last executing test programs:

7m42.044068901s ago: executing program 2 (id=50):
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000180)}], 0x1}, 0x20004800)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f00000003c0)=[{0x0, 0x4, 0xd}, {0x10000002, 0x0, 0xf, 0x6}], 0x10, 0x4000000}, 0xfe33)
r0 = socket$kcm(0x2, 0x5, 0x84)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
close(r2)
recvmsg$unix(r1, &(0x7f0000000400)={0x0, 0x0, 0x0}, 0x0)
setsockopt$sock_attach_bpf(r0, 0x84, 0x6e, &(0x7f0000000000), 0x10)
r3 = socket$kcm(0x2, 0x5, 0x84)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
close(r5)
recvmsg$unix(r4, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r6=>0xffffffffffffffff]}}], 0x18}, 0x0)
setsockopt$sock_attach_bpf(r3, 0x84, 0x11, &(0x7f0000000000)=r6, 0x8)

7m41.673275072s ago: executing program 2 (id=53):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8c}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = creat(&(0x7f0000000000)='./file0\x00', 0xd931d3864d39dcdb)
r4 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
close(r3)
r5 = open(&(0x7f0000000300)='./file0\x00', 0x400, 0x0)
fcntl$setlease(r5, 0x400, 0x1)
r6 = memfd_create(&(0x7f0000000180)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xecz\xabq\x95t*T9\xa9\b X \x04\"\x17\xbf\xcb\xccF\xda\xcf\xdd^\xa0\x15\xc0\xcb^h>\x1b\xb5d\xc7\x7f0\x9a&\xb0\x12#\x9c`\xa6\xed\x05\x95g\a\xccYb\xaf\xe9\xb6G?\x9f\xf5\xfe\xc1\xc0JJ\xc8\xd9d\x80\x13\x8fX\xb4\x19\xc4\\\xcb\x89-)\x90\x01\v\xac^\xdbBQ|\xaej;\x92\\\xf8u\x19Y\xee\x99EI\xf1t\xadn<\x9b\xc9\x87\xd0\xa7\x1a\x81\xb9\xc87sq\xd7\x15\xd6\x91O\x9c\x99!9>\xff\xa8\xfa\xe6=d\xcf\xca\xa9\xc61!\xc6P\x13\xd0\x88gZ\xbe\xdfl\xfa\xff\xb0m;d07tx\xbb\xabd\xe5\x16\xc4\xae\xf0', 0x0)
write$binfmt_script(r6, &(0x7f0000000340)={'#! ', './file0'}, 0xb)
execveat(r6, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)

7m39.393812215s ago: executing program 2 (id=57):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
close(r0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000001540)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f00000007c0)=ANY=[@ANYRES32=r4, @ANYRES32=r3, @ANYBLOB='&'], 0x10)
sendmsg$inet(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000bc0)=[{&(0x7f0000000780)='}', 0x1}], 0x1}, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r4}, &(0x7f0000000000), &(0x7f00000002c0)=r0}, 0x20)
sendmsg$inet(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000001740)=[{&(0x7f0000000280)='>', 0x22fe0}], 0x1}, 0x0)
recvmsg$unix(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)=[{0x0}], 0x1}, 0x2002)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
r5 = openat$vmci(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r5, 0x7a0, 0x0)
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r5, 0x7a8, 0x0)
r6 = syz_io_uring_setup(0x9e, &(0x7f0000000640)={0x0, 0x5867, 0x800, 0xfffffffc, 0x1bd}, &(0x7f0000000040)=<r7=>0x0, &(0x7f00000001c0)=<r8=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f00000002c0)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r7, r8, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x4007, @fd_index=0x4, 0x0, &(0x7f0000000100)=[{&(0x7f0000001800)=""/216, 0xd8}], 0x1})
io_uring_enter(r6, 0x100847c0, 0x0, 0x1, 0x0, 0x0)

7m39.185359068s ago: executing program 2 (id=58):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./bus\x00', 0x400e, &(0x7f0000000280)={[{@i_version}, {@nobh}, {@data_err_ignore}, {@nolazytime}, {@init_itable_val={'init_itable', 0x3d, 0x4}}, {@acl}]}, 0x1, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuset.effective_cpus\x00', 0x275a, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuset.effective_cpus\x00', 0x275a, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
ftruncate(r1, 0x2000009)
write$cgroup_int(r0, &(0x7f00000000c0), 0x12)
write$binfmt_script(r1, 0x0, 0x0)

7m38.618358251s ago: executing program 2 (id=62):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$tipc(0x1e, 0x5, 0x0)
ioctl$BTRFS_IOC_SCRUB_PROGRESS(r1, 0xc400941d, &(0x7f0000004bc0)={<r4=>0x0, 0x9, 0x9, 0x1})
ioctl$BTRFS_IOC_DEV_INFO(r2, 0xd000941e, &(0x7f0000004fc0)={r4, "43eb4480b01a67be9b6fce980d421cc3"})
bind$tipc(r3, &(0x7f0000000040)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10)
r5 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r5, &(0x7f0000000200)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x0, 0xfffffffd}}, 0x10)
bind$tipc(r5, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x0, 0x2}}, 0x10)
r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000300)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r6, 0x4018620d, 0x0)
r7 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r7, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r8 = dup3(r7, 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r7, 0xc0306201, &(0x7f0000000540)={0x10, 0x0, &(0x7f0000000440)=[@request_death={0x400c6313}], 0x0, 0x1000000, 0x0})
ioctl$BINDER_WRITE_READ(r8, 0xc0306201, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x4e, 0x0, &(0x7f0000000140)="d2ffb49ede31518d65a476b76e4a4e0b75db47c327ab597233001000006db41df04709094056af33a6db1e301a74db81f27f6aa6a8ca9d22a565ff96d46e88fa99b284c26c46494072fc2e47da24"})
ioctl$BINDER_WRITE_READ(r8, 0xc0306201, &(0x7f0000000640)={0x8, 0x0, &(0x7f0000000000)=[@decrefs={0x40086315}], 0x0, 0x0, 0x0})
bind$tipc(0xffffffffffffffff, &(0x7f00000000c0)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r3, 0x10f, 0x87, &(0x7f0000000000)={0x42, 0x1}, 0x10)
bind$tipc(r3, 0x0, 0x0)
close(r3)

7m35.347111761s ago: executing program 2 (id=71):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
sendmsg$IPCTNL_MSG_CT_GET_STATS(0xffffffffffffffff, 0x0, 0x40040)
add_key(&(0x7f0000000080)='pkcs7_test\x00', 0x0, &(0x7f0000000000)="100c0608262300ba8b0ad775b31b", 0xe, 0xfffffffffffffffc)

7m34.402628916s ago: executing program 32 (id=71):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
sendmsg$IPCTNL_MSG_CT_GET_STATS(0xffffffffffffffff, 0x0, 0x40040)
add_key(&(0x7f0000000080)='pkcs7_test\x00', 0x0, &(0x7f0000000000)="100c0608262300ba8b0ad775b31b", 0xe, 0xfffffffffffffffc)

13.38287299s ago: executing program 0 (id=1474):
socket$inet6_sctp(0xa, 0x5, 0x84)
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'team0\x00', <r1=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=ANY=[@ANYBLOB="4c0000001000fbff27bd7002fedbdf2500000000", @ANYRES32=0x0, @ANYBLOB="14100400040004001c00128009000100766c616e000000000c000280060001000400000008000500", @ANYRES32=r0, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r1], 0x4c}, 0x1, 0x0, 0x0, 0x28001}, 0x8000002)

13.236253189s ago: executing program 0 (id=1476):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000180)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setsockopt$inet_udp_encap(0xffffffffffffffff, 0x11, 0x64, &(0x7f0000000180)=0x3, 0x4)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r2 = syz_clone(0xa1302400, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r2)
ptrace(0x8, r2)
r3 = syz_pidfd_open(r2, 0x0)
process_mrelease(r3, 0x700000000000000)

11.816477991s ago: executing program 4 (id=1484):
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000000140)={0x0, {{0xa, 0x0, 0x0, @mcast2}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000000a80)={0xb, {{0xa, 0x0, 0x0, @mcast2}}, 0x0, 0x2, [{{0xa, 0x4e20, 0x0, @remote}}, {{0xa, 0x0, 0x0, @private1}}]}, 0x190)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='ns\x00')
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r2 = socket$inet6(0xa, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x1, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000197, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
fsopen(0x0, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x12, 0x4, 0x8, 0x8}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x3, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffffd}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
getsockopt$IP6T_SO_GET_REVISION_MATCH(r2, 0x29, 0x44, &(0x7f0000000700)={'icmp\x00'}, &(0x7f00000006c0)=0x1e)
r6 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r6)
exit(0x100000000000035)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r7, 0x29, 0x40, &(0x7f0000000000)=@filter={'filter\x00', 0x4, 0x4, 0x538, 0xffffffff, 0x398, 0xe8, 0x398, 0xfeffffff, 0xffffffff, 0x468, 0x468, 0x468, 0xffffffff, 0x4, 0x0, {[{{@ipv6={@dev={0xfe, 0x80, '\x00', 0x29}, @private2, [0xffffffff, 0xff000000, 0xff, 0xffffff00], [0xffffff00, 0xffffffff, 0xff000000, 0xffffffff], 'hsr0\x00', 'sit0\x00', {}, {}, 0x87, 0x3, 0x4, 0x5}, 0x2f2, 0xa8, 0xe8}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00', 0x0, 0x5, {0x7}}}}, {{@ipv6={@private2, @empty, [0xff], [0x0, 0x0, 0xff000000], 'sit0\x00', 'batadv_slave_1\x00', {}, {}, 0x0, 0x0, 0x6}, 0x0, 0x270, 0x2b0, 0x0, {}, [@common=@srh1={{0x90}, {0x2, 0xe, 0x6, 0x5, 0x9, @remote, @local, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, [0x0, 0xff, 0xffffff00, 0xffffff00], [0xff, 0xffffff00, 0xff, 0xffffff00], [0x0, 0xffffffff, 0x0, 0xff], 0x1010, 0x11}}, @common=@rt={{0x138}, {0x401, [0xfffffffe], 0x1, 0x2, 0x3, [@remote, @empty, @remote, @remote, @remote, @mcast1, @mcast2, @private0={0xfc, 0x0, '\x00', 0x1}, @empty, @mcast2, @private0={0xfc, 0x0, '\x00', 0x1}, @ipv4={'\x00', '\xff\xff', @private=0xa010101}, @remote, @rand_addr=' \x01\x00', @mcast1, @private1={0xfc, 0x1, '\x00', 0x1}], 0x9}}]}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00', 0x0, 0x1, {0x2000010}}}}, {{@uncond, 0x0, 0xa8, 0xd0}, @REJECT={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x598)
tkill(r6, 0x12)
wait4(0x0, 0x0, 0x8, 0x0)
fchdir(r1)
truncate(&(0x7f0000003b40)='./mnt\x00', 0x8)

10.708642246s ago: executing program 4 (id=1485):
r0 = socket$alg(0x26, 0x5, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x0}, 0x94)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bind$alg(r0, &(0x7f0000000440)={0x26, 'hash\x00', 0x0, 0x0, 'sha256\x00'}, 0x58)
r2 = accept$alg(r0, 0x0, 0x0)
r3 = dup(r2)
r4 = open(&(0x7f00000000c0)='./file1\x00', 0x12fbc2, 0x0)
ftruncate(r4, 0x200004)
sendfile(r3, r4, 0x0, 0x80001d00c0d5)

10.341289087s ago: executing program 4 (id=1487):
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
userfaultfd(0x80001)
r1 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0xa0301, 0x0)
ioctl$SNDCTL_DSP_CHANNELS(r1, 0xc0045006, &(0x7f0000000180)=0x6f)
openat$dsp1(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
write$dsp(r1, &(0x7f00000012c0)="a52876", 0x3)
pselect6(0x40, &(0x7f0000000240)={0x0, 0x0, 0x1ff, 0x7d, 0x0, 0x8000, 0x4, 0x1}, 0x0, &(0x7f00000002c0)={0x3ff, 0x6, 0xffffffffffffffff, 0x9, 0x0, 0xf, 0x80000006}, 0x0, 0x0)

9.490991247s ago: executing program 0 (id=1488):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
socket$nl_route(0x10, 0x3, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x1f, 0x2, &(0x7f0000001c40)=ANY=[@ANYBLOB="85000000a800000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x13}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="020000000400000006000000", @ANYRES8=r1], 0x66)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="0c000000040000000400000009"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000024c0), &(0x7f0000001280), 0xffffffff, r4}, 0x38)

8.266891888s ago: executing program 4 (id=1491):
socket$inet6_sctp(0xa, 0x5, 0x84)
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000000)={'team0\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=ANY=[@ANYBLOB="4c0000001000fbff27bd7002fedbdf2500000000", @ANYRES32=0x0, @ANYBLOB="14100400040004001c00128009000100766c616e000000000c000280060001000400000008000500", @ANYRES32, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r1], 0x4c}, 0x1, 0x0, 0x0, 0x28001}, 0x8000002)

8.0689182s ago: executing program 4 (id=1492):
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x68c81, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x1)
r5 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000024882, 0x0)
r6 = dup(r5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x13, r6, 0x2000)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1)
ioctl$KVM_PRE_FAULT_MEMORY(r4, 0xc040aed5, &(0x7f00000000c0)={0xf000, 0x118000})

7.947112787s ago: executing program 0 (id=1493):
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000000140)={0x0, {{0xa, 0x0, 0x0, @mcast2}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000000a80)={0xb, {{0xa, 0x0, 0x0, @mcast2}}, 0x0, 0x2, [{{0xa, 0x4e20, 0x0, @remote}}, {{0xa, 0x0, 0x0, @private1}}]}, 0x190)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='ns\x00')
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r2 = socket$inet6(0xa, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x1, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000197, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
fsopen(0x0, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x12, 0x4, 0x8, 0x8}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x3, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffffd}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
getsockopt$IP6T_SO_GET_REVISION_MATCH(r2, 0x29, 0x44, &(0x7f0000000700)={'icmp\x00'}, &(0x7f00000006c0)=0x1e)
r6 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r6)
exit(0x100000000000035)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r7, 0x29, 0x40, &(0x7f0000000000)=@filter={'filter\x00', 0x4, 0x4, 0x538, 0xffffffff, 0x398, 0xe8, 0x398, 0xfeffffff, 0xffffffff, 0x468, 0x468, 0x468, 0xffffffff, 0x4, 0x0, {[{{@ipv6={@dev={0xfe, 0x80, '\x00', 0x29}, @private2, [0xffffffff, 0xff000000, 0xff, 0xffffff00], [0xffffff00, 0xffffffff, 0xff000000, 0xffffffff], 'hsr0\x00', 'sit0\x00', {}, {}, 0x87, 0x3, 0x4, 0x5}, 0x2f2, 0xa8, 0xe8}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00', 0x0, 0x5, {0x7}}}}, {{@ipv6={@private2, @empty, [0xff], [0x0, 0x0, 0xff000000], 'sit0\x00', 'batadv_slave_1\x00', {}, {}, 0x0, 0x0, 0x6}, 0x0, 0x270, 0x2b0, 0x0, {}, [@common=@srh1={{0x90}, {0x2, 0xe, 0x6, 0x5, 0x9, @remote, @local, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, [0x0, 0xff, 0xffffff00, 0xffffff00], [0xff, 0xffffff00, 0xff, 0xffffff00], [0x0, 0xffffffff, 0x0, 0xff], 0x1010, 0x11}}, @common=@rt={{0x138}, {0x401, [0xfffffffe], 0x1, 0x2, 0x3, [@remote, @empty, @remote, @remote, @remote, @mcast1, @mcast2, @private0={0xfc, 0x0, '\x00', 0x1}, @empty, @mcast2, @private0={0xfc, 0x0, '\x00', 0x1}, @ipv4={'\x00', '\xff\xff', @private=0xa010101}, @remote, @rand_addr=' \x01\x00', @mcast1, @private1={0xfc, 0x1, '\x00', 0x1}], 0x9}}]}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00', 0x0, 0x1, {0x2000010}}}}, {{@uncond, 0x0, 0xa8, 0xd0}, @REJECT={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x598)
tkill(r6, 0x12)
wait4(0x0, 0x0, 0x8, 0x0)
fchdir(r1)
truncate(&(0x7f0000003b40)='./mnt\x00', 0x8)

5.207174986s ago: executing program 0 (id=1497):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000240)={0x0, 0x20, 0x30}, 0xc)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty}, 0x1c)
sendto$inet6(r0, &(0x7f0000000180)='\x00', 0x1, 0x24000010, &(0x7f0000000200)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r0, &(0x7f0000000c80)="7cffa9061b2f8b082b6f69ae50430c8a8b6aa3162ba083c4a52e1ab0ac50ed4a19b1a69988000d5bed4433daaa4932dbb1cb3550dee8b23579d76ce37d574b43fca1eed8ebd38d1303240ed0d84517692128dd5aef5c4d60a6659952a1437c6f0ac3ed75806011ccbaa504f41a7e0abcf8823bc4a71ef8c52c2b297b539eaf752c56ebfe9b0542543069257dafcbf76c958d4cbf4eaaa67c5c2bd9e6518be34b56add7613ab83d389724b664e62c154e1a5aac073a53a0e8cadcf51ef495ebbcc77d5e36ff24c3f282289cc077374b714e08fbfecbdc8f14ef3fd409af4caf6fcb7d663beab335f239a1e93b399c93d7c036e1b39a7c477945f82b6dde53b1c21b590a58ba688ac4fb530d2c5b1195a127d2eaec840ab59f090d7047c278611e080cebe7b28588c11a44be99fe6f88c73441bf625b70565669997f4c3cda5afe1d6429908a69a459d35ba8c2f28076d8711f2667de749a783fac94ebd02680f20fb723c35c287a1f45064846385750665ffa74579083fbb1b1d6b7c90168252b1c5313544569203e7adb8e271a94f7413e5cfd6aa3157c4fc29bddba3683fcd032aecb513b2f27530fbefa0000000000000003c058e812d8db87de5e3eceae268b91f7d59daf77646fa4df99877dd5a9540934c7af91b96486eea62897be6acbe1bae8e46b112f1385e7cea9e4daccc6f1b98ce3b4322af8299a45ddcb5be8d3e469fdde9896ca324a2f3c88c616a7dccde331698ce2d39f96220251011b4dfbec953b5c30e94adb5586cec0af234859805bb7df1101ae80318ff127e913178d79cfa918d54585b6184255e872e2dc33a5c7c30a756bbd63c32a3e6a22863781747d185acb64583976c4289394d642b07d18e2932d0a78bd2ccf92b3e94e82f1e9239fa272402f4c9efcf068709a44d6f652a4f23df89f9a15e6bf0c7e65d8f3e32c35e83d30298074d16cb5ff4ded1df81009bbae888fceb9a8109ba319605e1776e52d2069b5cd7de07cf8dc488ba6a9c7559ff49674a490991f323736f302004007d0ccf2e5eaceac6b56f48f2b00592d7a378f118d8b3e5ecd2035c8252374c91bc79cf26ac11ddffe2c09e1aa032da0713732387f950e3f4e301eb1d26e5a2b19318e50d555c832e279894d8c9b03e8940738c0fe391b29907d0d5f9214d6e697a19247f4e8221aca2ac47debd7c45b8344941cbecbaf44af343b24a4f88caf207d72002fb8b7d156997cb7275f535e6a9d6480046246e60bea0cf6f54abc69ff9418b6cb9301eb6890227215b633a886fb13c89698e51e482c42ca99613b20e22e5ce15272f5bda8b18cf53d49130a94135dd8a9692c", 0x34000, 0xbcff, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000080), 0xc)
writev(r0, &(0x7f0000001300)=[{&(0x7f0000000100)='^', 0xfdef}], 0x1)

4.97479652s ago: executing program 3 (id=1498):
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x40)
socket(0xa, 0x1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)
pipe(&(0x7f00000001c0))
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
ioctl$DRM_IOCTL_SET_CLIENT_CAP(0xffffffffffffffff, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(0xffffffffffffffff, 0xc01064b5, &(0x7f0000000040)={&(0x7f0000000100)=[0x0], 0x1})
r0 = syz_open_dev$dri(&(0x7f0000000300), 0x40100001, 0x189002)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[<r1=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_ATOMIC(0xffffffffffffffff, 0xc03864bc, &(0x7f0000000140)={0x1, 0x1, &(0x7f00000000c0)=[r1], &(0x7f0000000180), &(0x7f0000000200), &(0x7f0000000180)=[0x2], 0x0, 0x1})

4.910593304s ago: executing program 3 (id=1499):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x4b2dfe21750f744b, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdir(0x0, 0x5)
inotify_init1(0x800)
rmdir(&(0x7f0000000100)='./control\x00')
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000380)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSET={0x44, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0xfffffffc}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x14}]}, @NFT_MSG_NEWSETELEM={0x3c, 0xc, 0xa, 0x101, 0x0, 0x0, {0xa, 0x0, 0x6}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x10, 0x3, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}]}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0xa8}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
sendmsg$NFT_MSG_GETSETELEM(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)={0x2c, 0xd, 0xa, 0x301, 0x0, 0x0, {0xa, 0x0, 0x1}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}]}, 0x2c}, 0x1, 0x0, 0x0, 0x24000801}, 0x8000)

3.77097919s ago: executing program 3 (id=1501):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
socket$nl_route(0x10, 0x3, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x1f, 0x2, &(0x7f0000001c40)=ANY=[@ANYBLOB="85000000a800000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x13}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="020000000400000006000000", @ANYRES8=r1], 0x66)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="0c000000040000000400000009"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000024c0), &(0x7f0000001280), 0xffffffff, r4}, 0x38)

2.519227983s ago: executing program 1 (id=1502):
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000008c0)=@bpf_tracing={0x1a, 0x0, 0x0, &(0x7f0000000040)='GPL\x00', 0x5455, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, 0x1c, 0xffffffffffffffff, 0x8, &(0x7f0000000340)={0x2, 0x1}, 0x8, 0x10, 0x0, 0x0, 0x1772a, 0xffffffffffffffff, 0x1, &(0x7f0000000700)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000000880)=[{0x4, 0x4, 0xf}], 0x10, 0x11d}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
openat$sw_sync(0xffffffffffffff9c, 0x0, 0xf6081, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
creat(&(0x7f0000000080)='./file0\x00', 0xecf86c37d53049cc)
mount$nfs4(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='tcp'])

2.387623311s ago: executing program 1 (id=1503):
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r3)
socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r3, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r3, 0x9)
r4 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r4, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)

2.344749403s ago: executing program 0 (id=1504):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000980)=ANY=[@ANYBLOB="120100009080e140fc044a500243010203010902120001000000000904"], 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000b80)={0x84, &(0x7f0000000180)={0x40, 0xe, 0x1, "01"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

