  160.996610][ T6593] RBP: 00007fc3d7832e6f R08: 0000000000000000 R09: 0000000000000000
[  161.004599][ T6593] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  161.012619][ T6593] R13: 00007fc3d7a16038 R14: 00007fc3d7a15fa0 R15: 00007ffc023668d8
[  161.020621][ T6593]  </TASK>
[  162.317371][ T6593] mac80211_hwsim hwsim8 syzkaller0: entered promiscuous mode
[  162.329825][ T6593] mac80211_hwsim hwsim8 syzkaller0: entered allmulticast mode