1.611030836s ago: executing program 3 (id=1505):
syz_mount_image$xfs(&(0x7f0000000100), &(0x7f0000000000)='./file1\x00', 0x4004000, &(0x7f0000000140)={[{@qnoenforce}, {@nodiscard}, {@nouuid}, {@usrquota}, {@inode32}, {@pquota}, {@lazytime}, {@usrquota}, {@gquota}, {}]}, 0x1, 0x975c, &(0x7f000001c600)="$eJzs/QWcbXWhuP/PgUM3giBSUmKSEqJIhyJKihKCtKSACCgdSqigCCjd3d2d0t3d3R3/14EDKj5wvd/f/V+8Ps/zYmbPjlnz2Z/3Wou9Z83Ze6n5FptrYGDMgfd6//RvXbTbvcstPtpC6528y+Bb9t5x4SeGXjz8eydjzTH0dM6hp3MNDAwMGrqcQe9dNnj2k04eZmDwwJD//taoI408zKgDAyMPPTt0OQMzv3cyyiHv3+6dD8UDnXTIj9vhvY93G23IQoZ8sczyb609MDAw4t99/5BxTftPd1TaUnPOP9/frD5wG2bo1YP+dt27p4Pf+xjlgIGBUfYb+Oj1Y8hth/u77/3fbMjPHHPygSXu/QR+9v+5lppz/gU/5D9kWxx26GUzD9nGP7wNGvvwer7jYms8NnQKBw2duMF/t718Euv9/1NLzTnfQgMfvR0PLDzvpo++8+5+c/A8AwOD5x0YGDzfwMDg+T9pj/qf6RNd+aqqquoTac65ZhjynH2YDz0eGPH9x7X0uPCyN6d7cGBg8MLvPU8cvPz7zwWrqqqqqqqq6t+zOeeaYW54/j/mxz3/n/TMbcbq+X9VVVVVVVXV/50WnHOuGYY81//Q8//xP+75/7OPH33we3/7P8fM733X25/snaiqqqqqqqqqj22+BfH5/6Qf9/z/ipMmvbrn/1VVVVVVVVX/d1r0nXfe2fzvXmdv6MVTv389Pf8/+5G7l/3EBlxVVVVVVVVV/+3efuqMc/72mu8TD3zo9d7fbejvBQYdd961135iA/33aNA//z5ki096TP9fG+I84hGTDgysvcQnPZT6BPo/81r19f+X8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/cR9x/P+D1/8/+4QV338v+M9POcOtZ/ztO9997//BCy/41Jaf0NA/if5Tj/8PrD5oYGCo75irDwwMLDznootPPTAwcMatM0w5xcAH180y5LrZxh723TeIf/+ficw7Fi94i8neOx2yogyM88Eyjnt3+Qu+s/+wgz40iL9rrFMOPni1pV6Z8cOnU330/Rjmg69GO/nx9/8tyzAfutGIH/HN7y///fvyYeehY596yNin2WCtdadZf+NNvrL6WiusuvKqK6896/QzTTfjrLPONNM0q6y+5srTvvf5o+Zs0nc/z/2vzNmoH56zp+b8+zn78H37qDmb9OPn7N0l7nr5iN96f84G/zfnbO6Pn7NJVx/6g8aaY7iB5d+dm0EDA2PNM9zARkPOTDfCwMBY8w697fhDbvuNsYcZGNj5b3d0yFcjfLAODtpiyG2Wmm+xud7bTQ0M/O30b33E+9kPP3Tkcww9nXPo6Vzv/ZgxB/62Kg6e/aSThxkyF/8wHaOONPIwow4MjDz07NDlDMz63snIZ75/u494n/UPDfTdl1nZ4b2PdxttYGBglCFfTLzC2dsOmfr/hfdp/3/6//8/ec0y6IP1cdDQj6G3ec9rzvkX/NvPencahszdsEMvm3mIyf/wW9v/Q/803klHHJj0Y8b7Ma+L8260fq15xrhb/U+9Lg6Nd/yPGe/HvI7vR453yQf3eOy9Rf2PjfdD+7qF3v08x7+yrxv4+H3dsLSAla+a6MP7uu989BD/YXf5/hyN8KEbfdS+bvy9JtliyPLn+Ph93UJDxj7cP+zrhhkYGGvu9/d1Q3Z88w03sPOQM9MPOTP/cAOHDTkzw7tnRho4b8iZr664zporDblggX9eD6Ye9A9/oAnb2Xwf2s4G/d19H/Shv+8c/N7pKAe8/x5OH7HfHDT0bv2X+wpab8f8mPF+zPtP4TwPuWyl40cc93/q/adovCN+/Hg/6v2yP3K8O7189r3/w+P9YDsb7u+ma4F/ZTub9B+3syF3cdi/2zL+1cdhK8Ht3/t6/A+WtuFmj3/wmGK4Dy33v3pMscDHb2djrv6h79t+v4FBHzc38/8rczPhP+2Dtvz7uflXH29NPfl71w/7MXMzwqzLTfX+3Az/35yb+f+7czPHwLD/ODeDB+YdGBiYYuj+Yb5/ZW7G//i5+VfXm5Hh9u99vfIHF82z4xGXvD83H56L/2pu5vvvzs2kH6w3U7x73WTDDAw//MBGK2ywwXrTvff5/bPTv/f547fBef6VuRzzf2YuJxj8UXP5t1V11AevPuC/2Ab/aZ/+/vLn+e/O5cAHczmw+oc3lvp3rd//ucvfXf7u8neXv7v83eUv7iOO/3/w+v+7jznbLkN/uTHc1ZOMt90nPd5PuP/o4/9Dff/h+P92401y9TADH1z3scdn37vNv+Xx2ZnfOxnlkPdv9+HjgzzQjz4+u9+sM2/zv3R89v+p97fVf+H3cO3/3eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/uI+4vj/tO//HcAj0y3y/NADocM9sfXSi3zS4/2E+48+/j/U9x+O/y+y9NZPDDPwwXUfe/z/vds4jv/f/8Z8O/07H/9/f1vt+H/9F+XvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/uI+4vj/HO//HcDRR++xyft/D3DjWDuc8UmP9xPuP/X4f+//7639v7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y1/c0OP/Ax96e8vvt15gcPz//3Yf4b9I/pjFf9H8MYv/YvljFv/F88cs/kvkj1n8l8wfs/j/IH/M4r9U/pjF/4f5Yxb/H+WPWfyXzh+z+C+TP2bxXzZ/zOK/XP6Yxf/H+WMW/+Xzxyz+K+SPWfx/kj9m8V8xf8ziv1L+mMV/5fwxi/8q+WMW/1Xzxyz+q+WPWfxXzx+z+P80f8ziv0b+mMV/zfwxi/9a+WMW/7Xzxyz+6+SPWfzXzR+z+P8sf8ziv17+mMV//fwxi/8G+WMW/5/nj1n8N8wfs/j/In/M4r9R/pjFf+P8MYv/JvljFv9f5o9Z/H+VP2bx3zR/zOK/Wf6YxX/z/DGL/xb5Yxb/LfPHLP5b5Y9Z/LfOH7P4b5M/ZvHfNn/M4r9d/pjF/9f5Yxb/3+SPWfy3zx+z+O+QP2bx3zF/zOK/U/6Yxf+3+WMW/9/lj1n8f58/ZvHfOX/M4r9L/pjF/w/5Yxb/P+aPWfx3zR+z+P8pf8ziv1v+mMV/9/wxi/8e+WMW/z/nj1n8/5I/ZvHfM3/M4r9X/pjFf+/8MYv/PvljFv9988cs/vvlj1n8988fs/gfkD9m8T8wf8zif1D+mMX/4Pwxi/8h+WMW/0Pzxyz+h+WPWfwPzx+z+B+RP2bxPzJ/zOJ/VP6Yxf/o/DGL/zH5Yxb/Y/PHLP7H5Y9Z/I/PH7P4n5A/ZvE/MX/M4n9S/pjF/+T8MYv/KfljFv9T88cs/qflj1n8T88fs/ifkT9m8T8zf8zif1b+mMX/7Pwxi/85+WMW/3Pzxyz+5+WPWfzPzx+z+F+QP2bxvzB/zOJ/Uf6Yxf/i/DGL/yX5Yxb/S/PHLP6X5Y9Z/C/PH7P4X5E/ZvH/a/6Yxf/K/DGL/1X5Yxb/q/PHLP7X5I9Z/K/NH7P4X5c/ZvG/Pn/M4n9D/pjF/8b8MYv/TfljFv+b88cs/rfkj1n8b80fs/jflj9m8b89f8zif0f+mMX/zvwxi/9d+WMW/7vzxyz+9+SPWfzvzR+z+N+XP2bxvz9/zOL/QP6Yxf/B/DGL/0P5Yxb/h/PHLP6P5I9Z/B/NH7P4P5Y/ZvF/PH/M4v9E/pjF/8n8MYv/U/ljFv+n88cs/s/kj1n8n80fs/g/lz9m8X8+f8zi/0L+mMX/xfwxi/9L+WMW/5fzxyz+r+SPWfxfzR+z+L+WP2bxfz1/zOL/Rv6Yxf/N/DGL/1v5Yxb/t/PHLP7v5I9J/AcN5I9Z/Aflj1n8h8kfs/gPmz9m8R+cP2bxHy5/zOI/fP6YxX+E/DGL/4j5Yxb/kfLHLP4j549Z/EfJH7P4j5o/ZvEfLX/M4j96/pjFf4z8MYv/mPljFv+x8scs/mPnj1n8P5U/ZvEfJ3/M4j9u/pjF/9P5Yxb/8fLHLP7j549Z/D+TP2bxnyB/zOL/2fwxi/+E+WMW/4nyxyz+E+ePWfwnyR+z+E+aP2bx/1z+mMV/svf9R/yExvVvmsV/8rZ/zOI/Rf6YxX/K/DGL/1T5Yxb/z+ePWfynzh+z+H8hf8zi/8X8MYv/l/LHLP5fzh+z+H8lf8zi/9X8MYv/NPljFv9p88cs/tPlj1n8p88fs/jPkD9m8Z8xf8zi/7X8MYv/TPljFv+Z88cs/rPkj1n8Z80fs/h/PX/M4j9b/pjF/xv5Yxb/b+aPWfxnzx+z+H8rf8ziP0f+mMV/zvwxi/9c+WMW/7nzxyz+8+SPWfznzR+z+M+XP2bxnz9/zOK/QP6YxX/B/DGL/7fzxyz+38kfs/gvlD9m8f9u/pjFf+H8MYv/9/LHLP7fzx+z+C+SP2bxXzR/zOK/WP6YxX/x/DGL/xL5Yxb/JfPHLP4/yB+z+C+VP2bx/2H+mMX/R/ljFv+l88cs/svkj1n8l80fs/gvlz9m8f9x/pjFf/n8MYv/CvljFv+f5I9Z/FfMH7P4r5Q/ZvFfOX/M4r9K/pjFf9X8MYv/avljFv/V88cs/j/NH7P4r5E/ZvFfM3/M4r9W/pjFf+38MYv/OvljFv9188cs/j/LH7P4r5c/ZvFfP3/M4r9B/pjF/+f5Yxb/DfPHLP6/yB+z+G+UP2bx3zh/zOK/Sf6Yxf+X+WMW/1/lj1n8N80fs/hvlj9m8d88f8ziv0X+mMV/y/wxi/9W+WMW/63zxyz+2+SPWfy3zR+z+G+XP2bx/3X+mMX/N/ljFv/t88cs/jvkj1n8d8wfs/jvlD9m8f9t/pjF/3f5Yxb/3+ePWfx3zh+z+O+SP2bx/0P+mMX/j/ljFv9d88cs/n/KH7P475Y/ZvHfPX/M4r9H/pjF/8/5Yxb/v+SPWfz3zB+z+O+VP2bx3zt/zOK/T/6YxX/f/DGL/375Yxb//fPHLP4H5I9Z/A/MH7P4H5Q/ZvE/OH/M4n9I/pjF/9B/9H/4f31c/6ZZ/A9r+8cs/ofnj1n8j8gfs/gfmT9m8T8qf8zif3T+mMX/mPwxi/+x+WMW/+Pyxyz+x+ePWfxPyB+z+J+YP2bxPyl/zOJ/cv6Yxf+U/DGL/6n5Yxb/0/LHLP6n549Z/M/IH7P4n5k/ZvE/K3/M4n92/pjF/5z8MYv/ufljFv/z8scs/ufnj1n8L8gfs/hfmD9m8b8of8zif3H+mMX/kvwxi/+l+WMW/8vyxyz+l+ePWfyvyB+T+L9b/v+cxH/QlfljFv+r8scs/lfnj1n8r8kfs/hfmz9m8b8uf8zif33+mMX/hvwxi/+N+WMW/5vyxyz+N+ePWfxvyR+z+N+aP2bxvy1/zOJ/e/6Yxf+O/DGL/535Yxb/u/LHLP53549Z/O/JH7P435s/ZvG/L3/M4n9//pjF/4H8MYv/g/ljFv+H8scs/g/nj1n8H8kfs/g/mj9m8X8sf8zi/3j+mMX/ifwxi/+T+WMW/6fyxyz+T+ePWfyfyR+z+D+bP2bxfy5/zOL/fP6Yxf+F/DGL/4v5Yxb/l/LHLP4v549Z/F/JH7P4v5o/ZvF/Lf/h6UKL/+v5Yxb/N/LHLP5v5o9Z/N/KH7P4v50/ZvF/J39M4v/ul/n/cxb/QfljFv9h8scs/sPmj1n8B+ePWfyHyx+z+A+fP2bxHyF/zOI/Yv6YxX+k/DGL/8j5Yxb/UfLHLP6j5o9Z/EfLH7P4j54/ZvEfI3/M4j9m/pjFf6z8MYv/2PljFv9P5Y9Z/MfJH7P4j5s/ZvH/dP6YxX+8/DGL//j5Yxb/z+SPWfwnyB+z+H82f8ziP2H+mMV/ovwxi//E+WMW/0nyxyz+k+aPWfw/lz9m8Z8sf8ziP3n+mMV/ivwxi/+U+WMW/6nyxyz+n88fs/hPnT9m8f9C/pjF/4v5Yxb/L+WPWfy/nD9m8f9K/pjF/6v5Yxb/afLHLP7T5o8Numi34QYGBv7j/afLH7Ns/9Pnj1n8Z8gfs/jPmD9m8f9a/pjFf6b8MYv/zPljFv9Z8scs/rPmj1n8v54/ZvGfLX/M4v+N/DGL/zfzxyz+s+ePWfy/lT9m8Z8jf8ziP2f+mMV/rvwxi//c+WMW/3nyxyz+8+aPWfznyx+z+M+fP2bxXyB/zOK/YP6Yxf/b+WMW/+/kj1n8F8ofs/h/N3/M4r9w/pjF/3v5Yxb/7+ePWfwXyR+z+C+aP2bxXyx/zOK/eP6YxX+J/DGL/5L5Yxb/H+SPWfyXyh+z+P8wf8zi/6P8MYv/0vljFv9l8scs/svmj1n8l8sfs/j/OH/M4r98/pjFf4X8MYv/T/LHLP4r5o9Z/FfKH7P4r5w/ZvFfJX/M4r9q/pjFf7X8MYv/6vljFv+f5o9Z/NfIH7P4r5k/ZvFfK3/M4r92/pjFf538MYv/uvljFv+f5Y9Z/NfLH7P4r58/ZvHfIH/M4v/z/DGL/4b5Yxb/X+SPWfw3yh+z+G+cP2bx3yR/zOL/y/wxi/+v8scs/pvmj1n8N8sfs/hvnj9m8d8if8ziv2X+mMV/q/wxi//W+WMW/23yxyz+2+aPWfy3yx+z+P86f8zi/5v8MYv/9vljFv8d8scs/jvmj1n8d8ofs/j/Nn/M4v+7/DGL/+/zxyz+O+ePWfx3yR+z+P8hf8zi/8f8MYv/rvljFv8/5Y9Z/HfLH7P4754/ZvHfI3/M4v/n/DGL/1/yxyz+e+aPWfz3yh+z+O+dP2bx3yd/zOK/b/6YxX+//DGL//75Yxb/A/LHLP4H5o9Z/A/KH7P4H5w/ZvE/JH/M4n9o/pjF/7D8MYv/4fljFv8j8scs/kfmj1n8j8ofs/gfnT9m8T8mf8zif2z+mMX/uPwxi//x+WMW/xPyxyz+J+aPWfxPyh+z+J+cP2bxPyV/zOJ/av6Yxf+0/DGL/+n5Yxb/M/LHLP5n5o9Z/M/KH7P4n50/ZvE/J3/M4n9u/pjF/7z8MYv/+fljFv8L8scs/hfmj1n8L8ofs/hfnD9m8b8kf8zif2n+mMX/svwxi//l+WMW/yvyxyz+f80fs/hfmT9m8b8qf8zif3X+mMX/mvwxi/+1+WMW/+vyxyz+1+ePWfxvyB+z+N+YP2bxvyl/zOJ/c/6Yxf+W/DGL/635Yxb/2/LHLP63549Z/O/IH7P435k/ZvG/K3/M4n93/pjF/578MYv/vfljFv/78scs/vfnj1n8H8gfs/g/mD9m8X8of8zi/3D+mMX/kfwxi/+j+WMW/8fyxyz+j+ePWfyfyB+z+D+ZP2bxfyp/zOL/dP6Yxf+Z/DGL/7P5Yxb/5/LHLP7P549Z/F/IH7P4v5g/ZvF/KX/M4v9y/pjF/5X8MYv/q/ljFv/X8scs/q/nj1n838gfs/i/mT9m8X8rf8zi/3b+mMX/nfwxif+wA/ljFv9B+WMW/2Hyxyz+w+aPWfwH549Z/IfLH7P4D58/ZvEfIX/M4j9i/pjFf6T8MYv/yPljFv9R8scs/qPmj1n8R8sfs/iPnj9m8R8jf8ziP2b+mMV/rPwxi//Y+WMW/0/lj1n8x8kfs/iPmz9m8f90/pjFf7z8MYv/+PljFv/P5I9Z/CfIH7P4fzZ/zOI/Yf6YxX+i/DGL/8T5Yxb/SfLHLP6T5o9Z/D+XP2bxnyx/zOI/ef6YxX+K/DGL/5T5Yxb/qfLHLP6fzx+z+E+dP2bx/0L+mMX/i/ljFv8v5Y9Z/L+cP2bx/0r+mMX/q/ljFv9p8scs/tPmj1n8p8sfs/hPnz9m8Z8hf8ziP2P+mMX/a/ljFv+Z8scs/jPnj1n8Z8kfs/jPmj9m8f96/pjFf7b8MYv/N/LHLP7fzB+z+M+eP2bx/1b+mMV/jvwxi/+c+WMW/7nyxyz+c+ePWfznyR+z+M+bP2bxny9/zOI/f/6YxX+B/DGL/4L5Yxb/b+ePWfy/kz9m8V8of8zi/938MYv/wvljFv/v5Y9Z/L+fP2bxXyR/zOK/aP6YxX+x/DGL/+L5Yxb/JfLHLP5L5o9Z/H+QP2bxXyp/zOL/w/wxi/+P8scs/kvnj1n8l8kfs/gvmz9m8V8uf8zi/+P8MYv/8vljFv8V8scs/j/JH7P4r5g/ZvFfKX/M4r9y/pjFf5X8MYv/qvljFv/V8scs/qvnj1n8f5o/ZvFfI3/M4r9m/pjFf638MYv/2vljFv918scs/uvmj1n8f5Y/ZvFfL3/M4r9+/pjFf4P8MYv/z/PHLP4b5o9Z/H+RP2bx3yh/zOK/cf6YxX+T/DGL/y/zxyz+v8ofs/hvmj9m8d8sf8ziv3n+mMV/i/wxi/+W+WMW/63yxyz+W+ePWfy3yR+z+G+bP2bx3y5/zOL/6/wxi/9v8scs/tvnj1n8d8gfs/jvmD9m8d8pf8zi/9v8MYv/7/LHLP6/zx+z+O+cP2bx3yV/zOL/h/wxi/8f88cs/rvmj1n8/5Q/ZvHfLX/M4r97/pjFf4/8MYv/n/PHLP5/yR+z+O+ZP2bx3yt/zOK/d/6YxX+f/DGL/775Yxb//fLHLP77549Z/A/IH7P4H5g/ZvE/KH/M4n9w/pjF/5D8MYv/ofljFv/D8scs/ofnj1n8j8gfs/gfmT9m8T8qf8zif3T+mMX/mPwxi/+x+WMW/+Pyxyz+x+ePWfxPyB+z+J+YP2bxPyl/zOJ/cv6Yxf+U/DGL/6n5Yxb/0/LHLP6n549Z/M/IH7P4n5k/ZvE/K3/M4n92/pjF/5z8MYv/ufljFv/z8scs/ufnj1n8L8gfs/hfmD9m8b8of8zif3H+mMX/kvwxi/+l+WMW/8vyxyz+l+ePWfyvyB+z+P81f8zif2X+mMX/qvwxi//V+WMW/2vyxyz+1+aPWfyvyx+z+F+fP2bxvyF/zOJ/Y/6Yxf+m/DGL/835Yxb/W/LHLP635o9Z/G/LH7P4354/ZvG/I3/M4n9n/pjF/678MYv/3fljFv978scs/vfmj1n878sfs/jfnz9m8X8gf8zi/2D+mMX/ofwxi//D+WMW/0fyxyz+j+aPWfwfyx+z+D+eP2bxfyJ/zOL/ZP6Yxf+p/DGL/9P5Yxb/Z/LHLP7P5o9Z/J/LH7P4P58/ZvF/IX/M4v9i/pjF/6X8MYv/y/ljFv9X8scs/q/mj1n8X8sfs/i/nj9m8X8jf8zi/2b+mMX/rfwxi//b+WMW/3fyxyT+gwfyxyz+g/LHLP7D5I9Z/IfNH7P4D84fs/gPlz9m8R8+f8ziP0L+mMV/xPwxi/9I+WMW/5Hzxyz+o+SPWfxHzR+z+I+WP2bxHz1/zOI/Rv6YxX/M/DGL/1j5Yxb/sfPHLP6fyh+z+I+TP2bxHzd/zOL/6fwxi/94+WMW//Hzxyz+n8kfs/hPkD9m8f9s/pjFf8L8MYv/RPljFv+J88cs/pPkj1n8J80fs/h/Ln/M4j9Z/pjFf/L8MYv/FPljFv8p88cs/lPlj1n8P58/ZvGfOn/M4v+F/DGL/xfzxyz+X8ofs/h/OX/M4v+V/DGL/1fzxyz+0+SPWfynzR+z+E+XP2bxnz5/zOI/Q/6YxX/G/DGL/9fyxyz+M+WPWfxnzh+z+M+SP2bxnzV/zOL/9fwxi/9s+WMW/2/kj1n8v5k/ZvGfPX/M4v+t/DGL/xz5Yxb/OfPHLP5z5Y9Z/OfOH7P4z5M/ZvGfN3/M4j9f/pjFf/78MYv/AvljFv8F88cs/t/OH7P4fyd/zOK/UP6Yxf+7+WMW/4Xzxyz+38sfs/h/P3/M4r9I/pjFf9H8MYv/YvljFv/F88cs/kvkj1n8l8wfs/j/IH/M4r9U/pjF/4f5Yxb/H+WPWfyXzh+z+C+TP2bxXzZ/zOK/XP6Yxf/H+WMW/+Xzxyz+K+SPWfx/kj9m8V8xf8ziv1L+mMV/5fwxi/8q+WMW/1Xzxyz+q+WPWfxXzx+z+P80f8ziv0b+mMV/zfwxi/9a+WMW/7Xzxyz+6+SPWfzXzR+z+P8sf8ziv17+mMV//fwxi/8G+WMW/5/nj1n8N8wfs/j/In/M4r9R/pjFf+P8MYv/JvljFv9f5o9Z/H+VP2bx3zR/zOK/Wf6YxX/z/DGL/xb5Yxb/LfPHLP5b5Y9Z/LfOH7P4b5M/ZvHfNn/M4r9d/pjF/9f5Yxb/3+SPWfy3zx+z+O+QP2bx3zF/zOK/U/6Yxf+3+WMW/9/lj1n8f58/ZvHfOX/M4r9L/pjF/w/5Yxb/P+aPWfx3zR+z+P8pf8ziv1v+mMV/9/wxi/8e+WMW/z/nj1n8/5I/ZvHfM3/M4r9X/pjFf+/8MYv/PvljFv9988cs/vvlj1n8988fs/gfkD9m8T8wf8zif1D+mMX/4Pwxi/8h+WMW/0Pzxyz+h+WPWfwPzx+z+B+RP2bxPzJ/zOJ/VP6Yxf/o/DGL/zH5Yxb/Y/PHLP7H5Y9Z/I/PH7P4n5A/ZvE/MX/M4n9S/pjF/+T8MYv/KfljFv9T88cs/qflj1n8T88fs/ifkT9m8T8zf8zif1b+mMX/7Pwxi/85+WMW/3Pzxyz+5+WPWfzPzx+z+F+QP2bxvzB/zOJ/Uf6Yxf/i/DGL/yX5Yxb/S/PHLP6X5Y9Z/C/PH7P4X5E/ZvH/a/6Yxf/K/DGL/1X5Yxb/q/PHLP7X5I9Z/K/NH7P4X5c/ZvG/Pn/M4n9D/pjF/8b8MYv/TfljFv+b88cs/rfkj1n8b80fs/jflj9m8b89f8zif0f+mMX/zvwxi/9d+WMW/7vzxyz+9+SPWfzvzR+z+N+XP2bxvz9/zOL/QP6Yxf/B/DGL/0P5Yxb/h/PHLP6P5I9Z/B/NH7P4P5Y/ZvF/PH/M4v9E/pjF/8n8MYv/U/ljFv+n88cs/s/kj1n8n80fs/g/lz9m8X8+f8zi/0L+mMX/xfwxi/9L+WMW/5fzxyz+r+SPWfxfzR+z+L+WP2bxfz1/zOL/Rv6Yxf/N/DGL/1v5Yxb/t/PHLP7v5I9J/IcbyB+z+A/KH7P4D5M/ZvEfNn/M4j84f8ziP1z+mMV/+Pwxi/8I+WMW/xHzxyz+I+WPWfxHzh+z+I+SP2bxHzV/zOI/Wv6YxX/0/DGL/xj5Yxb/MfPHLP5j5Y9Z/MfOH7P4fyp/zOI/Tv6YxX/c/DGL/6fzxyz+4+WPWfzHzx+z+H8mf8ziP0H+mMX/s/ljFv8J88cs/hPlj1n8J84fs/hPkj9m8Z80f8zi/7n8MYv/ZPljFv/J88cs/lPkj1n8p8wfs/hPlT9m8f98/pjFf+r8MYv/F/LHLP5fzB+z+H8pf8zi/+X8MYv/V/LHLP5fzR+z+E+TP2bxnzZ/zOI/Xf6YxX/6/DGL/wz5Yxb/GfPHLP5fyx+z+M+UP2bxnzl/zOI/S/6YxX/W/DGL/9fzxyz+s+WPWfy/kT9m8f9m/pjFf/b8MYv/t/LHLP5z5I9Z/OfMH7P4z5U/ZvGfO3/M4j9P/pjFf978MYv/fPljFv/588cs/gvkj1n8F8wfs/h/O3/M4v+d/DGL/0L5Yxb/7+aPWfwXzh+z+H8vf8zi//38MYv/IvljFv9F88cs/ovlj1n8F88fs/gvkT9m8V8yf8zi/4P8MYv/UvljFv8f5o9Z/H+UP2bxXzp/zOK/TP6YxX/Z/DGL/3L5Yxb/H+ePWfyXzx+z+K+QP2bx/0n+mMV/xfwxi/9K+WMW/5Xzxyz+q+SPWfxXzR+z+K+WP2bxXz1/zOL/0/wxi/8a+WMW/zXzxyz+a+WPWfzXzh+z+K+TP2bxXzd/zOL/s/wxi/96+WMW//Xzxyz+G+SPWfx/nj9m8d8wf8zi/4v8MYv/RvljFv+N88cs/pvkj1n8f5k/ZvH/Vf6YxX/T/DGL/2b5Yxb/zfPHLP5b5I9Z/LfMH7P4b5U/ZvHfOn/M4r9N/pjFf9v8MYv/dvljFv9f549Z/H+TP2bx3z5/zOK/Q/6YxX/H/DGL/075Yxb/3+aPWfx/lz9m8f99/pjFf+f8MYv/LvljFv8/5I9Z/P+YP2bx3zV/zOL/p/wxi/9u+WMW/93zxyz+e+SPWfz/nD9m8f9L/pjFf8/8MYv/XvljFv+988cs/vvkj1n8980fs/jvlz9m8d8/f8zif0D+mMX/wPwxi/9B+WMW/4Pzxyz+h+SPWfwPzR+z+B+WP2bxPzx/zOJ/RP6Yxf/I/DGL/1H5Yxb/o/PHLP7H5I9Z/I/NH7P4H5c/ZvE/Pn/M4n9C/pjF/8T8MYv/SfljFv+T88cs/qfkj1n8T80fs/iflj9m8T89f8zif0b+mMX/zPwxi/9Z+WMW/7Pzxyz+5+SPWfzPzR+z+J+XP2bxPz9/zOJ/Qf6Yxf/C/DGL/0X5Yxb/i/PHLP6X5I9Z/C/NH7P4X5Y/ZvG/PH/M4n9F/pjF/6/5Yxb/K/PHLP5X5Y9Z/K/OH7P4X5M/ZvG/Nn/M4n9d/pjF//r8MYv/DfljFv8b88cs/jflj1n8b84fs/jfkj9m8b81f8zif1v+mMX/9vwxi/8d+WMW/zvzxyz+d+WPWfzvzh+z+N+TP2bxvzd/zOJ/X/6Yxf/+/DGL/wP5Yxb/B/PHLP4P5Y9Z/B/OH7P4P5I/ZvF/NH/M4v9Y/pjF//H8MYv/E/ljFv8n88cs/k/lj1n8n84fs/g/kz9m8X82f8zi/1z+mMX/+fwxi/8L+WMW/xfzxyz+L+WPWfxfzh+z+L+SP2bxfzV/zOL/Wv6Yxf/1/DGL/xv5Yxb/N/PHLP5v5Y9Z/N/OH7P4v5M/JvEffiB/zOI/KH/M4j9M/pjFf9j8MYv/4Pwxi/9w+WMW/+Hzxyz+I+SPWfxHzB+z+I+UP2bxHzl/zOI/Sv6YxX/U/DGL/2j5Yxb/0fPHLP5j5I9Z/MfMH7P4j5U/ZvEfO3/M4v+p/DGL/zj5Yxb/cfPHLP6fzh+z+I+XP2bxHz9/zOL/mfwxi/8E+WMW/8/mj1n8J8wfs/hPlD9m8Z84f8ziP0n+mMV/0vwxi//n8scs/pPlj1n8J88fs/hPkT9m8Z8yf8ziP1X+mMX/8/ljFv+p88cs/l/IH7P4fzF/zOL/pfwxi/+X88cs/l/JH7P4fzV/zOI/Tf6YxX/a/DGL/3T5Yxb/6fPHLP4z5I9Z/GfMH7P4fy1/zOI/U/6YxX/m/DGL/yz5Yxb/WfPHLP5fzx+z+M+WP2bx/0b+mMX/m/ljFv/Z88cs/t/KH7P4z5E/ZvGfM3/M4j9X/pjFf+78MYv/PPljFv9588cs/vPlj1n8588fs/gvkD9m8V8wf8zi/+38MYv/d/LHLP4L5Y9Z/L+bP2bxXzh/zOL/vfwxi//388cs/ovkj1n8F80fs/gvlj9m8V88f8ziv0T+mMV/yfwxi/8P8scs/kvlj1n8f5g/ZvH/Uf6YxX/p/LH/UP9BH7Iefpn8sf9Q/3f7++1/2fwxi/9y+WMW/x/nj1n8l88fs/ivkD9m8f9J/pjFf8X8sUEXDRo6M//Z/ivlj1m2/5Xzxyz+q+SPWfxXzR+z+K+WP2bxXz1/zOL/0/wxi/8a+WMW/zXzxyz+a+WPWfzXzh+z+K+TP2bxXzd/zOL/s/wxi/96+WMW//Xzxyz+G+SPWfx/nj9m8d8wf8zi/4v8MYv/RvljFv+N88cs/pvkj1n8f5k/ZvH/Vf6YxX/T/DGL/2b5Yxb/zfPHLP5b5I9Z/LfMH7P4b5U/ZvHfOn/M4r9N/pjFf9v8MYv/dvljFv9f549Z/H+TP2bx3z5/zOK/Q/6YxX/H/DGL/075Yxb/3+aPWfx/lz9m8f99/pjFf+f8MYv/LvljFv8/5I9Z/P+YP2bx3zV/zOL/p/wxi/9u+WMW/93zxyz+e+SPWfz/nD9m8f9L/pjFf8/8MYv/XvljFv+988cs/vvkj1n8980fs/jvlz9m8d8/f8zif0D+mMX/wPwxi/9B+WMW/4Pzxyz+h+SPWfwPzR+z+B+WP2bxPzx/zOJ/RP6Yxf/I/DGL/1H5Yxb/o/PHLP7H5I9Z/I/NH7P4H5c/ZvE/Pn/M4n9C/pjF/8T8MYv/SfljFv+T88cs/qfkj1n8T80fs/iflj9m8T89f8zif0b+mMX/zPwxi/9Z+WMW/7Pzxyz+5+SPWfzPzR+z+J+XP2bxPz9/zOJ/Qf6Yxf/C/DGL/0X5Yxb/i/PHLP6X5I9Z/C/NH7P4X5Y/ZvG/PH/M4n9F/pjF/6/5Yxb/K/PHLP5X5Y9Z/K/OH7P4X5M/ZvG/Nn/M4n9d/pjF//r8MYv/DfljFv8b88cs/jflj1n8b84fs/jfkj9m8b81f8zif1v+mMX/9vwxi/8d+WMW/zvzxyz+d+WPWfzvzh+z+N+TP2bxvzd/zOJ/X/6Yxf/+/DGL/wP5Yxb/B/PHLP4P5Y9Z/B/OH7P4P5I/ZvF/NH/M4v9Y/pjF//H8MYv/E/ljFv8n88cs/k/lj1n8n84fs/g/kz9m8X82f8zi/1z+mMX/+fwxi/8L+WMW/xfzHxgJLrP4v5Q/ZvF/OX/M4v9K/pjF/9X8MYv/a/ljFv/X88cs/m/kj1n838wfs/i/lT9m8X87f8zi/07+mMR/hIH8MYv/oPwxi/8w+WMW/2Hzxyz+g/PHLP7D5Y9Z/IfPH7P4j5A/ZvEfMX/M4j9S/pjFf+T8MYv/KPljFv9R88cs/qPlj1n8R88fs/iPkT9m8R8zf8ziP1b+QxvxH85Z/MfOH7P4fyp/zOI/Tv6YxX/c/DGL/6fzxyz+4+WPWfzHzx+z+H8mf8ziP0H+mMX/s/ljFv8J88cs/hPlj1n8J84fs/hPkj9m8Z80f8zi/7n8MYv/ZPljFv/J88cs/lPkj1n8p8wfs/hPlT9m8f98/pjFf+r8MYv/F/LHLP5fzB+z+H8pf8zi/+X8MYv/V/LHLP5fzR+z+E+TP2bxnzZ/zOI/Xf6YxX/6/DGL/wz5Yxb/GfPHLP5fyx+z+M+UP2bxnzl/zOI/S/6YxX/W/DGL/9fzxyz+s+WPWfy/kT9m8f9m/pjFf/b8MYv/t/LHLP5z5I9Z/OfMH7P4z5U/ZvGfO3/M4j9P/pjFf978MYv/fPljFv/588cs/gvkj1n8F8wfs/h/O3/M4v+d/DGL/0L5Yxb/7+aPWfwXzh+z+H8vf8zi//38MYv/IvljFv9F88cs/ovlj1n8F88fs/gvkT9m8V8yf8zi/4P8MYv/UvljFv8f5o9Z/H+UP2bxXzp/zOK/TP6YxX/Z/DGL/3L5Yxb/H+ePWfyXzx+z+K+QP2bx/0n+mMV/xfwxi/9K+WMW/5Xzxyz+q+SPWfxXzR+z+K+WP2bxXz1/zOL/0/wxi/8a+WMW/zXzxyz+a+WPWfzXzh+z+K+TP2bxXzd/zOL/s/wxi/96+WMW//Xzxyz+G+SPWfx/nj9m8d8wf8zi/4v8MYv/RvljFv+N88cs/pvkj1n8f5k/ZvH/Vf6YxX/T/DGL/2b5Yxb/zfPHLP5b5I9Z/LfMH7P4b5U/ZvHfOn/M4r9N/pjFf1v0b42w+G+XNmbx/3X+mMX/N/ljFv/t88cs/jvkj1n8d3zP/613Pqlx/Ztm8d+p7R+z+P82f8zi/7v8MYv/7/PHLP47549Z/HfJH7P4/yF/zOL/x/wxi/+u+WMW/z/lj1n8d8sfs/jvnj9m8d8jf8zi/+f8MYv/X/LHLP575o9Z/PfKH7P4750/ZvHfJ3/M4r9v/pjFf7/8MYv//vljFv8D8scs/gfmj1n8D8ofs/gfnD9m8T8kf8zif2j+mMX/sPwxi//h+WMW/yPyxyz+R+aPWfyPyh+z+B+dP2bxPyZ/zOJ/bP6Yxf+4/DGL//H5Yxb/E/LHLP4n5o9Z/E/KH7P4n5w/ZvE/JX/M4n9q/pjF/7T8MYv/6fljFv8z8scs/mfmj1n8z8ofs/ifnT9m8T8nf8zif27+mMX/vPwxi//5+WMW/wvyxyz+F+aPWfwvyh+z+F+cP2bxvyR/zOJ/af6Yxf+y/DGL/+X5Yxb/K/LHLP5/zR+z+F+ZP2bxvyp/zOJ/df6Yxf+a/DGL/7X5Yxb/6/LHLP7X549Z/G/IH7P435g/ZvG/KX/M4n9z/pjF/5b8MYv/rfljFv/b8scs/rfnj1n878gfs/jfmT9m8b8rf8zif3f+mMX/nvwxi/+9+WMW//vyxyz+9+ePWfwfyB+z+D+YP2bxfyh/zOL/cP6Yxf+R/DGL/6P5Yxb/x/LHLP6P549Z/J/IH7P4P5k/ZvF/Kn/M4v90/pjF/5n8MYv/s/ljFv/n8scs/s/nj1n8X8gfs/i/mD9m8X8pf8zi/3L+mMX/lfwxi/+r+WMW/9fyxyz+r+ePWfzfyB+z+L+ZP2bxfyt/zOL/dv6Yxf+d/DGJ/4gD+WMW/0H5Yxb/YfLHLP7D5o9Z/Afnj1n8h8sfs/gPnz9m8R8hf8ziP2L+mMV/pPwxi//I+WMW/1Hyxyz+o+aPWfxHyx+z+I+eP2bxHyN/zOI/Zv6YxX+s/DGL/9j5Yxb/T+WPWfzHyR+z+I+bP2bx/3T+mMV/vPwxi//4+WMW/8/kj1n8J8gfs/h/Nn/M4j9h/pjFf6L8MYv/xPljFv9J8scs/pPmj1n8P5c/ZvGfLH/M4j95/pjFf4r8MYv/lPljFv+p8scs/p/PH7P4T50/ZvH/Qv6Yxf+L+WMW/y/lj1n8v5w/ZvH/Sv6Yxf+r+WMW/2nyxyz+0+aPWfynyx+z+E+fP2bxnyF/zOI/Y/6Yxf9r+WMW/5nyxyz+M+ePWfxnyR+z+M+aP2bx/3r+mMV/tvwxi/838scs/t/MH7P4z54/ZvH/Vv6YxX+O/DGL/5z5Yxb/ufLHLP5z549Z/OfJH7P4z5s/ZvGfL3/M4j9//pjFf4H8MYv/gvljFv9v549Z/L+TP2bxXyh/zOL/3fwxi//C+WMW/+/lj1n8v58/ZvFfJH/M4r9o/pjFf7H8MYv/4vljFv8l8scs/kvmj1n8f5A/ZvFfKn/M4v/D/DGL/4/yxyz+S+ePWfyXyR+z+C+bP2bxXy5/zOL/4/wxi//y+WMW/xXyxyz+P8kfs/ivmD9m8V8pf8ziv3L+mMV/lfwxi/+q+WMW/9Xyxyz+q+ePWfx/mj9m8V8jf8ziv2b+mMV/rfwxi//a+WMW/3Xyxyz+6+aPWfx/lj9m8V8vf8ziv37+mMV/g/wxi//P88cs/hvmj1n8f5E/ZvHfKH/M4r9x/pjFf5P8MYv/L/PHLP6/yh+z+G+aP2bx3yx/zOK/ef6YxX+L/DGL/5b5Yxb/rfLHLP5b549Z/LfJH7P4b5s/ZvHfLn/M4v/r/DGL/2/yxyz+2+ePWfx3yB+z+O+YP2bx3yl/zOL/2/wxi//v8scs/r/PH7P475w/ZvHfJX/M4v+H/DGL/x/zxyz+u+aPWfz/lD9m8d8tf8ziv3v+mMV/j/wxi/+f88cs/n/JH7P475k/ZvHfK3/M4r93/pjFf5/8MYv/vvljFv/98scs/vvnj1n8D8gfs/gfmD9m8T8of8zif3D+mMX/kPwxi/+h+WMW/8Pyxyz+h+ePWfyPyB+z+B+ZP2bxPyp/zOJ/dP6Yxf+Y/DGL/7H5Yxb/4/LHLP7H549Z/E/IH7P4n5g/ZvE/KX/M4n9y/pjF/5T8MYv/qfljFv/T8scs/qfnj1n8z8gfs/ifmT9m8T8rf8zif3b+mMX/nPwxi/+5+WMW//Pyxyz+5+ePWfwvyB+z+F+YP2bxvyh/zOJ/cf6Yxf+S/DGL/6X5Yxb/y/LHLP6X549Z/K/IH7P4/zV/zOJ/Zf6Yxf+q/DGL/9X5Yxb/a/LHLP7X5o9Z/K/LH7P4X58/ZvG/IX/M4n9j/pjF/6b8MYv/zfljFv9b8scs/rfmj1n8b8sfs/jfnj9m8b8jf8zif2f+mMX/rvwxi//d+WMW/3vyxyz+9+aPWfzvyx+z+N+fP2bxfyB/zOL/YP6Yxf+h/DGL/8P5Yxb/R/LHLP6P5o9Z/B/LH7P4P54/ZvF/In/M4v9k/pjF/6n8MYP/oMEDIz6dP2bwH7L9P5M/ZvF/Nn/M4v9c/pjF//n8MYv/C/ljFv8X88cs/i/lj1n8X84fs/i/kj9m8X81f8zi/1r+mMX/9fwxi/8b+WMW/zfzxyz+b+WPWfzfzh+z+L+TPybxH2kgf8ziPyh/zOI/TP6YxX/Y/DGL/+D8MYv/cPljFv/h88cs/iPkj1n8R8wfs/iPlD9m8R85f8ziP0r+mMV/1Pwxi/9o+WMW/9Hzxyz+Y+SPWfzHzB+z+I+VP2bxHzt/zOL/qfwxi/84+WMW/3Hzxyz+n84fs/iPlz9m8R8/f8zi/5n8MYv/BPljFv/P5o9Z/CfMH7P4T5Q/ZvGfOH/M4j9J/pjFf9L8MYv/5/LHLP6T5Y9Z/CfPH7P4T5E/ZvGfMn/M4j9V/pjF//P5Yxb/qfPHLP5fyB+z+H8xf8zi/6X8MYv/l/PHLP5fyR+z+H81f8ziP03+mMV/2oGBzT+pIf07Z/Gfru0fs/hPnz9m8Z8hf8ziP2P+mMX/a/ljFv+Z8scs/jPnj1n8Z8kfs/jPmj9m8f96/pjFf7b8MYv/N/LHLP7fzB+z+M+eP2bx/1b+mMV/jvwxi/+c+WMW/7nyxyz+c+ePWfznyR+z+M+bP2bxny9/zOI/f/6YxX+B/DGL/4L5Yxb/b+ePWfy/kz9m8V8of8zi/938MYv/wvljFv/v5Y9Z/L+fP2bxXyR/zOK/aP6YxX+x/DGL/+L5Yxb/JfLHLP5L5o9Z/H+QP2bxXyp/zOL/w/wxi/+P8scs/kvnj1n8l8kfs/gvmz9m8V8uf8zi/+P8MYv/8vljFv8V8scs/j/JH7P4r5g/ZvFfKX/M4r9y/pjFf5X8MYv/qvljFv/V8scs/qvnj1n8f5o/ZvFfI3/M4r9m/pjFf638MYv/2vljFv918scs/uvmj1n8f5Y/ZvFfL3/M4r9+/pjFf4P8MYv/z/PHLP4b5o9Z/H+RP2bx3yh/zOK/cf6YxX+T/DGL/y/zxyz+v8ofs/hvmj9m8d8sf8ziv3n+mMV/i/wxi/+W+WMW/63yxyz+W+ePWfy3yR+z+G+bP2bx3y5/zOL/6/wxi/9v8scs/tvnj1n8d8gfs/jvmD9m8d8pf8zi/9v8MYv/7/LHLP6/zx+z+O+cP2bx3yV/zOL/h/wxi/8f88cs/rvmj1n8/5Q/ZvHfLX/M4r97/pjFf4/8MYv/n/PHLP5/yR+z+O+ZP2bx3yt/zOK/d/6YxX+f/DGL/775Yxb//fLHLP77549Z/A/IH7P4H5g/ZvE/KH/M4n9w/pjF/5D8MYv/ofljFv/D8scs/ofnj1n8j8gfs/gfmT9m8T8qf8zif3T+mMX/mPwxi/+x+WMW/+Pyxyz+x+ePWfxPyB+z+J+YP2bxPyl/zOJ/cv6Yxf+U/DGL/6n5Yxb/0/LHLP6n549Z/M/IH7P4n5k/ZvE/K3/M4n92/pjF/5z8MYv/ufljFv/z8scs/ufnj1n8L8gfs/hfmD9m8b8of8zif3H+mMX/kvwxi/+l+WMW/8vyxyz+l+ePWfyvyB+z+P81f8zif2X+mMX/qvwxi//V+WMW/2vyxyz+1+aPWfyvyx+z+F+fP2bxvyF/zOJ/Y/6Yxf+m/DGL/835Yxb/W/LHLP635o9Z/G/LH7P4354/ZvG/I3/M4n9n/pjF/678MYv/3fljFv978scs/vfmj1n878sfs/jfnz9m8X8gf8zi/2D+mMX/ofwxi//D+WMW/0fyxyz+j+aPWfwfyx+z+D+eP2bxfyJ/zOL/ZP6Yxf+p/DGL/9P5Yxb/Z/LHLP7P5o9Z/J/LH7P4P58/ZvF/IX/M4v9i/pjF/6X8MYv/y/ljFv9X8scs/q/mj1n8X8sfs/i/nj9m8X8jf8zi/2b+mMX/rfwxi//b+WMW/3fyxyT+Iw/kj1n8B+WPWfyHyR+z+A+bP2bxH5w/ZvEfLn/M4j98/pjFf4T8MYv/iPljFv+R8scs/iPnj1n8R8kfs/iPmj9m8R8tf8ziP3r+mMV/jPwxi/+Y+WMW/7Hyxyz+Y+ePWfw/lT9m8R8nf8ziP27+mMX/0/ljFv/x8scs/uPnj1n8P5M/ZvGfIH/M4v/Z/DGL/4T5Yxb/ifLHLP4T549Z/CfJH7P4T5o/ZvH/XP6YxX+y/DGL/+T5Yxb/KfLHLP5T5o9Z/KfKH7P4fz5/zOI/df6Yxf8L+WMW/y/mj1n8v5Q/ZvH/cv6Yxf8r+WMW/6/mj1n8p8kfs/hPmz9m8Z8uf8ziP33+mMV/hvwxi/+M+WMW/6/lj1n8Z8ofs/jPnD9m8Z8lf8ziP2v+mMX/6/ljFv/Z8scs/t/IH7P4fzN/zOI/e/6Yxf9b+WMW/znyxyz+c+aPWfznyh+z+M+dP2bxnyd/zOI/b/6YxX++/DGL//z5Yxb/BfLHLP4L5o9Z/L+dP2bx/07+mMV/ofwxi/9388cs/gvnj1n8v5c/ZvH/fv6YxX+R/DGL/6L5Yxb/xfLHLP6L549Z/JfIH7P4L5k/ZvH/Qf6YxX+p/DGL/w/zxyz+P8ofs/gvnT9m8V8mf8ziv2z+mMV/ufwxi/+P88cs/svnj1n8V8gfs/j/JH/M4r9i/pjFf6X8MYv/yvljFv9V8scs/qvmj1n8V8sfs/ivnj9m8f9p/pjFf438MYv/mvljFv+18scs/mvnj1n818kfs/ivmz9m8f9Z/pjFf738MYv/+vljFv8N8scs/j/PH7P4b5g/ZvH/Rf6YxX+j/DGL/8b5Yxb/TfLHLP6/zB+z+P8qf8ziv2n+mMV/s/wxi//m+WMW/y3yxyz+W+aPWfy3yh+z+G+dP2bx3yZ/zOK/bf6YxX+7/DGL/6/zxyz+v8kfs/hvnz9m8d8hf8ziv2P+mMV/p/wxi/9v88cs/r/LH7P4/z5/zOK/c/6YxX+X/DGL/x/yxyz+f8wfs/jvmj9m8f9T/pjFf7f8MYv/7vljFv898scs/n/OH7P4/yV/zOK/Z/6YxX+v/DGL/975Yxb/ffLHLP775o9Z/PfLH7P4758/ZvE/IH/M4n9g/pjF/6D8MYv/wfljFv9D8scs/ofmj1n8D8sfs/gfnj9m8T8if8zif2T+mMX/qPwxi//R+WMW/2Pyxyz+x+aPWfyPyx+z+B+fP2bxPyF/zOJ/Yv6Yxf+k/DGL/8n5Yxb/U/LHLP6n5o9Z/E/LH7P4n54/ZvE/I3/M4n9m/pjF/6z8MYv/2fljFv9z8scs/ufmj1n8z8sfs/ifnz9m8b8gf8zif2H+mMX/ovwxi//F+WMW/0vyxyz+l+aPWfwvyx+z+F+eP2bxvyJ/zOL/1/wxi/+V+WMW/6vyxyz+V+ePWfyvyR+z+F+bP2bxvy5/zOJ/ff6Yxf+G/DGL/435Yxb/m/LHLP43549Z/G/JH7P435o/ZvG/LX/M4n97/pjF/478MYv/nfljFv+78scs/nfnj1n878kfs/jfmz9m8b8vf8zif3/+mMX/gfwxi/+D+WMW/4fyxyz+D+ePWfwfyR+z+D+aP2bxfyx/zOL/eP6Yxf+J/DGL/5P5Yxb/p/LHLP5P549Z/J/JH7P4P5s/ZvF/Ln/M4v98/pjF/4X8MYv/i/ljFv+X8scs/i/nj1n8X8kfs/i/mj9m8X8tf8zi/3r+mMX/jfwxi/+b+WMW/7fyxyz+b+ePWfzfyR+T+I8ykD9m8R+UP2bxHyZ/zOI/bP6YxX9w/pjFf7j8MYv/8PljFv8R8scs/iPmj1n8R8ofs/iPnD9m8R8lf8ziP2r+mMV/tPwxi//o+WMW/zHyxyz+Y+aPWfzHyh+z+I+dP2bx/1T+mMV/nPwxi/+4+WMW/0/nj1n8x8sfs/iPnz9m8f9M/pjFf4L8MYv/Z/PHLP4T5o9Z/CfKH7P4T5w/ZvGfJH/M4j9p/pjF/3P5Yxb/yfLHLP6T549Z/KfIH7P4T5k/ZvGfKn/M4v/5/DGL/9T5Yxb/L+SPWfy/mD9m8f9S/pjF/8v5Yxb/r+SPWfy/mj9m8Z8mf8ziP23+mMV/uvwxi//0+WMW/xnyxyz+M+aPWfy/lj9m8Z8pf8ziP3P+mMV/lvwxi/+s+WMW/6/nj1n8Z8sfs/h/I3/M4v/N/DGL/+z5Yxb/b+WPWfznyB+z+M+ZP2bxnyt/zOI/d/6YxX+e/DGL/7z5Yxb/+fLHLP7z549Z/BfIH7P4L5g/ZvH/dv6Yxf87+WMW/4Xyxyz+380fs/gvnD9m8f9e/pjF//v5Yxb/RfLHLP6L5o9Z/BfLH7P4L54/ZvFfIn/M4r9k/pjF/wf5Yxb/pfLHLP4/zB+z+P8of8ziv3T+mMV/mfwxi/+y+WMW/+Xyxyz+P84fs/gvnz9m8V8hf8zi/5P8MYv/ivljFv+V8scs/ivnj1n8V8kfs/ivmj9m8V8tf8ziv3r+mMX/p/ljFv818scs/mvmj1n818ofs/ivnT9m8V8nf8ziv27+mMX/Z/ljFv/18scs/uvnj1n8N8gfs/j/PH/M4r9h/pjF/xf5Yxb/jfLHLP4b549Z/DfJH7P4/zJ/zOL/q/wxi/+m+WMW/83yxyz+m+ePWfy3yB+z+G+ZP2bx3yp/zOK/df6YxX+b/DGL/7b5Yxb/7fLHLP6/zh+z+P8mf8ziv33+mMV/h/wxi/+O+WMW/53yxyz+v80fs/j/Ln/M4v/7/DGL/875Yxb/XfLHLP5/yB+z+P8xf8ziv2v+mMX/T/ljFv/d8scs/rvnj1n898gfs/j/OX/M4v+X/DGL/575Yxb/vfLHLP57549Z/PfJH7P475s/ZvHfL3/M4r9//pjF/4D8MYv/gfljFv+D8scs/gfnj1n8D8kfs/gfmj9m8T8sf8zif3j+mMX/iPwxi/+R+WMW/6Pyxyz+R+ePWfyPyR+z+B+bP2bxPy5/zOJ/fP6Yxf+E/DGL/4n5Yxb/k/LHLP4n549Z/E/JH7P4n5o/ZvE/LX/M4n96/pjF/4z8MYv/mflj7/sPjDgw8J/sf1b+mGX7Pzt/zOJ/Tv6Yxf/c/DGL/3n5Yxb/8/PHLP4X5I9Z/C/MH7P4X5Q/ZvG/OH/M4n9J/pjF/9L8MYv/ZfljFv/L88cs/lfkj1n8/5o/ZvG/Mn/M4n9V/pjF/+r8MYv/NfljFv9r88cs/tflj1n8r88fs/jfkD9m8b8xf8zif1P+mMX/5vwxi/8t+WMW/1vzxyz+t+WPWfxvzx+z+N+RP2bxvzN/zOJ/V/6Yxf/u/DGL/z35Yxb/e/PHLP735Y9Z/O/PH7P4P5A/ZvF/MH/M4v9Q/pjF/+H8MYv/I/ljFv9H88cs/o/ljzn8k/+oHP4DozzRWoBZ/J/MH7P4P5U/ZvF/On/M4v9M/pjF/9n8MYv/c/ljFv/n88cs/i/kj1n8X8wfs/i/lD9m8X85f8zi/0r+mMX/1fwxi/9r+WMW/9fzxyz+b+SPWfzfzB+z+L+VP2bxfzt/zOL/Tv6YxH/Ugfwxi/+g/DGL/zD5Yxb/YfPHLP6D88cs/sPlj1n8h88fs/iPkD9m8R8xf8ziP1L+mMV/5Pwxi/8o+WMW/1Hzxyz+o+WPWfxHzx+z+I+RP2bxHzN/zOI/Vv6YxX/s/DGL/6fyxyz+4+SPWfzHzR+z+H86f8ziP17+mMV//Pwxi/9n8scs/hPkj1n8P5s/ZvGfMH/M4j9R/pjFf+L8MYv/JPljFv9J88cs/p/LH7P4T5Y/ZvGfPH/M4j9F/pjFf8r8MYv/VPljFv/P549Z/KfOH7P4fyF/zOL/xfwxi/+X8scs/l/OH7P4fyV/zOL/1fwxi/80+WMW/2nzxyz+0+WPWfynzx+z+M+QP2bxnzF/zOL/tfwxi/9M+WMW/5nzxyz+s+SPWfxnzR+z+H89f8ziP1v+mMX/G/ljFv9v5o9Z/GfPH7P4fyt/zOI/R/6YxX/O/DGL/1z5Yxb/ufPHLP7z5I9Z/OfNH7P4z5c/ZvGfP3/M4r9A/pjFf8H8MYv/t/PHLP7fyR+z+C+UP2bx/27+mMV/4fwxi//38scs/t/PH7P4L5I/ZvFfNH/M4r9Y/pjFf/H8MYv/EvljFv8l88cs/j/IH7P4L5U/ZvH/Yf6Yxf9H+WMW/6Xzxyz+y+SPWfyXzR+z+C+XP2bx/3H+mMV/+fwxi/8K+WMW/5/kj1n8V8wfs/ivZPT/F+6wxX9lo/+/kMV/lfwxi/+q+WMW/9Xyxyz+q+ePWfx/mj9m8V8jf8ziv2b+mMV/rfwxi//a+WMW/3Xyxyz+6+aPWfx/lj9m8V8vf8ziv37+mMV/g/wxi//P88cs/hvmj1n8f5E/ZvHfKH/M4r9x/pjFf5P8MYv/L/PHLP6/yh+z+G+aP2bx3yx/zOK/ef6YxX+L/DGL/5b5Yxb/rfLHLP5b549Z/LfJH7P4b5s/ZvHfLn/M4v/r/DGL/2/yxyz+2+ePWfx3yB+z+O+YP2bx3yl/zOL/2/wxi//v8scs/r/PH7P475w/ZvHfJX/M4v+H/DGL/x/zxyz+u+aPWfz/lD9m8d8tf8ziv3v+mMV/j/wxi/+f88cs/n/JH7P475k/ZvHfK3/M4r93/pjFf5/8MYv/vvljFv/98scs/vvnj1n8D8gfs/gfmD9m8T8of8zif3D+mMX/kPwxi/+h+WMW/8Pyxyz+h+ePWfyPyB+z+B+ZP2bxPyp/zOJ/dP6Yxf+Y/DGL/7H5Yxb/4/LHLP7H549Z/E/IH7P4n5g/ZvE/KX/M4n9y/pjF/5T8MYv/qfljFv/T8scs/qfnj1n8z8gfs/ifmT9m8T8rf8zif3b+mMX/nPwxi/+5+WMW//Pyxyz+5+ePWfwvyB+z+F+YP2bxvyh/zOJ/cf6Yxf+S/DGL/6X5Yxb/y/LHLP6X549Z/K/IH7P4/zV/zOJ/Zf6Yxf+q/DGL/9X5Yxb/a/LHLP7X5o9Z/K/LH7P4X58/ZvG/IX/M4n9j/pjF/6b8MYv/zfljFv9b8scs/rfmj1n8b8sfs/jfnj9m8b8jf8zif2f+mMX/rvwxi//d+WMW/3vyxyz+9+aPWfzvyx+z+N+fP2bxfyB/zOL/YP6Yxf+h/DGL/8P5Yxb/R/LHLP6P5o9Z/B/LH7P4P54/ZvF/In/M4v9k/pjF/6n8MYv/0/ljFv9n8scs/s/mj1n8n8sfs/g/nz9m8X8hf8zi/2L+mMX/pfwxi//L+WMW/1fyxyz+r+aPWfxfyx+z+L+eP2bxfyN/zOL/Zv6Yxf+t/DGL/9v5Yxb/d/LHJP6jDeSPWfwH5Y9Z/IfJH7P4D5s/ZvEfnD9m8R8uf8ziP3z+mMV/hPwxi/+I+WMW/5Hyxyz+I+ePWfxHyR+z+I+aP2bxHy1/zOI/ev6YxX+M/DGL/5j5Yxb/sfLHLP5j549Z/D+VP2bxHyd/zOI/bv6Yxf/T+WMW//Hyxyz+4+ePWfw/kz9m8Z8gf8zi/9n8MYv/hPljFv+J8scs/hPnj1n8J8kfs/hPmj9m8f9c/pjFf7L8MYv/5PljFv8p8scs/lPmj1n8p8ofs/h/Pn/M4j91/pjF/wv5Yxb/L+aPWfy/lD9m8f9y/pjF/yv5Yxb/r+aPWfynyR+z+E+bP2bxny5/zOI/ff6YxX+G/DGL/4z5Yxb/r+WPWfxnyh+z+M+cP2bxnyV/7B/8h1425ic8pv9PfYT/rPljlu3/6/ljFv/Z8scs/t/IH7P4fzN/zOI/e/6Yxf9b+WMW/znyxyz+c+aPWfznyh+z+M+dP2bxnyd/zOI/b/6YxX++/DGL//z5Yxb/BfLHLP4L5o9Z/L+dP2bx/07+mMV/ofwxi/9388cs/gvnj1n8v5c/ZvH/fv6YxX+R/DGL/6L5Yxb/xfLHLP6L549Z/JfIH7P4L5k/ZvH/Qf6YxX+p/DGL/w/zxyz+P8ofs/gvnT9m8V8mf8ziv2z+mMV/ufwxi/+P88cs/svnj1n8V8gfs/j/JH/M4r9i/pjFf6X8MYv/yvljFv9V8scs/qvmj1n8V8sfs/ivnj9m8f9p/pjFf438MYv/mvljFv+18scs/mvnj1n818kfs/ivmz9m8f9Z/pjFf738MYv/+vljFv8N8scs/j/PH7P4b5g/ZvH/Rf6YxX+j/DGL/8b5Yxb/TfLHLP6/zB+z+P8qf8ziv2n+mMV/s/wxi//m+WMW/y3yxyz+W+aPWfy3yh+z+G+dP2bx3yZ/zOK/bf6YxX+7/DGL/6/zxyz+v8kfs/hvnz9m8d8hf8ziv2P+mMV/p/wxi/9v88cs/r/LH7P4/z5/zOK/c/6YxX+X/LH/VP8RP+T/h/yx/1T/gQ/5/zF/zOK/a/6Yxf9P+WMW/93yxyz+u+ePWfz3yB+z+P85f8zi/5f8MYv/nvljFv+98scs/nvnj1n898kfs/jvmz9m8d8vf8ziv3/+mMX/gPwxi/+B+WMW/4Pyxyz+B+ePWfwPyR+z+B+aP2bxPyx/zOJ/eP6Yxf+I/DGL/5H5Yxb/o/LHLP5H549Z/I/JH7P4H5s/ZvE/Ln/M4n98/pjF/4T8MYv/ifljFv+T8scs/ifnj1n8T8kfs/ifmj9m8T8tf8zif3r+mMX/jPwxi/+Z+WMW/7Pyxyz+Z+ePWfzPyR+z+J+bP2bxPy9/zOJ/fv6Yxf+C/DGL/4X5Yxb/i/LHLP4X549Z/C/JH7P4X5o/ZvG/LH/M4n95/pjF/4r8MYv/X/PHLP5X5o9Z/K/KH7P4X50/ZvG/Jn/M4n9t/pjF/7r8MYv/9fljFv8b8scs/jfmj1n8b8ofs/jfnD9m8b8lf8zif2v+mMX/tvwxi//t+WMW/zvyxyz+d+aPWfzvyh+z+N+dP2bxvyd/zOJ/b/6Yxf++/DGL//35Yxb/B/LHLP4P5o9Z/B/KH7P4P5w/ZvF/5MP+W/wvj+vfNIv/o23/mMX/sfwxi//j+WMW/yfyxyz+T+aPWfyfyh+z+D+dP2bxfyZ/zOL/bP6Yxf+5/DGL//P5Yxb/F/LHLP4v5o9Z/F/KH7P4v5w/ZvF/JX/M4v9q/pjF/7X8MYv/6/ljFv838scs/m/mj1n838ofs/i/nT9m8X8nf0ziP/pA/pjFf1D+mMV/mPwxi/+w+WMW/8H5Yxb/4fLHLP7D549Z/EfIH7P4j5g/ZvEfKX/M4j9y/pjFf5T8MYv/qPljFv/R8scs/qPnj1n8x8gfs/iPmT9m8R8rf8ziP3b+mMX/U/ljFv9x8scs/uPmj1n8P50/ZvEfL3/M4j9+/pjF/zP5Yxb/CfLHLP6fzR+z+E+YP2bxnyh/zOI/cf6YxX+S/DGL/6T5Yxb/z+WPWfwnyx+z+E+eP2bxnyJ/zOI/Zf6YxX+q/DGL/+fzxyz+U+ePWfy/kD9m8f9i/pjF/0v5Yxb/L+ePWfy/kj9m8f9q/pjFf5r8MYv/tPljFv/p8scs/tPnj1n8Z8gfs/jPmD9m8f9a/pjFf6b8MYv/zPljFv9Z8scs/rPmj1n8v54/ZvGfLX/M4v+N/DGL/zfzxyz+s+ePWfy/lT9m8Z8jf8ziP2f+mMV/rvwxi//c+WMW/3nyxyz+8+aPWfznyx+z+M+fP2bxXyB/zOK/YP6Yxf/b+WMW/+/kj1n8F8ofs/h/N3/M4r9w/pjF/3v5Yxb/7+ePWfwXyR+z+C+aP2bxXyx/zOK/eP6YxX+J/DGL/5L5Yxb/H+SPWfyXyh+z+P8wf8zi/6P8MYv/0vljFv9l8scs/svmj1n8l8sfs/j/OH/M4r98/pjFf4X8MYv/T/LHLP4r5o9Z/FfKH7P4r5w/ZvFfJX/M4r9q/pjFf7X8MYv/6vljFv+f5o9Z/NfIH7P4r5k/ZvFfK3/M4r92/pjFf538MYv/uvljFv+f5Y9Z/NfLH7P4r58/ZvHfIH/M4v/z/DGL/4b5Yxb/X+SPWfw3yh+z+G+cP2bx3yR/zOL/y/wxi/+v8scs/pvmj1n8N8sfs/hvnj9m8d8if8ziv2X+mMV/q/wxi//W+WMW/23yxyz+2+aPWfy3yx+z+P86f8zi/5v8MYv/9vljFv8d8scs/jvmj1n8d8ofs/j/Nn/M4v+7/DGL/+/zxyz+O+ePWfx3yR+z+P8hf8zi/8f8MYv/rvljFv8/5Y9Z/HfLH7P4754/ZvHfI3/M4v/n/DGL/1/yxyz+e+aPWfz3yh+z+O+dP2bx3yd/zOK/b/6YxX+//DGL//75Yxb/A/LHLP4H5o9Z/A/KH7P4H5w/ZvE/JH/M4n9o/pjF/7D8MYv/4fljFv8j8scs/kfmj1n8j8ofs/gfnT9m8T8mf8zif2z+mMX/uPwxi//x+WMW/xPyxyz+J+aPWfxPyh+z+J+cP2bxPyV/zOJ/av6Yxf+0/DGL/+n5Yxb/M/LHLP5n5o9Z/M/KH7P4n50/ZvE/J3/M4n9u/pjF/7z8MYv/+fljFv8L8scs/hfmj1n8L8ofs/hfnD9m8b8kf8zif2n+mMX/svwxi//l+WMW/yvyxyz+f80fs/hfmT9m8b8qf8zif3X+mMX/mvwxi/+1+WMW/+vyxyz+1+ePWfxvyB+z+N+YP2bxvyl/zOJ/c/6Yxf+W/DGL/635Yxb/2/LHLP63549Z/O/IH7P435k/ZvG/K3/M4n93/pjF/578MYv/vfljFv/78scs/vfnj1n8H8gfs/g/mD9m8X8of8zi/3D+mMX/kfwxi/+j+WMW/8fyxyz+j+ePWfyfyB+z+D+ZP2bxfyp/zOL/dP6Yxf+Z/DGL/7P5Yxb/5/LHLP7P549Z/F/IH7P4v5g/ZvF/KX/M4v9y/pjF/5X8MYv/q/ljFv/X8scs/q/nj1n838gfs/i/mT9m8X8rf8zi/3b+mMX/nfwxif8YA/ljFv9B+WMW/2Hyxyz+w+aPWfwH549Z/IfLH7P4D58/ZvEfIX/M4j9i/pjFf6T8MYv/yPljFv9R8scs/qPmj1n8R8sfs/iPnj9m8R8jf8ziP2b+mMV/rPwxi//Y+WMW/0/lj1n8x8kfs/iPmz9m8f90/pjFf7z8MYv/+PljFv/P5I9Z/CfIH7P4fzZ/zOI/Yf6YxX+i/DGL/8T5Yxb/SfLHLP6T5o9Z/D+X//+PnbsP97qu7zj+454sZ592Xeo122UXGnNtRiKjUQtRUTzenDLRzHuEw01yIzcSYApstFLHpkvdLNjEwjFnq5Y43Fx3KxqWNVsjtlY5xbUwxhwsMmfsOnAOwdnbc+182ffr8v14/ME5v9/x/Ut5Xi9/Py+uq1CW/sP0D2Xpf5z+oSz9j9c/lKX/a/UPZek/XP9Qlv6/oH8oS/8T9A9l6f+L+oey9H+d/qEs/X9J/1CW/r+sfyhL/xP1D2Xp/3r9Q1n6j9A/lKX/G/QPZel/kv6hLP1H6h/K0v9k/UNZ+o/SP5Sl/6/oH8rSf7T+oSz936h/KEv/X9U/lKX/GP1DWfq/Sf9Qlv5v1j+Upf+v6R/K0v8t+oey9B+rfyhL/1P0D2XpP07/UJb+p+ofytL/NP1DWfqfrn8oS//x+oey9D9D/1CW/mfqH8rSf4L+oSz9z9I/lKV/m/6hLP3P1j+Upf85+oey9D9X/1CW/ufpH8rSv13/UJb+b9U/lKX/2/QPZel/vv6hLP3frn8oS/8L9A9l6T9R/1CW/hfqH8rS/yL9Q1n6v0P/UJb+F+sfytL/nfqHsvS/RP9Qlv6X6h/K0v8y/UNZ+l+ufyhL/yv0D2Xpf6X+oSz9r9I/lKX/JP1DWfpfrX8oS//J+oey9J+ifyhL/w79Q1n6T9U/lKX/NP1DWfpP1z+Upf8M/UNZ+r9L/1CW/tfoH8rSf6b+oSz9Z+kfytJ/tv6hLP3n6B/K0v9a/UNZ+s/VP5Sl/zz9Q1n6z9c/lKX/Av1DWfpfp38oS/+F+oey9H+3/qEs/RfpH8rSf7H+oSz9l+gfytL/ev1DWfq/R/9Qlv436B/K0v9G/UNZ+i/VP5Sl/zL9Q1n6L9c/lKX/r+sfytL/N/QPZem/Qv9Qlv7v1T+Upf9v6h/K0v99+oey9H+//qEs/W/SP5Sl/836h7L0v0X/UJb+v6V/KEv/lfqHsvT/bf1DWfr/jv6hLP1v1T+Upf9t+oey9P9d/UNZ+n9A/1CW/rfrH8rS/w79Q1n636l/KEv/39M/lKX/7+sfytL/Lv1DWfp/UP9Qlv4f0j+Upf8q/UNZ+q/WP5Sl/x/oH8rS/w/1D2Xpf7f+oSz91+gfytL/Hv1DWfp/WP9Qlv4f0T+Upf9a/UNZ+t+rfyhL/z/SP5Sl/zr9Q1n6/7H+oSz979M/lKX/n+gfytL/fv1DWfp/VP9Qlv5/qn8oS/+P6R/K0v/j+oey9P+E/qEs/f9M/1CW/p/UP5Sl/wP6h7L0X69/KEv/B/UPZen/5/qHsvTfoH8oS/+H9A9l6f8X+oey9P9L/UNZ+j+sfyhL/7/SP5Sl/6f0D2Xp/2n9Q1n6f0b/UJb+n9U/lKX/5/QPZen/1/qHsvT/vP6hLP2/oH8oS/+N+oey9P+i/qEs/f9G/1CW/pv0D2Xp/4j+oSz9v6R/KEv/L+sfytL/Uf1DWfp/Rf9Qlv5f1T+Upf/f6h/K0v8x/UNZ+n9N/1CW/n+nfyhL/6/rH8rS/+/1D2Xpv1n/UJb+39A/lKX/Fv1DWfr/g/6hLP3/Uf9Qlv7f1D+Upf8/6R/K0v9b+oey9P+2/qEs/b+jfyhL/8f1D2Xp/8/6h7L0f0L/UJb+T+ofytJ/q/6hLP2f0j+Upf+/6B/K0v+7+oey9P9X/UNZ+n9P/1CW/tv0D2Xp/7T+oSz9v69/KEv/7fqHsvT/N/1DWfrv0D+Upf+/6x/K0v8Z/UNZ+v+H/qEs/XfqH8rSf5f+oSz9/1P/UJb+P9A/lKX/bv1DWfr/UP9Qlv7P6h/K0v9H+oey9H9O/1CW/v+lfyhL/+f1D2Xp/2P9Q1n679E/lKT/K1v6h7L076d/KEv//vqHsvQfoH8oS/+B+oey9B+kfyhL/8H6h7L0H6J/KEv/ofqHsvR/mf6hLP0P0z+Upf/L9Q9l6f8K/UNZ+h+ufyhL/5/RP5Sl/xH6h15y/QEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP6/mb94yTWTZs7smOcb3/jGN/u/ebH/zQQAAPxf+8mH/hf77wQAAAAAAAAAAAAAAAAAAADyauL/TuzF/mcEAAAAAAAAAAAAAICfdm3tp24f0O+gpwYc+ODnH+3Y+3XU7ounr137YOn+2vXjc4KX7H/ggz179uxZ/czY8V0Ph7Rarc7/tVd2PR7a87jz9Zcdu+rofY/KuM/f+fgVEw8/d9762wZ+Y/Ut7U8P2vvsoNZVU2fM7HhD/1arnD6otajzwUn9Wq1y5qDWrZ0PRnY+mDCota7zwcl7H7ys9ZnOB6+fPGfmlM4nzqr8ewYvFW3ty1oDDlps66B/Gxy4/2XHPjG9+2svL9n9agNbXfsftv5LR/X4WbcX2H/365dTe+6/z/+AwAvq2/6f3dL9tZeX/B/v/x/etHtJ9LMX3n/365fT7B/qE3z+P2ijPT/39/j8/5rgJfffnzJ00+2d+2+78L5Xdz018H/z+f8nr19O77n//gd9/u/8HD+++/P/kFarnHGIvx2QSlv78u29vf/3vv+BP9fjpt+B+7/nK1tf0bn/e59rreh6alAf9z++t/f/m3r8vQJ909a+Zk+P9/8+7L81PHjJ/fvftv7wvZ//t94/+cgDftaX/Z/Rc/8jFsy6dsT8xUtOnDFr0rSOaR2zx4wcfdKoMWNGjx6x9xPBvl8P8TcFkji09//WYT1u+rVaHfvvN953y/jO/e94aMVHup4a2sf9n9nr+/9rvP9DaFj/1uDBrUWTFiyYd9K+X7sfjtz3676/LNh/H/77/7gTuv6y7j8z7NdqHb3/fvgVY4Z07v/6uWVD11OD+7j/Cb3uf9zBf1YJ9M0hvv9P6XFz0P5P2Xbjws79H/+DV23teqqv//1/Vq/7v9v7PxyKtvZWrW+infs/ecjys6tdlzZ//gf1aWL/x+68dVe163K2/UN9mtj/xJVvvrradTnH/qE+Tez/wVlXrqx2Xc61f6hPE/t//md3HVPtupxn/1CfJvb/2HefWlvturTbP9Snif1/8K72k6tdl7faP9Snif2feN0Px1a7Lm+zf6hPE/uf+vIL1lW7LufbP9Snif2fvee0I6tdl7fbP9Snif33W/69ZdWuywX2D/VpYv9PTlo5p9p1mWj/UJ8m9r/u2OHPVrsuF9o/1KeJ/a94+o0Tql2Xi+wf6tPE/r96x6rHql2Xd9g/1KeJ/X/isletqnZdLrZ/qE8T+//RsIcOq3Zd3mn/UJ8m9r9587oHql2XS+wf6tPE/levGzCs2nW51P6hPk3sf+lZ0x6tdl0us3+oTxP7HzX6y5dWuy6X2z/Up4n9H/25bz1V7bpcYf9Qnyb2f8HDC+dXuy5X2j/Up4n9Lzzm4z+udl2usn+oTxP7f0vHMdOrXZdJ9g/1aWL/5bbDNle7LlfbP9Snif1fsmPNuGrXZbL9Q32a2P+GI77wsWrXZYr9Q32a2P/OubPHVLsuHfYP9Wli/99579L3VbsuU+0f6tPE/m9/7uul2nWZZv9Qnyb2v23kJZdVuy7T7R/q08T+15z7zCPVrssM+4f6NLH/lRseX1DturzL/qE+Tex/48Zznqh2Xa6xf6hPE/s/fviIw6tdl5n2D/VpYv9zLl7xoWrXZZb9Q32a2P/p99/x2mrXZbb9Q32a2P/Qr439ZLXrMsf+oT5N7P/TY9//qWrX5Vr7h/o0sf9d4447odp1mWv/UJ8m9r/lgZF3Vrsu8+wf6tPE/j/wyF0Vr8t8+4f6NLH/ua97fke167LA/qE+Tez/TRMvWlztulxn/1CfJvZ/5N0Tvljtuiy0f6hPE/u//NvfP7/adXm3/UN9mtj/cUdd/epq12WR/UN9mtj/9Bmbbq52XRbbP9Snif2PX71lVLXrssT+oT5N7P+IJ+ffU+26XG//UJ8m9r99wFHnVbsu77F/qE8T+7/3hoe/We263GD/UJ8m9n/zTR/tqHZdbrR/qE8T+//s7sE7q12XpfYPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/zQ4cCAAAAAAA+b82QlVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVRV24EAAAAAAAMj/tRGqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsAPHAgAAAADC/K2D6N0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICjAAAA//8mu+jL")
creat(&(0x7f00000000c0)='./file1\x00', 0x17d)

1.386820229s ago: executing program 1 (id=1506):
syz_emit_ethernet(0x2a, &(0x7f0000000100)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0x800001c, @multicast1}, {0x0, 0x17c1, 0x8}}}}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x81}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000070000000000000000800027350000007500000095"], 0x0, 0xbb5, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x9}, 0x94)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x7c}}, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$netlink(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)}, 0x8000)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x16, 0x16, &(0x7f00000004c0)=ANY=[@ANYBLOB="61124c00000000006113500000000000bf2000000000000007000000180000003d030100000000009500f000000000006926000000000000bf67000000000000560602000fff07007706000020000000170200000ee60000bf250000000000002d350000000000006507000002080000070700004c0000001f75000000000000bf54000000000000070400000400f9ffad35010000000000840400000000000014000000100000009500000000000000db13d5d8b741f2cd"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector}, 0x94)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r2 = accept4(r1, 0x0, 0x0, 0x800)
sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}, {&(0x7f0000000140)}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11", 0xce}], 0x3, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r3, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r4, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

1.270401006s ago: executing program 1 (id=1507):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r1, &(0x7f0000000040), 0x0, 0x40800)
recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x32}}, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
getsockname$packet(r4, &(0x7f0000000140)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x28a)
sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="3800000010000507000000000004000000000000", @ANYRES32=r5, @ANYBLOB="0000000a010000001800120008000100736974000c00020008000300"], 0x38}}, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000880)=ANY=[@ANYBLOB="40000000100039042abd7000eaffff000003e400", @ANYRES32=r6, @ANYBLOB="03000000c31006002000128008000100736974001400028008000300ac1414bb08001400"], 0x40}, 0x1, 0x0, 0x0, 0x8000}, 0x4008040)

1.120126934s ago: executing program 1 (id=1508):
r0 = socket$alg(0x26, 0x5, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x0}, 0x94)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, 0x0, 0x0)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bind$alg(r0, &(0x7f0000000440)={0x26, 'hash\x00', 0x0, 0x0, 'sha256\x00'}, 0x58)
r4 = accept$alg(r0, 0x0, 0x0)
r5 = dup(r4)
r6 = open(&(0x7f00000000c0)='./file1\x00', 0x12fbc2, 0x0)
ftruncate(r6, 0x200004)
sendfile(r5, r6, 0x0, 0x80001d00c0d5)

153.767931ms ago: executing program 3 (id=1509):
socket$inet_udplite(0x2, 0x2, 0x88)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x803, 0x2)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r3)
getsockname$packet(r3, &(0x7f00000001c0)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r4, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000005840)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000740)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{}, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0xa7}}}}]}, 0x78}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=@newtfilter={0x54, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {}, {0xd}}, [@filter_kind_options=@f_basic={{0xa}, {0x24, 0x2, [@TCA_BASIC_EMATCHES={0x20, 0x2, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0xffff}}, @TCA_EMATCH_TREE_LIST={0x14, 0x2, 0x0, 0x1, [@TCF_EM_NBYTE={0x10, 0x1, 0x0, 0x0, {{0x3}, {0x0, 0x0, 0x2}}}]}]}]}}]}, 0x54}, 0x1, 0x0, 0x0, 0x400c040}, 0x0)

153.263361ms ago: executing program 1 (id=1510):
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net\x00')
fchdir(r0)
exit(0xffff)
mount(0x0, &(0x7f0000000000)='./cgroup\x00', 0x0, 0x208040, 0x0)

745.439µs ago: executing program 4 (id=1511):
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000008c0)=@bpf_tracing={0x1a, 0x0, 0x0, &(0x7f0000000040)='GPL\x00', 0x5455, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, 0x1c, 0xffffffffffffffff, 0x8, &(0x7f0000000340)={0x2, 0x1}, 0x8, 0x10, 0x0, 0x0, 0x1772a, 0xffffffffffffffff, 0x1, &(0x7f0000000700)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000000880)=[{0x4, 0x4, 0xf}], 0x10, 0x11d}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
openat$sw_sync(0xffffffffffffff9c, 0x0, 0xf6081, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
creat(&(0x7f0000000080)='./file0\x00', 0xecf86c37d53049cc)
mount$nfs4(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='tcp'])

0s ago: executing program 3 (id=1512):
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, &(0x7f00000001c0)={0x0, 0x2}, 0x8)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f0000000240)={0x0, 0x20, 0x30}, 0xc)
bind$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty}, 0x1c)
sendto$inet6(0xffffffffffffffff, &(0x7f0000000180)='\x00', 0x1, 0x24000010, &(0x7f0000000200)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(0xffffffffffffffff, &(0x7f0000000c80)="7cffa9061b2f8b082b6f69ae50430c8a8b6aa3162ba083c4a52e1ab0ac50ed4a19b1a69988000d5bed4433daaa4932dbb1cb3550dee8b23579d76ce37d574b43fca1eed8ebd38d1303240ed0d84517692128dd5aef5c4d60a6659952a1437c6f0ac3ed75806011ccbaa504f41a7e0abcf8823bc4a71ef8c52c2b297b539eaf752c56ebfe9b0542543069257dafcbf76c958d4cbf4eaaa67c5c2bd9e6518be34b56add7613ab83d389724b664e62c154e1a5aac073a53a0e8cadcf51ef495ebbcc77d5e36ff24c3f282289cc077374b714e08fbfecbdc8f14ef3fd409af4caf6fcb7d663beab335f239a1e93b399c93d7c036e1b39a7c477945f82b6dde53b1c21b590a58ba688ac4fb530d2c5b1195a127d2eaec840ab59f090d7047c278611e080cebe7b28588c11a44be99fe6f88c73441bf625b70565669997f4c3cda5afe1d6429908a69a459d35ba8c2f28076d8711f2667de749a783fac94ebd02680f20fb723c35c287a1f45064846385750665ffa74579083fbb1b1d6b7c90168252b1c5313544569203e7adb8e271a94f7413e5cfd6aa3157c4fc29bddba3683fcd032aecb513b2f27530fbefa0000000000000003c058e812d8db87de5e3eceae268b91f7d59daf77646fa4df99877dd5a9540934c7af91b96486eea62897be6acbe1bae8e46b112f1385e7cea9e4daccc6f1b98ce3b4322af8299a45ddcb5be8d3e469fdde9896ca324a2f3c88c616a7dccde331698ce2d39f96220251011b4dfbec953b5c30e94adb5586cec0af234859805bb7df1101ae80318ff127e913178d79cfa918d54585b6184255e872e2dc33a5c7c30a756bbd63c32a3e6a22863781747d185acb64583976c4289394d642b07d18e2932d0a78bd2ccf92b3e94e82f1e9239fa272402f4c9efcf068709a44d6f652a4f23df89f9a15e6bf0c7e65d8f3e32c35e83d30298074d16cb5ff4ded1df81009bbae888fceb9a8109ba319605e1776e52d2069b5cd7de07cf8dc488ba6a9c7559ff49674a490991f323736f302004007d0ccf2e5eaceac6b56f48f2b00592d7a378f118d8b3e5ecd2035c8252374c91bc79cf26ac11ddffe2c09e1aa032da0713732387f950e3f4e301eb1d26e5a2b19318e50d555c832e279894d8c9b03e8940738c0fe391b29907d0d5f9214d6e697a19247f4e8221aca2ac47debd7c45b8344941cbecbaf44af343b24a4f88caf207d72002fb8b7d156997cb7275f535e6a9d6480046246e60bea0cf6f54abc69ff9418b6cb9301eb6890227215b633a886fb13c89698e51e482c42ca99613b20e22e5ce15272f5bda8b18cf53d49130a94135dd8a9692c", 0x34000, 0xbcff, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f0000000080), 0xc)
writev(0xffffffffffffffff, &(0x7f0000001300)=[{&(0x7f0000000100)='^', 0xfdef}], 0x1)

kernel console output (not intermixed with test programs):

y change from 0 to 8
[   67.813791][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   68.707971][ T5781] Bluetooth: hci2: command tx timeout
[   68.721051][ T5781] Bluetooth: hci1: command tx timeout
[   68.727242][ T5781] Bluetooth: hci3: command tx timeout
[   68.745275][ T5781] Bluetooth: hci0: command tx timeout
[   68.875131][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   68.884136][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   69.194759][    T0] NOHZ tick-stop error: local softirq work is pending, handler #c2!!!
[   69.672148][    T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!!
[   69.780188][ T5855] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[   69.791626][   T23] cfg80211: failed to load regulatory.db
[   69.961776][ T5903] loop2: detected capacity change from 0 to 2048
[   70.006672][ T5903] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[   70.238927][ T5855] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   70.263562][ T5855] usb 2-1: New USB device found, idVendor=056e, idProduct=010d, bcdDevice= 0.00
[   70.272806][ T5855] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   70.299306][ T5855] usb 2-1: config 0 descriptor??
[   70.359926][ T5909] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[   70.369213][ T5909] overlayfs: missing 'lowerdir'
[   71.034509][    T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!!
[   71.104652][    T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!!
[   71.134512][    T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!!
[   71.164367][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[   71.384968][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[   72.615517][ T1287] ieee802154 phy0 wpan0: encryption failed: -22
[   72.622137][ T1287] ieee802154 phy1 wpan1: encryption failed: -22
[   72.762218][ T5855] usbhid 2-1:0.0: can't add hid device: -71
[   72.768607][ T5855] usbhid: probe of 2-1:0.0 failed with error -71
[   72.780655][ T5924] netlink: 32 bytes leftover after parsing attributes in process `syz.3.19'.
[   72.813506][ T5855] usb 2-1: USB disconnect, device number 2
[   74.048911][ T5942] loop3: detected capacity change from 0 to 256
[   74.101960][ T5942] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   74.224309][ T5942] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   77.091746][ T5970] loop1: detected capacity change from 0 to 1024
[   77.115527][ T5970] EXT4-fs: Ignoring removed nobh option
[   77.144502][ T5970] EXT4-fs: Ignoring removed nomblk_io_submit option
[   77.276391][ T5970] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   77.557576][ T5771] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   77.712389][ T5977] loop2: detected capacity change from 0 to 164
[   77.760776][ T5977] =======================================================
[   77.760776][ T5977] WARNING: The mand mount option has been deprecated and
[   77.760776][ T5977]          and is ignored by this kernel. Remove the mand
[   77.760776][ T5977]          option from the mount to silence this warning.
[   77.760776][ T5977] =======================================================
[   77.886887][ T5977] rock: directory entry would overflow storage
[   77.895482][ T5977] rock: sig=0x4f50, size=4, remaining=3
[   77.913804][ T5977] iso9660: Corrupted directory entry in block 5 of inode 1792
[   78.359219][ T5986] loop2: detected capacity change from 0 to 512
[   78.522638][ T5985] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(5)
[   78.529419][ T5985] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[   78.538249][ T5985] vhci_hcd vhci_hcd.0: Device attached
[   78.566868][ T5986] EXT4-fs error (device loop2): ext4_orphan_get:1398: inode #15: comm syz.2.40: inode has both inline data and extents flags
[   78.586896][ T5986] EXT4-fs error (device loop2): ext4_orphan_get:1403: comm syz.2.40: couldn't read orphan inode 15 (err -117)
[   78.605938][ T5986] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   78.834601][   T23] usb 37-1: new low-speed USB device number 2 using vhci_hcd
[   78.996377][ T5987] vhci_hcd: connection reset by peer
[   79.013588][ T3549] vhci_hcd: stop threads
[   79.129020][ T3549] vhci_hcd: release socket
[   79.253587][ T3549] vhci_hcd: disconnect device
[   79.514366][    C0] sched: RT throttling activated
[   80.301805][ T5773] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   81.266925][ T5994] process 'syz.3.43' launched '/dev/fd/3' with NULL argv: empty string added
[   81.726768][ T6007] PKCS7: Unknown OID: [4] 0.38.35.0.951690.11253
[   81.733394][ T6007] PKCS7: Only support pkcs7_signedData type
[   82.816911][ T6020] loop3: detected capacity change from 0 to 16
[   82.956846][ T6020] erofs: (device loop3): mounted with root inode @ nid 36.
[   83.030033][ T6020] erofs: (device loop3): z_erofs_read_folio: read error -117 @ 0 of nid 36
[   83.084657][ T6020] erofs: (device loop3): erofs_readdir: fail to readdir of logical block 0 of nid 36
[   84.634146][   T23] vhci_hcd: vhci_device speed not set
[   85.404740][ T6040] loop2: detected capacity change from 0 to 512
[   85.425961][ T6040] EXT4-fs: Ignoring removed i_version option
[   85.455636][ T6040] EXT4-fs: Ignoring removed nobh option
[   85.498613][ T6040] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   85.547497][ T6040] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   85.612059][ T6040] EXT4-fs (loop2): 1 truncate cleaned up
[   85.660725][ T6040] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   85.816644][ T5773] EXT4-fs error (device loop2): ext4_readdir:263: inode #11: block 54: comm syz-executor: path /14/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[   85.842876][ T5773] EXT4-fs error (device loop2): ext4_empty_dir:3177: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[   85.920271][ T5773] EXT4-fs error (device loop2): ext4_readdir:263: inode #11: block 54: comm syz-executor: path /14/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[   86.096130][ T5773] EXT4-fs error (device loop2): ext4_empty_dir:3177: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[   86.145039][ T5773] EXT4-fs error (device loop2): ext4_readdir:263: inode #11: block 54: comm syz-executor: path /14/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[   86.237903][ T5773] EXT4-fs error (device loop2): ext4_empty_dir:3177: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[   86.527494][ T5773] EXT4-fs error (device loop2): ext4_readdir:263: inode #11: block 54: comm syz-executor: path /14/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[   86.842582][ T5773] EXT4-fs error (device loop2): ext4_empty_dir:3177: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[   86.869809][ T5773] EXT4-fs error (device loop2): ext4_readdir:263: inode #11: block 54: comm syz-executor: path /14/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[   86.963945][ T5773] EXT4-fs error (device loop2): ext4_empty_dir:3177: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[   87.016070][ T6060] loop3: detected capacity change from 0 to 24
[   87.023034][ T6060] MTD: Attempt to mount non-MTD device "/dev/loop3"
[   87.071927][ T6060] romfs: bad initial checksum on dev loop3.
[   87.115998][ T5762] udevd[5762]: incorrect romfs checksum on /dev/loop3
[   88.992527][ T5773] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   89.066527][ T3490] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   89.701329][ T3490] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   90.156914][ T3490] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   90.361426][ T3490] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   90.435253][ T5781] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   90.444880][ T5781] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   90.453939][ T5781] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   90.464051][ T5781] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   90.482622][ T5781] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[   90.490254][ T5781] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   90.620207][ T6094] loop1: detected capacity change from 0 to 4096
[   91.002883][ T6093] chnl_net:caif_netlink_parms(): no params data found
[   92.011926][ T6108] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[   92.606795][ T6093] bridge0: port 1(bridge_slave_0) entered blocking state
[   92.629693][   T51] Bluetooth: hci3: command tx timeout
[   92.636996][ T6093] bridge0: port 1(bridge_slave_0) entered disabled state
[   92.765044][ T6093] bridge_slave_0: entered allmulticast mode
[   92.797645][ T6093] bridge_slave_0: entered promiscuous mode
[   92.899895][ T6093] bridge0: port 2(bridge_slave_1) entered blocking state
[   92.970063][ T6093] bridge0: port 2(bridge_slave_1) entered disabled state
[   93.007562][ T6093] bridge_slave_1: entered allmulticast mode
[   93.499541][ T6093] bridge_slave_1: entered promiscuous mode
[   94.013483][ T6136] platform regulatory.0: loading /lib/firmware/regulatory.db failed with error -12
[   94.023740][ T6136] platform regulatory.0: Direct firmware load for regulatory.db failed with error -12
[   94.040148][ T6136] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[   94.077137][   T27] audit: type=1800 audit(1769315970.828:2): pid=6136 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.79" name="regulatory.db" dev="sda1" ino=448 res=0 errno=0
[   94.149620][ T6136] syz.0.79 (6136) used greatest stack depth: 20624 bytes left
[   94.235507][ T6093] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   94.273634][ T6093] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   94.608854][ T6093] team0: Port device team_slave_0 added
[   94.647322][ T6093] team0: Port device team_slave_1 added
[   94.671037][ T5781] Bluetooth: hci3: command tx timeout
[   95.155156][ T6093] batman_adv: batadv0: Adding interface: batadv_slave_0
[   95.242816][ T6093] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   95.376460][ T6093] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   95.447784][ T6186] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[   95.477044][ T6093] batman_adv: batadv0: Adding interface: batadv_slave_1
[   95.484040][ T6093] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   95.492677][ T6186] overlayfs: missing 'lowerdir'
[   95.639442][ T6093] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   96.229678][ T6192] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   96.501933][ T6192] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   96.749218][ T5781] Bluetooth: hci3: command tx timeout
[   96.783279][ T6093] hsr_slave_0: entered promiscuous mode
[   96.814124][ T6093] hsr_slave_1: entered promiscuous mode
[   96.854768][ T6093] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   96.862383][ T6093] Cannot create hsr debugfs directory
[   96.965482][ T6192] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   97.168730][ T6192] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   97.332562][ T3490] hsr_slave_0: left promiscuous mode
[   97.340860][ T3490] hsr_slave_1: left promiscuous mode
[   97.353768][ T3490] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   97.366340][ T3490] batman_adv: batadv0: Removing interface: batadv_slave_0
[   97.376360][ T3490] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   97.386972][ T3490] batman_adv: batadv0: Removing interface: batadv_slave_1
[   97.396978][ T3490] bridge_slave_1: left allmulticast mode
[   97.402698][ T3490] bridge_slave_1: left promiscuous mode
[   97.413357][ T3490] bridge0: port 2(bridge_slave_1) entered disabled state
[   97.440129][ T3490] bridge_slave_0: left allmulticast mode
[   97.453145][ T3490] bridge_slave_0: left promiscuous mode
[   97.464703][ T3490] bridge0: port 1(bridge_slave_0) entered disabled state
[   97.516588][ T3490] veth1_macvtap: left promiscuous mode
[   97.522588][ T3490] veth0_macvtap: left promiscuous mode
[   97.564327][ T3490] veth1_vlan: left promiscuous mode
[   97.570040][ T3490] veth0_vlan: left promiscuous mode
[   98.824671][ T5781] Bluetooth: hci3: command tx timeout
[   99.337774][ T3490] team0 (unregistering): Port device team_slave_1 removed
[   99.407112][ T3490] team0 (unregistering): Port device team_slave_0 removed
[   99.506030][ T3490] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   99.615222][ T3490] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  100.035418][ T3490] bond0 (unregistering): Released all slaves
[  100.143958][   T27] audit: type=1800 audit(1769315976.958:3): pid=6245 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.90" name="regulatory.db" dev="sda1" ino=448 res=0 errno=0
[  100.144255][ T6245] platform regulatory.0: loading /lib/firmware/regulatory.db failed with error -12
[  100.202157][ T6245] platform regulatory.0: Direct firmware load for regulatory.db failed with error -12
[  100.224626][ T6245] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  100.249754][ T6192] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  100.294141][ T6192] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  100.350861][ T6192] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  100.433072][ T6192] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  100.801559][ T6093] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  100.870803][ T6093] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  100.892692][ T6093] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  100.928058][ T6093] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  101.150575][ T6093] 8021q: adding VLAN 0 to HW filter on device bond0
[  101.203427][ T6093] 8021q: adding VLAN 0 to HW filter on device team0
[  101.234036][ T2964] bridge0: port 1(bridge_slave_0) entered blocking state
[  101.241268][ T2964] bridge0: port 1(bridge_slave_0) entered forwarding state
[  101.289940][ T2964] bridge0: port 2(bridge_slave_1) entered blocking state
[  101.297187][ T2964] bridge0: port 2(bridge_slave_1) entered forwarding state
[  102.157216][ T6093] 8021q: adding VLAN 0 to HW filter on device batadv0
[  103.170802][ T6093] veth0_vlan: entered promiscuous mode
[  103.213234][ T6093] veth1_vlan: entered promiscuous mode
[  103.280887][ T6093] veth0_macvtap: entered promiscuous mode
[  103.302288][ T6093] veth1_macvtap: entered promiscuous mode
[  103.359077][ T6093] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  103.410093][ T6093] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  103.434657][ T6093] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  103.461598][ T6093] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  103.487399][ T6093] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  103.507915][ T6093] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  103.520700][ T6093] batman_adv: batadv0: Interface activated: batadv_slave_0
[  103.581102][ T6093] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  103.601861][ T6093] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  103.631552][ T6093] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  103.664572][ T6093] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  103.690815][ T6093] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  103.714641][ T6093] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  103.739758][ T6093] batman_adv: batadv0: Interface activated: batadv_slave_1
[  103.770084][ T6093] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  103.800149][ T6093] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  103.826131][ T6093] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  103.847621][ T6093] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  104.124139][ T2964] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  104.142509][ T6321] syz.3.100 (6321) used greatest stack depth: 17576 bytes left
[  104.149595][ T2964] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  104.246809][ T2951] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  104.304979][ T2951] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  112.344971][ T6479] binder: 6469:6479 ioctl 4018620d 0 returned -22
[  112.359162][ T6479] binder: 6469:6479 unknown command 1074553619
[  112.365444][ T6479] binder: 6469:6479 ioctl c0306201 200000000540 returned -22
[  114.074631][ T6495] netlink: 28 bytes leftover after parsing attributes in process `syz.3.136'.
[  114.124591][ T6495] netlink: 8 bytes leftover after parsing attributes in process `syz.3.136'.
[  114.282028][ T6499] loop1: detected capacity change from 0 to 256
[  114.456127][ T6499] FAT-fs (loop1): Directory bread(block 64) failed
[  114.472946][ T6499] FAT-fs (loop1): Directory bread(block 65) failed
[  114.499990][ T6499] FAT-fs (loop1): Directory bread(block 66) failed
[  114.517651][ T6499] FAT-fs (loop1): Directory bread(block 67) failed
[  114.538826][ T6499] FAT-fs (loop1): Directory bread(block 68) failed
[  114.565624][ T6499] FAT-fs (loop1): Directory bread(block 69) failed
[  114.582545][ T6499] FAT-fs (loop1): Directory bread(block 70) failed
[  114.624519][ T6499] FAT-fs (loop1): Directory bread(block 71) failed
[  114.631701][ T6499] FAT-fs (loop1): Directory bread(block 72) failed
[  114.684466][ T6499] FAT-fs (loop1): Directory bread(block 73) failed
[  115.061457][ T6509] loop4: detected capacity change from 0 to 4096
[  115.408628][ T6513] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  116.270701][ T6501] loop3: detected capacity change from 0 to 32768
[  116.421782][ T6501] JBD2: Ignoring recovery information on journal
[  116.723885][ T6501] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  117.016957][ T6534] binder: 6531:6534 ioctl 4018620d 0 returned -22
[  117.024798][ T6534] binder: 6531:6534 unknown command 1074553619
[  117.031003][ T6534] binder: 6531:6534 ioctl c0306201 200000000540 returned -22
[  118.071254][ T5774] ocfs2: Unmounting device (7,3) on (node local)
[  119.343294][ T6558] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  119.442913][ T6558] netlink: 12 bytes leftover after parsing attributes in process `syz.3.145'.
[  121.247513][ T6581] binder: 6578:6581 ioctl 4018620d 0 returned -22
[  121.255309][ T6581] binder: 6578:6581 unknown command 1074553619
[  121.261506][ T6581] binder: 6578:6581 ioctl c0306201 200000000540 returned -22
[  126.927716][ T6661] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  126.936730][ T6661] overlayfs: missing 'lowerdir'
[  131.427688][   T27] audit: type=1326 audit(1769316008.238:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6701 comm="syz.4.179" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f131bf9acb9 code=0x7ffc0000
[  131.489434][   T27] audit: type=1326 audit(1769316008.238:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6701 comm="syz.4.179" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f131bf9acb9 code=0x7ffc0000
[  131.573790][   T27] audit: type=1326 audit(1769316008.248:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6701 comm="syz.4.179" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f131bf9acb9 code=0x7ffc0000
[  131.677240][   T27] audit: type=1326 audit(1769316008.248:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6701 comm="syz.4.179" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f131bf9acb9 code=0x7ffc0000
[  131.729756][   T27] audit: type=1326 audit(1769316008.248:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6701 comm="syz.4.179" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f131bf9acb9 code=0x7ffc0000
[  131.783155][   T27] audit: type=1326 audit(1769316008.248:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6701 comm="syz.4.179" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f131bf9acb9 code=0x7ffc0000
[  131.900532][   T27] audit: type=1326 audit(1769316008.248:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6701 comm="syz.4.179" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f131bf9acb9 code=0x7ffc0000
[  131.937307][   T27] audit: type=1326 audit(1769316008.248:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6701 comm="syz.4.179" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f131bf9acb9 code=0x7ffc0000
[  132.080480][   T27] audit: type=1326 audit(1769316008.248:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6701 comm="syz.4.179" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f131bf9acb9 code=0x7ffc0000
[  133.037580][ T6723] loop4: detected capacity change from 0 to 4096
[  133.140976][ T1287] ieee802154 phy0 wpan0: encryption failed: -22
[  133.159484][ T1287] ieee802154 phy1 wpan1: encryption failed: -22
[  133.318814][ T6723] ntfs3: loop4: Mark volume as dirty due to NTFS errors
[  133.632927][ T6723] ntfs3: loop4: Failed to load $Extend (-22).
[  133.639617][ T6723] ntfs3: loop4: Failed to initialize $Extend.
[  136.705690][ T6759] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  136.714624][ T6759] overlayfs: missing 'lowerdir'
[  141.419430][ T6833] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  141.428375][ T6833] overlayfs: missing 'lowerdir'
[  142.460631][ T6840] loop3: detected capacity change from 0 to 764
[  142.630031][ T6840] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  142.747871][ T6847] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[  143.909827][ T6851] loop1: detected capacity change from 0 to 512
[  143.962247][ T6851] ext3: Bad value for 'mb_optimize_scan'
[  149.144012][ T6896] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  149.152946][ T6896] overlayfs: missing 'lowerdir'
[  150.292555][ T6905] loop1: detected capacity change from 0 to 2048
[  153.274577][ T6943] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  153.283491][ T6943] overlayfs: missing 'lowerdir'
[  153.803329][ T6955] loop4: detected capacity change from 0 to 8
[  153.941629][ T6955] SQUASHFS error: lzo decompression failed, data probably corrupt
[  153.981109][ T6955] SQUASHFS error: Failed to read block 0x91: -5
[  153.988687][ T6955] SQUASHFS error: Unable to read metadata cache entry [8f]
[  154.004456][ T6955] SQUASHFS error: Unable to read inode 0x11f
[  154.040101][ T6957] Bluetooth: MGMT ver 1.22
[  154.111086][ T6955] loop4: detected capacity change from 0 to 512
[  154.142346][ T6955] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  154.201719][ T6955] EXT4-fs warning (device loop4): ext4_expand_extra_isize_ea:2852: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  154.269323][ T6955] EXT4-fs (loop4): 1 truncate cleaned up
[  154.276516][ T6955] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  154.523722][ T6093] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  155.983753][ T6984] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  155.992622][ T6984] overlayfs: missing 'lowerdir'
[  156.037543][ T6987] binder: 6979:6987 ioctl 4018620d 0 returned -22
[  156.049079][ T6987] binder: 6979:6987 unknown command 1074553619
[  156.055403][ T6987] binder: 6979:6987 ioctl c0306201 200000000540 returned -22
[  157.025407][ T6992] loop0: detected capacity change from 0 to 16
[  157.236804][ T6992] erofs: (device loop0): mounted with root inode @ nid 36.
[  158.245036][ T6998] loop1: detected capacity change from 0 to 512
[  161.373788][ T6998] EXT4-fs error (device loop1): ext4_orphan_get:1398: inode #15: comm syz.1.240: inode has both inline data and extents flags
[  161.388995][ T6998] EXT4-fs error (device loop1): ext4_orphan_get:1403: comm syz.1.240: couldn't read orphan inode 15 (err -117)
[  161.408026][ T6998] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  161.479282][ T6998] Zero length message leads to an empty skb
[  161.577537][ T6996] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(5)
[  161.584106][ T6996] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  161.591950][ T6996] vhci_hcd vhci_hcd.0: Device attached
[  161.954647][ T5778] usb 35-1: new low-speed USB device number 2 using vhci_hcd
[  163.154849][ T6997] vhci_hcd: connection reset by peer
[  163.161127][ T2922] vhci_hcd: stop threads
[  163.165838][ T2922] vhci_hcd: release socket
[  163.170282][ T2922] vhci_hcd: disconnect device
[  163.201647][ T5771] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  165.464072][ T7031] loop0: detected capacity change from 0 to 128
[  165.578898][ T7031] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  165.592814][ T7031] hpfs: filesystem error: improperly stopped
[  165.599188][ T7031] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  165.607195][ T7031] hpfs: You really don't want any checks? You are crazy...
[  165.616670][ T7031] hpfs: hpfs_map_sector(): read error
[  165.622642][ T7031] hpfs: code page support is disabled
[  165.630412][ T7031] hpfs: hpfs_map_4sectors(): unaligned read
[  165.637355][ T7031] hpfs: hpfs_map_4sectors(): unaligned read
[  165.643473][ T7031] hpfs: filesystem error: unable to find root dir
[  165.900404][ T7034] loop3: detected capacity change from 0 to 16
[  165.920102][ T7034] erofs: (device loop3): mounted with root inode @ nid 36.
[  165.945788][ T7034] erofs: (device loop3): z_erofs_do_map_blocks: inconsistent algorithmtype 0 for nid 36
[  166.006806][ T7034] erofs: (device loop3): z_erofs_fill_inode_lazy: invalid tail-packing pclustersize 65535
[  166.017912][ T7034] erofs: (device loop3): z_erofs_do_map_blocks: inconsistent algorithmtype 0 for nid 36
[  166.027892][ T7034] erofs: (device loop3): z_erofs_fill_inode_lazy: invalid tail-packing pclustersize 65535
[  166.038408][ T7034] erofs: (device loop3): z_erofs_read_folio: read error -117 @ 0 of nid 36
[  166.047177][ T7034] erofs: (device loop3): erofs_readdir: fail to readdir of logical block 0 of nid 36
[  166.073225][ T7034] erofs: (device loop3): z_erofs_do_map_blocks: inconsistent algorithmtype 0 for nid 36
[  166.083304][ T7034] erofs: (device loop3): z_erofs_fill_inode_lazy: invalid tail-packing pclustersize 65535
[  166.093371][ T7034] erofs: (device loop3): z_erofs_do_map_blocks: inconsistent algorithmtype 0 for nid 36
[  166.103208][ T7034] erofs: (device loop3): z_erofs_fill_inode_lazy: invalid tail-packing pclustersize 65535
[  166.113286][ T7034] erofs: (device loop3): z_erofs_read_folio: read error -117 @ 0 of nid 36
[  166.122002][ T7034] erofs: (device loop3): erofs_readdir: fail to readdir of logical block 0 of nid 36
[  166.162920][ T7035] netlink: 4 bytes leftover after parsing attributes in process `syz.3.250'.
[  167.450278][ T5778] vhci_hcd: vhci_device speed not set
[  168.209877][ T5781] Bluetooth: unknown link type 87
[  168.215357][ T5781] Bluetooth: hci2: connection err: -111
[  168.469543][ T7058] netlink: 772 bytes leftover after parsing attributes in process `syz.3.258'.
[  170.254192][ T7076] loop3: detected capacity change from 0 to 4096
[  170.341668][ T7076] ntfs3: loop3: Different NTFS sector size (2048) and media sector size (512).
[  171.059402][ T7093] binder: 7089:7093 ioctl 4018620d 0 returned -22
[  171.067061][ T7093] binder: 7089:7093 unknown command 1074553619
[  171.073250][ T7093] binder: 7089:7093 ioctl c0306201 200000000540 returned -22
[  171.863536][ T7098] loop0: detected capacity change from 0 to 4096
[  173.291861][ T7112] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  173.300973][ T7112] overlayfs: missing 'lowerdir'
[  174.706019][ T5902] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  174.894712][ T5902] usb 4-1: Using ep0 maxpacket: 16
[  174.910227][ T5902] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  174.931526][ T5902] usb 4-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  174.941743][ T5902] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  174.955824][ T5902] usb 4-1: config 0 descriptor??
[  175.665986][ T5902] mcp2221 0003:04D8:00DD.0001: collection stack underflow
[  175.683097][ T5902] mcp2221 0003:04D8:00DD.0001: item 0 4 0 12 parsing failed
[  175.702533][ T5902] mcp2221 0003:04D8:00DD.0001: can't parse reports
[  175.713749][ T5902] mcp2221: probe of 0003:04D8:00DD.0001 failed with error -22
[  176.657388][ T5836] usb 4-1: USB disconnect, device number 2
[  176.875218][ T5781] Bluetooth: hci3: unknown advertising packet type: 0x61
[  176.875277][ T5781] Bluetooth: hci3: unknown advertising packet type: 0x61
[  176.884858][ T5781] Bluetooth: hci3: unknown advertising packet type: 0x61
[  176.892296][ T5781] Bluetooth: hci3: unknown advertising packet type: 0x61
[  176.899544][ T5781] Bluetooth: hci3: unknown advertising packet type: 0x61
[  176.906782][ T5781] Bluetooth: hci3: unknown advertising packet type: 0x61
[  176.913891][ T5781] Bluetooth: hci3: unknown advertising packet type: 0x61
[  178.100979][ T7165] netlink: 4 bytes leftover after parsing attributes in process `syz.4.287'.
[  179.053522][ T7180] loop3: detected capacity change from 0 to 764
[  179.089405][ T7180] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  182.867623][ T7195] netlink: 4 bytes leftover after parsing attributes in process `syz.0.300'.
[  183.298584][ T7200] loop4: detected capacity change from 0 to 16
[  183.338452][ T7200] erofs: (device loop4): mounted with root inode @ nid 36.
[  186.441395][   T51] Bluetooth: hci2: command 0x0406 tx timeout
[  186.482596][ T7235] netlink: 4 bytes leftover after parsing attributes in process `syz.1.310'.
[  186.507064][ T5777] Bluetooth: hci0: command 0x0406 tx timeout
[  186.515639][   T51] Bluetooth: hci1: command 0x0406 tx timeout
[  186.851337][ T7242] binder: 7237:7242 ioctl 4018620d 0 returned -22
[  188.946602][ T7267] netlink: 8 bytes leftover after parsing attributes in process `syz.3.322'.
[  190.928891][ T7281] binder: 7276:7281 ioctl 4018620d 0 returned -22
[  190.940897][ T7281] binder: 7276:7281 unknown command 1074553619
[  190.947216][ T7281] binder: 7276:7281 ioctl c0306201 200000000540 returned -22
[  193.181024][ T7295] loop1: detected capacity change from 0 to 512
[  193.524623][ T7295] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  193.943315][ T7295] EXT4-fs (loop1): 1 truncate cleaned up
[  194.140530][ T7295] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  194.790934][ T1287] ieee802154 phy0 wpan0: encryption failed: -22
[  194.797478][ T1287] ieee802154 phy1 wpan1: encryption failed: -22
[  195.000794][ T5771] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  195.571350][ T7314] loop4: detected capacity change from 0 to 32768
[  195.604852][ T7326] binder: 7318:7326 ioctl 4018620d 0 returned -22
[  195.616800][ T7326] binder: 7318:7326 unknown command 1074553619
[  195.623041][ T7326] binder: 7318:7326 ioctl c0306201 200000000540 returned -22
[  195.726664][ T7314] BTRFS: device fsid 8f67342e-760a-4d9f-bdfe-dfdef307742f devid 1 transid 8 /dev/loop4 scanned by syz.4.335 (7314)
[  196.268014][ T7314] BTRFS info (device loop4): first mount of filesystem 8f67342e-760a-4d9f-bdfe-dfdef307742f
[  196.308133][ T7314] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm
[  196.341506][ T7314] BTRFS info (device loop4): using free space tree
[  198.032953][ T7314] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-meta": -EINTR
[  198.065972][ T7314] workqueue: Failed to create a rescuer kthread for wq "btrfs-rmw": -EINTR
[  198.134192][ T7314] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-write": -EINTR
[  198.192967][ T7314] workqueue: Failed to create a rescuer kthread for wq "btrfs-compressed-write": -EINTR
[  198.247885][ T7352] loop1: detected capacity change from 0 to 64
[  198.294522][ T7314] workqueue: Failed to create a rescuer kthread for wq "btrfs-freespace-write": -EINTR
[  198.295109][ T7314] workqueue: Failed to create a rescuer kthread for wq "btrfs-delayed-meta": -EINTR
[  198.324526][ T7314] workqueue: Failed to create a rescuer kthread for wq "btrfs-qgroup-rescan": -EINTR
[  198.334517][ T5766] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  198.754494][ T5836] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  198.867749][ T7314] BTRFS error (device loop4): open_ctree failed: -12
[  198.986262][ T5836] usb 2-1: Using ep0 maxpacket: 32
[  199.014757][ T5836] usb 2-1: config index 0 descriptor too short (expected 36882, got 18)
[  199.041154][ T5836] usb 2-1: config 149 has too many interfaces: 43, using maximum allowed: 32
[  199.119900][ T5836] usb 2-1: config 149 has an invalid descriptor of length 197, skipping remainder of the config
[  199.146082][ T5762] BTRFS: device fsid 8f67342e-760a-4d9f-bdfe-dfdef307742f devid 1 transid 8 /dev/loop4 scanned by udevd (5762)
[  199.184875][ T5836] usb 2-1: config 149 has 0 interfaces, different from the descriptor's value: 43
[  199.400122][ T5836] usb 2-1: New USB device found, idVendor=0fd9, idProduct=0021, bcdDevice=29.40
[  199.455142][ T5836] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  199.686246][ T5836] usb 2-1: language id specifier not provided by device, defaulting to English
[  199.905131][ T5836] usb 2-1: USB disconnect, device number 3
[  201.488595][ T7394] loop0: detected capacity change from 0 to 128
[  201.565736][ T7394] vxfs: WRONG superblock magic 7b3185b5 at 1
[  201.578808][ T7394] vxfs: WRONG superblock magic 7b318cb5 at 8
[  201.585211][ T7394] vxfs: can't find superblock.
[  202.177834][ T7405] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  202.186910][ T7405] overlayfs: missing 'lowerdir'
[  205.793930][ T7425] loop4: detected capacity change from 0 to 4096
[  209.646231][ T7472] binder: 7469:7472 ioctl 4018620d 0 returned -22
[  209.654008][ T7472] binder: 7469:7472 unknown command 1074553619
[  209.660295][ T7472] binder: 7469:7472 ioctl c0306201 200000000540 returned -22
[  215.163244][ T7514] netlink: 36 bytes leftover after parsing attributes in process `syz.3.393'.
[  218.009363][ T7532] loop3: detected capacity change from 0 to 4096
[  218.041165][ T7532] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512).
[  218.100426][ T7537] loop1: detected capacity change from 0 to 16
[  218.151942][ T7537] erofs: (device loop1): mounted with root inode @ nid 36.
[  218.439617][ T7539] loop4: detected capacity change from 0 to 32768
[  218.450075][ T7539] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 scanned by syz.4.401 (7539)
[  218.494619][ T7539] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  218.504885][ T7539] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm
[  218.513570][ T7539] BTRFS info (device loop4): using free space tree
[  218.585735][ T7539] BTRFS info (device loop4): enabling ssd optimizations
[  218.592767][ T7539] BTRFS info (device loop4): auto enabling async discard
[  219.587495][ T6093] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  219.739134][ T7568] binder: 7563:7568 ioctl 4018620d 0 returned -22
[  220.788366][ T7574] loop0: detected capacity change from 0 to 4096
[  221.092798][ T5762] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 9 /dev/loop4 scanned by udevd (5762)
[  221.138498][ T7541] loop3: detected capacity change from 0 to 32768
[  221.202865][ T7541] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 scanned by syz.3.402 (7541)
[  222.360456][ T7586] netlink: 4 bytes leftover after parsing attributes in process `syz.4.411'.
[  223.436807][ T7601] loop4: detected capacity change from 0 to 64
[  224.371536][ T7609] binder: 7604:7609 ioctl 4018620d 0 returned -22
[  224.734526][ T5902] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  225.094580][ T5902] usb 5-1: Using ep0 maxpacket: 32
[  225.109382][ T7615] netlink: 16 bytes leftover after parsing attributes in process `syz.0.417'.
[  225.140196][ T5902] usb 5-1: config 0 has an invalid interface number: 47 but max is 0
[  225.291504][ T5902] usb 5-1: config 0 has no interface number 0
[  225.435618][ T5902] usb 5-1: too many endpoints for config 0 interface 47 altsetting 45: 123, using maximum allowed: 30
[  225.708732][ T5902] usb 5-1: config 0 interface 47 altsetting 45 has 0 endpoint descriptors, different from the interface descriptor's value: 123
[  225.935979][ T5902] usb 5-1: config 0 interface 47 has no altsetting 0
[  225.942856][ T5902] usb 5-1: New USB device found, idVendor=0fd9, idProduct=0021, bcdDevice=29.40
[  225.955785][ T5902] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  225.977052][ T5902] usb 5-1: config 0 descriptor??
[  226.665442][ T5902] usb 5-1: string descriptor 0 read error: -71
[  226.682015][ T5902] dvb-usb: found a 'Elgato EyeTV DTT' in cold state, will try to load a firmware
[  226.832523][ T5902] dvb-usb: downloading firmware from file 'dvb-usb-dib0700-1.20.fw'
[  226.894547][ T5902] dib0700: firmware download failed at 7 with -22
[  226.947506][ T5902] usb 5-1: USB disconnect, device number 2
[  233.453737][ T7700] netlink: 16 bytes leftover after parsing attributes in process `syz.3.429'.
[  238.412535][ T7748] binder: 7739:7748 unknown command 1074553619
[  238.419178][ T7748] binder: 7739:7748 ioctl c0306201 200000000540 returned -22
[  239.924544][ T7752] netlink: 8 bytes leftover after parsing attributes in process `syz.1.453'.
[  242.808649][ T7772] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  242.817478][ T7772] overlayfs: missing 'lowerdir'
[  243.383389][ T7776] loop0: detected capacity change from 0 to 1024
[  243.423934][ T7776] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  243.633886][ T7776] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  243.696356][ T7776] EXT4-fs error (device loop0): ext4_xattr_inode_iget:441: inode #11: comm syz.0.460: missing EA_INODE flag
[  243.714416][ T7776] EXT4-fs (loop0): Remounting filesystem read-only
[  245.197275][ T7785] binder: 7781:7785 unknown command 1074553619
[  245.203503][ T7785] binder: 7781:7785 ioctl c0306201 200000000540 returned -22
[  245.649953][ T5772] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  246.715369][ T7797] netlink: 8 bytes leftover after parsing attributes in process `syz.0.464'.
[  249.378522][ T7815] netlink: 12 bytes leftover after parsing attributes in process `syz.3.471'.
[  249.816157][ T7824] loop0: detected capacity change from 0 to 512
[  252.168523][ T7823] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(5)
[  252.175048][ T7823] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  252.182707][ T7823] vhci_hcd vhci_hcd.0: Device attached
[  253.159498][ T7824] EXT4-fs: error -4 creating inode table initialization thread
[  253.167620][ T7824] EXT4-fs (loop0): mount failed
[  253.264536][ T5837] usb 33-1: new low-speed USB device number 2 using vhci_hcd
[  253.626880][ T7826] vhci_hcd: connection reset by peer
[  253.684759][ T2964] vhci_hcd: stop threads
[  253.692754][ T2964] vhci_hcd: release socket
[  253.709802][ T2964] vhci_hcd: disconnect device
[  253.996938][ T7843] netlink: 8 bytes leftover after parsing attributes in process `syz.4.477'.
[  254.673275][ T5778] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  254.801758][ T7845] loop4: detected capacity change from 0 to 128
[  254.835904][ T7845] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256
[  254.874504][ T5778] usb 1-1: Using ep0 maxpacket: 8
[  254.882997][ T5778] usb 1-1: config 1 interface 0 altsetting 6 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  254.985458][ T7845] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  254.994334][ T5778] usb 1-1: config 1 interface 0 has no altsetting 0
[  255.017047][ T5778] usb 1-1: New USB device found, idVendor=12ba, idProduct=0100, bcdDevice= 0.40
[  255.101634][ T5778] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  255.793998][ T5778] usb 1-1: Product: syz
[  255.814309][ T5778] usb 1-1: Manufacturer: syz
[  255.824601][ T5778] usb 1-1: SerialNumber: syz
[  255.949023][ T1287] ieee802154 phy0 wpan0: encryption failed: -22
[  255.955760][ T1287] ieee802154 phy1 wpan1: encryption failed: -22
[  256.093691][ T5778] usbhid 1-1:1.0: can't add hid device: -71
[  256.105140][ T5778] usbhid: probe of 1-1:1.0 failed with error -71
[  256.158630][ T5778] usb 1-1: USB disconnect, device number 2
[  257.255090][ T7864] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  257.263835][ T7864] overlayfs: missing 'lowerdir'
[  257.658962][ T7869] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(5)
[  257.665536][ T7869] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  257.675737][ T7869] vhci_hcd vhci_hcd.0: Device attached
[  257.743674][ T7869] loop0: detected capacity change from 0 to 512
[  257.791718][ T7869] EXT4-fs error (device loop0): ext4_orphan_get:1398: inode #15: comm syz.0.486: inode has both inline data and extents flags
[  257.806193][ T7869] EXT4-fs error (device loop0): ext4_orphan_get:1403: comm syz.0.486: couldn't read orphan inode 15 (err -117)
[  257.824445][ T7869] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  257.888242][ T7869] tc_dump_action: action bad kind
[  258.369241][ T7870] vhci_hcd: connection reset by peer
[  258.456721][ T6205] vhci_hcd: stop threads
[  258.556589][ T6205] vhci_hcd: release socket
[  259.145279][ T7881] netlink: 8 bytes leftover after parsing attributes in process `syz.4.489'.
[  259.844583][ T6205] vhci_hcd: disconnect device
[  260.174004][ T5837] vhci_hcd: vhci_device speed not set
[  260.950921][ T5772] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  262.023760][ T7895] netlink: 12 bytes leftover after parsing attributes in process `syz.3.495'.
[  262.497426][ T7903] netlink: 12 bytes leftover after parsing attributes in process `syz.0.493'.
[  263.211316][ T7909] syzkaller0: entered promiscuous mode
[  263.284470][ T7909] syzkaller0: entered allmulticast mode
[  267.150201][ T7918] vlan2: entered allmulticast mode
[  267.158530][ T7918] veth0_to_bond: entered allmulticast mode
[  267.204103][ T7923] tc_dump_action: action bad kind
[  270.750635][ T7965] loop0: detected capacity change from 0 to 2048
[  270.818140][ T7965] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  271.448963][ T7949] loop4: detected capacity change from 0 to 32768
[  272.194537][ T7949] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 scanned by syz.4.510 (7949)
[  272.249423][ T7949] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  272.274297][ T7949] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm
[  272.304822][ T7949] BTRFS warning (device loop4): 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  272.344130][ T7949] BTRFS info (device loop4): trying to use backup root at mount time
[  272.361486][ T7949] BTRFS info (device loop4): setting nodatasum
[  272.383091][ T7949] BTRFS info (device loop4): force zlib compression, level 3
[  272.401886][ T7949] BTRFS info (device loop4): setting nodatacow
[  272.434736][ T7949] BTRFS info (device loop4): turning on flush-on-commit
[  272.441743][ T7949] BTRFS info (device loop4): disabling tree log
[  272.481528][ T7949] BTRFS info (device loop4): using free space tree
[  272.532255][ T7986] warning: `syz.3.524' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  272.575469][ T7949] workqueue: Failed to create a rescuer kthread for wq "btrfs-rmw": -EINTR
[  272.577161][ T7949] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-write": -EINTR
[  272.625740][ T7949] workqueue: Failed to create a rescuer kthread for wq "btrfs-compressed-write": -EINTR
[  272.685585][ T7949] workqueue: Failed to create a rescuer kthread for wq "btrfs-freespace-write": -EINTR
[  272.709735][ T7949] workqueue: Failed to create a rescuer kthread for wq "btrfs-qgroup-rescan": -EINTR
[  272.747628][ T7949] BTRFS error (device loop4): open_ctree failed: -12
[  272.990581][ T7975] loop1: detected capacity change from 0 to 32768
[  273.138156][ T7975] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  273.510909][ T5781] Bluetooth: hci3: command 0x0406 tx timeout
[  273.965110][ T7975] XFS (loop1): Ending clean mount
[  274.095748][ T5771] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  275.173126][ T8037] bridge0: port 2(bridge_slave_1) entered disabled state
[  275.182991][ T8037] bridge0: port 1(bridge_slave_0) entered disabled state
[  275.202140][ T8037] bridge0: entered allmulticast mode
[  275.327401][ T8037] bridge_slave_1: left allmulticast mode
[  275.365436][ T8037] bridge_slave_1: left promiscuous mode
[  275.399493][ T8037] bridge0: port 2(bridge_slave_1) entered disabled state
[  275.710387][ T8037] bridge_slave_0: left allmulticast mode
[  275.799491][ T8037] bridge_slave_0: left promiscuous mode
[  275.883191][ T8037] bridge0: port 1(bridge_slave_0) entered disabled state
[  278.497153][ T8076] binder: 8061:8076 ioctl 4018620d 0 returned -22
[  278.505034][ T8076] binder: 8061:8076 unknown command 1074553619
[  278.511265][ T8076] binder: 8061:8076 ioctl c0306201 200000000540 returned -22
[  281.374874][ T8100] netlink: 16 bytes leftover after parsing attributes in process `syz.0.557'.
[  281.417880][ T8094] loop4: detected capacity change from 0 to 32768
[  281.612095][ T8094] JBD2: Ignoring recovery information on journal
[  282.332692][ T8094] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  282.441159][ T6093] ocfs2: Unmounting device (7,4) on (node local)
[  282.614214][ T8123] netlink: 12 bytes leftover after parsing attributes in process `syz.4.564'.
[  286.465503][ T8146] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  286.504986][ T8146] overlayfs: missing 'lowerdir'
[  286.699618][ T8157] netlink: 12 bytes leftover after parsing attributes in process `syz.0.575'.
[  288.393379][ T8171] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[  289.357500][ T8193] netlink: 12 bytes leftover after parsing attributes in process `syz.4.587'.
[  290.879020][ T8216] netlink: 12 bytes leftover after parsing attributes in process `syz.3.598'.
[  292.866081][ T8243] netlink: 12 bytes leftover after parsing attributes in process `syz.3.607'.
[  293.095510][ T8235] loop1: detected capacity change from 0 to 32768
[  293.124923][ T8235] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 scanned by syz.1.603 (8235)
[  293.196484][ T8235] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  293.254621][ T8235] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm
[  293.263421][ T8235] BTRFS info (device loop1): using free space tree
[  293.974990][ T8235] BTRFS info (device loop1): enabling ssd optimizations
[  293.982000][ T8235] BTRFS info (device loop1): auto enabling async discard
[  294.227284][ T8235] BTRFS info (device loop1): balance: start -susage=0..4076,limit=1,limit=1..0
[  294.302548][ T8235] BTRFS info (device loop1): relocating block group 1048576 flags system
[  294.342502][ T8235] BTRFS info (device loop1): balance: canceled
[  294.546530][ T5771] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  294.686277][ T5761] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  294.944596][ T5761] usb 5-1: Using ep0 maxpacket: 16
[  294.956929][ T5761] usb 5-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  294.974471][ T5761] usb 5-1: config 0 interface 0 altsetting 9 endpoint 0x81 has invalid wMaxPacketSize 0
[  295.104621][ T5761] usb 5-1: config 0 interface 0 has no altsetting 0
[  295.134720][ T5761] usb 5-1: New USB device found, idVendor=1e71, idProduct=2009, bcdDevice= 0.00
[  295.144195][ T5761] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  295.185229][ T5761] usb 5-1: config 0 descriptor??
[  295.733289][ T5761] nzxt-smart2 0003:1E71:2009.0002: unknown main item tag 0x0
[  295.757768][ T5761] nzxt-smart2 0003:1E71:2009.0002: unknown main item tag 0x0
[  295.774811][ T5761] nzxt-smart2 0003:1E71:2009.0002: item fetching failed at offset 2/5
[  295.783815][ T5761] nzxt-smart2: probe of 0003:1E71:2009.0002 failed with error -22
[  295.863734][ T8288] netlink: 12 bytes leftover after parsing attributes in process `syz.1.616'.
[  295.923748][    T8] usb 5-1: USB disconnect, device number 3
[  297.399623][ T8310] netlink: 28 bytes leftover after parsing attributes in process `syz.1.623'.
[  297.419878][ T8311] netlink: 'syz.4.621': attribute type 13 has an invalid length.
[  297.429937][ T8311] netlink: 'syz.4.621': attribute type 17 has an invalid length.
[  298.772809][ T8311] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  298.862682][ T8322] loop0: detected capacity change from 0 to 1024
[  298.911028][ T8322] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  298.950356][ T8322] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  298.998115][ T8322] EXT4-fs error (device loop0): ext4_xattr_inode_iget:441: inode #11: comm syz.0.626: missing EA_INODE flag
[  299.025558][ T8322] EXT4-fs (loop0): Remounting filesystem read-only
[  299.433437][ T5772] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  299.454455][ T5761] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  299.706324][ T5761] usb 2-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  299.730629][ T5761] usb 2-1: config 1 has an invalid descriptor of length 255, skipping remainder of the config
[  299.792191][ T5761] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 66
[  299.835926][ T5761] usb 2-1: config 1 interface 0 altsetting 0 has an invalid endpoint with address 0xFF, skipping
[  299.872781][ T5761] usb 2-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  299.883176][ T5761] usb 2-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  299.904662][ T5761] usb 2-1: Product: syz
[  299.908841][ T5761] usb 2-1: Manufacturer: syz
[  299.925911][ T8332] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  299.943821][ T5761] cdc_wdm 2-1:1.0: skipping garbage
[  299.964609][ T5761] cdc_wdm 2-1:1.0: skipping garbage
[  299.994854][ T5761] cdc_wdm: probe of 2-1:1.0 failed with error -22
[  300.263954][  T787] usb 2-1: USB disconnect, device number 4
[  301.516339][ T8341] loop4: detected capacity change from 0 to 32768
[  302.289690][ T8341] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  302.547429][ T8367] netlink: 28 bytes leftover after parsing attributes in process `syz.1.635'.
[  302.671699][ T8341] XFS (loop4): Ending clean mount
[  302.706210][ T8341] XFS (loop4): Quotacheck needed: Please wait.
[  302.791747][ T8341] XFS (loop4): Quotacheck: Done.
[  302.897014][ T6093] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  304.634607][    T8] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  304.844520][    T8] usb 1-1: Using ep0 maxpacket: 8
[  304.853095][    T8] usb 1-1: config index 0 descriptor too short (expected 6427, got 27)
[  304.862272][    T8] usb 1-1: config 0 has an invalid interface number: 21 but max is 0
[  304.876952][    T8] usb 1-1: config 0 has no interface number 0
[  304.887929][    T8] usb 1-1: config 0 interface 21 altsetting 0 has an invalid endpoint with address 0xFF, skipping
[  304.974228][    T8] usb 1-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=92.d4
[  304.988951][    T8] usb 1-1: New USB device strings: Mfr=31, Product=1, SerialNumber=0
[  304.998701][    T8] usb 1-1: Product: syz
[  305.002872][    T8] usb 1-1: Manufacturer: syz
[  305.015363][    T8] usb 1-1: config 0 descriptor??
[  305.104279][ T8401] netlink: 24 bytes leftover after parsing attributes in process `syz.3.647'.
[  305.228776][    T8] usb 1-1: USB disconnect, device number 3
[  308.219936][ T8429] netlink: 7 bytes leftover after parsing attributes in process `syz.4.655'.
[  308.863119][ T8432] netlink: 24 bytes leftover after parsing attributes in process `syz.4.656'.
[  309.254340][ T8439] binder: 8436:8439 ioctl 4018620d 0 returned -22
[  309.266612][ T8439] binder: 8436:8439 unknown command 1074553619
[  309.272869][ T8439] binder: 8436:8439 ioctl c0306201 200000000540 returned -22
[  311.936045][    T8] IPVS: starting estimator thread 0...
[  312.085961][ T8463] IPVS: using max 18 ests per chain, 43200 per kthread
[  312.772111][ T8469] netlink: 24 bytes leftover after parsing attributes in process `syz.1.668'.
[  315.660199][ T8501] loop4: detected capacity change from 0 to 4096
[  315.752766][ T8478] loop1: detected capacity change from 0 to 32768
[  315.771755][ T8501] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found
[  315.779566][ T8501] UDF-fs: Scanning with blocksize 512 failed
[  315.811732][ T8478] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  315.824727][ T8478] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  315.844886][ T8501] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  315.873547][ T8501] UDF-fs: error (device loop4): udf_read_inode: (ino 1376) failed !bh
[  315.897919][ T8481] loop0: detected capacity change from 0 to 32768
[  315.909648][ T8501] UDF-fs: error (device loop4): udf_fill_super: Error in udf_iget, block=64, partition=0
[  315.950259][ T8481] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  316.166210][ T8478] gfs2: fsid=syz:syz.0: journal 0 mapped with 1 extents in 0ms
[  316.177629][ T8481] XFS (loop0): Ending clean mount
[  316.183569][ T8514] netlink: 12 bytes leftover after parsing attributes in process `syz.3.680'.
[  316.199553][ T8481] XFS (loop0): Quotacheck needed: Please wait.
[  316.220196][ T5761] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  316.239271][ T5761] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  316.330785][ T8481] XFS (loop0): Quotacheck: Done.
[  316.385474][ T5761] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 146ms
[  316.405350][ T5761] gfs2: fsid=syz:syz.0: jid=0: Done
[  316.412134][ T8478] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  316.467040][ T8478] gfs2: fsid=syz:syz.0: can't create logd thread: -4
[  316.489120][ T5772] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  316.734266][ T8527] loop4: detected capacity change from 0 to 256
[  317.081637][ T8527] FAT-fs (loop4): Directory bread(block 64) failed
[  317.185221][ T8527] FAT-fs (loop4): Directory bread(block 65) failed
[  317.289926][ T8527] FAT-fs (loop4): Directory bread(block 66) failed
[  317.392417][ T1287] ieee802154 phy0 wpan0: encryption failed: -22
[  317.400042][ T1287] ieee802154 phy1 wpan1: encryption failed: -22
[  317.430447][ T8527] FAT-fs (loop4): Directory bread(block 67) failed
[  317.464315][ T8527] FAT-fs (loop4): Directory bread(block 68) failed
[  317.471620][ T8527] FAT-fs (loop4): Directory bread(block 69) failed
[  317.543118][ T8527] FAT-fs (loop4): Directory bread(block 70) failed
[  317.574747][ T8527] FAT-fs (loop4): Directory bread(block 71) failed
[  317.581432][ T8527] FAT-fs (loop4): Directory bread(block 72) failed
[  317.629513][ T8527] FAT-fs (loop4): Directory bread(block 73) failed
[  318.785472][    T8] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  319.005057][    T8] usb 2-1: Using ep0 maxpacket: 16
[  319.058344][    T8] usb 2-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  319.091330][    T8] usb 2-1: config 0 interface 0 has no altsetting 0
[  319.184695][ T8551] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  319.193711][ T8551] overlayfs: missing 'lowerdir'
[  319.552121][ T8552] netlink: 12 bytes leftover after parsing attributes in process `syz.4.692'.
[  319.742695][    T8] usb 2-1: New USB device found, idVendor=1e71, idProduct=2009, bcdDevice= 0.00
[  319.757425][    T8] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  319.882280][    T8] usb 2-1: config 0 descriptor??
[  320.373418][    T8] nzxt-smart2 0003:1E71:2009.0003: hidraw0: USB HID v0.05 Device [HID 1e71:2009] on usb-dummy_hcd.1-1/input0
[  320.623218][ T8556] loop0: detected capacity change from 0 to 32768
[  320.659472][ T8556] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop0 scanned by syz.0.693 (8556)
[  320.739528][ T8556] BTRFS info (device loop0): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  320.751756][   T23] usb 2-1: USB disconnect, device number 5
[  320.834575][ T8556] BTRFS info (device loop0): using blake2b (blake2b-256-generic) checksum algorithm
[  320.849875][ T8556] BTRFS info (device loop0): using free space tree
[  321.018194][ T8556] BTRFS info (device loop0): enabling ssd optimizations
[  321.057176][ T8556] BTRFS info (device loop0): auto enabling async discard
[  323.399777][ T5772] BTRFS info (device loop0): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  324.158290][ T8598] netlink: 12 bytes leftover after parsing attributes in process `syz.3.702'.
[  325.208917][ T8594] loop1: detected capacity change from 0 to 40427
[  325.264813][ T8594] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  325.309046][ T8594] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  325.467548][ T8594] F2FS-fs (loop1): Found nat_bits in checkpoint
[  325.752313][ T8594] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  325.804749][ T8594] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  327.121685][ T8613] loop0: detected capacity change from 0 to 32768
[  327.130617][ T8622] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  327.139663][ T8622] overlayfs: missing 'lowerdir'
[  327.166370][ T8613] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop0 scanned by syz.0.705 (8613)
[  327.257040][ T8613] BTRFS info (device loop0): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  327.289957][ T8613] BTRFS info (device loop0): using blake2b (blake2b-256-generic) checksum algorithm
[  327.318102][ T8613] BTRFS info (device loop0): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  327.348012][ T8613] BTRFS info (device loop0): use zstd compression, level 3
[  327.372893][ T8613] BTRFS info (device loop0): using free space tree
[  327.564940][ T8613] BTRFS info (device loop0): enabling ssd optimizations
[  327.572068][ T8613] BTRFS info (device loop0): auto enabling async discard
[  327.687987][   T27] audit: type=1800 audit(1769316204.508:13): pid=8613 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.705" name="file1" dev="loop0" ino=260 res=0 errno=0
[  328.017567][ T8621] loop4: detected capacity change from 0 to 32768
[  328.020948][ T5772] BTRFS info (device loop0): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  328.050733][ T8621] (syz.4.707,8621,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  328.482032][ T8621] (syz.4.707,8621,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  328.760562][ T8621] JBD2: Ignoring recovery information on journal
[  328.944733][ T8621] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  329.559607][ T6093] ocfs2: Unmounting device (7,4) on (node local)
[  329.913483][ T8666] netlink: 51 bytes leftover after parsing attributes in process `syz.4.713'.
[  331.071824][ T8660] loop1: detected capacity change from 0 to 32768
[  331.131773][ T8660] XFS (loop1): Mounting V5 Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[  331.216491][ T8664] loop0: detected capacity change from 0 to 32768
[  331.244971][ T8664] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 scanned by syz.0.715 (8664)
[  331.274511][ T8660] XFS (loop1): Ending clean mount
[  331.298572][ T8664] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  331.329795][ T8664] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[  331.346888][ T8664] BTRFS info (device loop0): using free space tree
[  331.448642][ T5771] XFS (loop1): Unmounting Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[  331.469385][ T8664] BTRFS info (device loop0): enabling ssd optimizations
[  331.476733][ T8664] BTRFS info (device loop0): auto enabling async discard
[  332.022512][ T5772] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  332.076732][ T8707] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  332.085633][ T8707] overlayfs: missing 'lowerdir'
[  333.609088][ T8722] loop0: detected capacity change from 0 to 128
[  333.848193][   T27] audit: type=1804 audit(1769316210.668:14): pid=8723 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.722" name="/newroot/176/bus/bus" dev="loop0" ino=1048609 res=1 errno=0
[  333.933024][   T27] audit: type=1804 audit(1769316210.718:15): pid=8722 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.722" name="/newroot/176/bus/bus" dev="loop0" ino=1048609 res=1 errno=0
[  334.352755][ T8719] loop1: detected capacity change from 0 to 32768
[  334.371837][ T8719] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 scanned by syz.1.725 (8719)
[  334.387696][ T8719] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  334.412923][ T8719] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm
[  334.422058][ T8719] BTRFS info (device loop1): using free space tree
[  334.538815][ T8719] BTRFS info (device loop1): enabling ssd optimizations
[  334.575422][ T8719] BTRFS info (device loop1): auto enabling async discard
[  334.911410][ T8747] BTRFS info (device loop1): balance: start -d -m
[  334.946122][ T8747] BTRFS info (device loop1): relocating block group 8519680 flags data|metadata
[  335.082823][ T8747] BTRFS info (device loop1): balance: canceled
[  335.335644][ T5771] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  335.403730][ T8758] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  335.447545][ T8755] loop0: detected capacity change from 0 to 40427
[  335.460107][ T8755] F2FS-fs (loop0): Insane cp_payload (553648128 >= 504)
[  335.467214][ T8755] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  335.496751][ T8755] F2FS-fs (loop0): invalid crc value
[  335.538921][ T8755] F2FS-fs (loop0): Found nat_bits in checkpoint
[  335.685711][ T8755] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  335.692807][ T8755] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  336.975663][ T8775] netlink: 80 bytes leftover after parsing attributes in process `syz.1.735'.
[  337.421649][   T51] Bluetooth: hci2: unexpected event 0x06 length: 4 > 3
[  337.475607][ T8781] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(3)
[  337.489050][ T8781] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  337.525901][ T8781] vhci_hcd vhci_hcd.0: Device attached
[  337.532908][ T8785] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  337.541837][ T8785] overlayfs: missing 'lowerdir'
[  337.549650][ T8784] vhci_hcd vhci_hcd.0: pdev(1) rhport(1) sockfd(6)
[  337.556209][ T8784] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  337.594065][ T8784] vhci_hcd vhci_hcd.0: Device attached
[  337.612299][ T8781] vhci_hcd vhci_hcd.0: pdev(1) rhport(2) sockfd(5)
[  337.618860][ T8781] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  337.642814][ T8781] vhci_hcd vhci_hcd.0: Device attached
[  337.677705][ T8781] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(8)
[  337.684276][ T8781] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  337.718740][ T8781] vhci_hcd vhci_hcd.0: Device attached
[  337.734322][ T8788] vhci_hcd: connection closed
[  337.736509][ T8786] vhci_hcd: connection closed
[  337.736718][ T6205] vhci_hcd: stop threads
[  337.741670][ T8782] vhci_hcd: connection closed
[  337.776700][ T6205] vhci_hcd: release socket
[  337.804558][   T23] usb 35-1: new low-speed USB device number 3 using vhci_hcd
[  337.805871][ T6205] vhci_hcd: disconnect device
[  337.816826][ T8783] vhci_hcd: sendmsg failed!, ret=-32 for 48
[  337.836556][ T8790] vhci_hcd: connection closed
[  337.843948][ T6205] vhci_hcd: stop threads
[  337.869886][ T6205] vhci_hcd: release socket
[  337.879104][ T6205] vhci_hcd: disconnect device
[  337.896161][ T6205] vhci_hcd: stop threads
[  337.911752][ T6205] vhci_hcd: release socket
[  337.925020][ T6205] vhci_hcd: disconnect device
[  337.939006][ T6205] vhci_hcd: stop threads
[  337.952589][ T6205] vhci_hcd: release socket
[  337.967611][ T6205] vhci_hcd: disconnect device
[  338.398574][ T8799] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(3)
[  338.405154][ T8799] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  338.461386][ T8803] loop4: detected capacity change from 0 to 512
[  338.472532][ T8803] EXT4-fs: mb_optimize_scan should be set to 0 or 1.
[  338.495881][ T8799] vhci_hcd vhci_hcd.0: Device attached
[  338.755749][   T51] Bluetooth: hci2: command 0x0406 tx timeout
[  338.825287][ T5837] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  339.084683][   T51] Bluetooth: hci1: unexpected event for opcode 0x0c05
[  339.127182][ T5837] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  339.149461][ T5837] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  339.874593][ T5837] usb 2-1: New USB device found, idVendor=2040, idProduct=2000, bcdDevice=65.72
[  339.883771][ T5837] usb 2-1: New USB device strings: Mfr=151, Product=0, SerialNumber=0
[  339.901635][ T5837] usb 2-1: Manufacturer: syz
[  339.911790][ T5837] usb 2-1: config 0 descriptor??
[  340.164111][ T8800] vhci_hcd: cannot find a urb of seqnum 1 max seqnum 2
[  340.165711][ T5837] usb 2-1: USB disconnect, device number 6
[  340.187353][ T3490] vhci_hcd: stop threads
[  340.201984][ T3490] vhci_hcd: release socket
[  340.222258][ T3490] vhci_hcd: disconnect device
[  340.480888][ T8822] loop0: detected capacity change from 0 to 32768
[  340.597006][ T8822] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 scanned by syz.0.751 (8822)
[  340.711779][ T8822] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  340.733673][ T8841] binder: 8839:8841 ioctl 4018620d 0 returned -22
[  340.741438][ T8841] binder: 8839:8841 unknown command 1074553619
[  340.747759][ T8822] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm
[  340.747830][ T8822] BTRFS info (device loop0): turning off barriers
[  340.756680][ T8841] binder: 8839:8841 ioctl c0306201 200000000540 returned -22
[  340.793332][ T8822] BTRFS info (device loop0): use no compression
[  340.811617][ T8822] BTRFS info (device loop0): setting nodatasum
[  340.832342][ T8822] BTRFS info (device loop0): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  340.862794][ T8822] BTRFS info (device loop0): use zstd compression, level 3
[  340.939127][ T8822] BTRFS info (device loop0): using free space tree
[  341.869730][ T5781] Bluetooth: hci2: command 0x0406 tx timeout
[  344.335014][   T23] vhci_hcd: vhci_device speed not set
[  344.401195][ T5781] Bluetooth: hci3: command 0x0406 tx timeout
[  344.960033][ T5772] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  346.213234][ T8878] loop4: detected capacity change from 0 to 40427
[  346.234271][ T8892] netlink: 4 bytes leftover after parsing attributes in process `syz.0.770'.
[  346.274468][ T8878] F2FS-fs (loop4): Mismatch start address, segment0(0) cp_blkaddr(512)
[  346.300554][ T8878] F2FS-fs (loop4): Can't find valid F2FS filesystem in 2th superblock
[  346.334270][ T8878] F2FS-fs (loop4): Found nat_bits in checkpoint
[  346.368294][ T8894] netlink: 7 bytes leftover after parsing attributes in process `syz.3.774'.
[  346.387034][ T5778] usb usb36-port1: attempt power cycle
[  346.426982][ T8878] F2FS-fs (loop4): Try to recover 2th superblock, ret: 0
[  346.454805][ T8878] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  346.569334][ T6093] syz-executor: attempt to access beyond end of device
[  346.569334][ T6093] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  346.621252][ T6093] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  347.079390][ T5778] usb usb36-port1: unable to enumerate USB device
[  347.342564][ T8899] loop1: detected capacity change from 0 to 32768
[  347.422107][ T8899] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  347.466758][ T8899] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  348.189398][ T8899] gfs2: fsid=syz:syz.0: journal 0 mapped with 1 extents in 0ms
[  348.384697][  T787] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  348.391533][  T787] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  348.857820][ T8965] netlink: 7 bytes leftover after parsing attributes in process `syz.0.784'.
[  348.906090][  T787] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 514ms
[  348.970153][  T787] gfs2: fsid=syz:syz.0: jid=0: Done
[  348.995264][ T8899] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  349.619983][ T8963] loop4: detected capacity change from 0 to 32768
[  349.869793][ T8963] UFO tlock:0xffffc9000287a090
[  351.011086][ T8996] netlink: 7 bytes leftover after parsing attributes in process `syz.4.793'.
[  352.787808][ T9030] netlink: 7 bytes leftover after parsing attributes in process `syz.1.806'.
[  353.130780][ T9026] loop4: detected capacity change from 0 to 32768
[  357.528121][ T9068] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  357.916304][ T9067] tty tty23: ldisc open failed (-12), clearing slot 22
[  358.617611][ T9078] netlink: 7 bytes leftover after parsing attributes in process `syz.3.823'.
[  359.657326][ T9096] netlink: 'syz.1.828': attribute type 1 has an invalid length.
[  360.048015][ T9108] loop0: detected capacity change from 0 to 128
[  360.092206][ T9108] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  361.763133][ T9094] loop4: detected capacity change from 0 to 32768
[  362.165124][ T9094] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  362.180588][ T9090] 9pnet_fd: Insufficient options for proto=fd
[  362.196411][ T9094] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  362.390189][ T9094] gfs2: fsid=syz:syz.0: journal 0 mapped with 1 extents in 0ms
[  362.438283][    T8] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  362.453397][    T8] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  362.754425][ T9153] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  362.763338][ T9153] overlayfs: missing 'lowerdir'
[  363.164435][    T8] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 711ms
[  363.298405][    T8] gfs2: fsid=syz:syz.0: jid=0: Done
[  363.440709][ T9094] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  363.507022][ T9094] gfs2: fsid=syz:syz.0: can't create logd thread: -4
[  365.198227][ T9185] netlink: 4 bytes leftover after parsing attributes in process `syz.0.845'.
[  365.619180][ T9192] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  365.628976][ T9192] overlayfs: missing 'lowerdir'
[  367.515837][ T9210] loop1: detected capacity change from 0 to 256
[  367.523139][ T9210] exfat: Deprecated parameter 'utf8'
[  367.528569][ T9210] exfat: Deprecated parameter 'namecase'
[  367.534306][ T9210] exfat: Deprecated parameter 'namecase'
[  367.540053][ T9210] exfat: Deprecated parameter 'utf8'
[  367.652885][ T9210] exFAT-fs (loop1): failed to load upcase table (idx : 0x00012153, chksum : 0x5270ca8d, utbl_chksum : 0xe619d30d)
[  369.238168][ T9222] netlink: 'syz.1.856': attribute type 1 has an invalid length.
[  369.398546][ T9225] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  369.407422][ T9225] overlayfs: missing 'lowerdir'
[  369.511252][ T9200] loop0: detected capacity change from 0 to 32768
[  369.531368][ T9200] workqueue: Failed to create a rescuer kthread for wq "xfs-conv/loop0": -EINTR
[  369.596568][ T9222] 8021q: adding VLAN 0 to HW filter on device bond1
[  369.746010][ T9224] netlink: 28 bytes leftover after parsing attributes in process `syz.1.856'.
[  369.923836][ T9224] bond1: entered promiscuous mode
[  370.159272][ T9224] bond1: entered allmulticast mode
[  370.310803][ T9226] bond1: (slave dummy0): making interface the new active one
[  370.344323][ T9226] dummy0: entered promiscuous mode
[  370.365295][ T9226] dummy0: entered allmulticast mode
[  370.372715][ T9226] bond1: (slave dummy0): Enslaving as an active interface with an up link
[  370.660866][ T9232] bond1 (unregistering): (slave dummy0): Releasing active interface
[  370.669163][ T9232] dummy0: left promiscuous mode
[  370.674216][ T9232] dummy0: left allmulticast mode
[  370.685440][ T9232] bond1 (unregistering): Released all slaves
[  374.357746][ T9282] netlink: 12 bytes leftover after parsing attributes in process `syz.0.874'.
[  376.974849][    T8] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  377.174969][    T8] usb 5-1: Using ep0 maxpacket: 8
[  377.193708][    T8] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 42, changing to 9
[  377.234664][    T8] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  377.249751][    T8] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  377.267227][    T8] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0
[  377.287627][    T8] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 0
[  377.308284][    T8] usb 5-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58
[  377.474881][    T8] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  377.495387][    T8] usb 5-1: config 0 descriptor??
[  378.240556][   T51] Bluetooth: hci4: urb ffff88802ecf3e00 submission failed (90)
[  378.257308][    T8] usb 5-1: USB disconnect, device number 4
[  378.358368][ T9320] netlink: 12 bytes leftover after parsing attributes in process `syz.3.884'.
[  378.828258][ T1287] ieee802154 phy0 wpan0: encryption failed: -22
[  379.094103][ T9331] netlink: 4 bytes leftover after parsing attributes in process `syz.4.888'.
[  379.145040][ T9331] netlink: 4 bytes leftover after parsing attributes in process `syz.4.888'.
[  381.631956][ T9365] netlink: 28 bytes leftover after parsing attributes in process `syz.4.897'.
[  383.499888][ T9382] netlink: 36 bytes leftover after parsing attributes in process `syz.1.904'.
[  384.962441][ T9395] netlink: 8 bytes leftover after parsing attributes in process `syz.4.909'.
[  385.024510][ T5837] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  385.127514][ T9398] 9pnet_virtio: no channels available for device syz
[  385.151668][ T9398] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  385.394442][ T5837] usb 2-1: Using ep0 maxpacket: 16
[  385.403178][ T5837] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  385.424519][ T5837] usb 2-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  385.467872][ T9403] netlink: 12 bytes leftover after parsing attributes in process `syz.4.911'.
[  386.028545][ T5837] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  386.160202][ T5837] usb 2-1: config 0 descriptor??
[  387.049206][ T5837] usbhid 2-1:0.0: can't add hid device: -71
[  387.091369][ T5837] usbhid: probe of 2-1:0.0 failed with error -71
[  387.100710][ T5837] usb 2-1: USB disconnect, device number 7
[  387.520282][ T9407] loop4: detected capacity change from 0 to 32768
[  387.567906][ T9407] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 scanned by syz.4.913 (9407)
[  387.595557][ T9430] netlink: 12 bytes leftover after parsing attributes in process `syz.3.921'.
[  387.764128][ T9407] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  387.767266][ T9430] 8021q: adding VLAN 0 to HW filter on device bond1
[  387.791580][ T9407] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm
[  387.804236][ T9407] BTRFS warning (device loop4): 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  387.819959][ T9407] BTRFS info (device loop4): trying to use backup root at mount time
[  387.829484][ T9435] netlink: 12 bytes leftover after parsing attributes in process `syz.0.922'.
[  387.847036][ T9407] BTRFS info (device loop4): max_inline at 4096
[  387.853462][ T9407] BTRFS info (device loop4): disabling tree log
[  387.862406][ T9407] BTRFS info (device loop4): turning off barriers
[  387.873691][ T9407] BTRFS info (device loop4): enabling disk space caching
[  387.883394][ T9407] BTRFS error (device loop4): cannot disable free space tree
[  387.902965][ T9407] BTRFS error (device loop4): open_ctree failed: -22
[  388.021907][ T9436] bond1: (slave dummy0): Enslaving as an active interface with an up link
[  388.035828][ T8019] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 scanned by udevd (8019)
[  390.844097][ T9475] syzkaller0: entered promiscuous mode
[  391.301099][ T9475] syzkaller0: entered allmulticast mode
[  397.274499][ T9522] syz.4.951: vmalloc error: size 6291456, failed to allocated page array size 12288, mode:0x400dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=syz4,mems_allowed=0-1
[  397.294213][ T9522] CPU: 0 PID: 9522 Comm: syz.4.951 Not tainted syzkaller #0
[  397.301514][ T9522] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  397.311573][ T9522] Call Trace:
[  397.314853][ T9522]  <TASK>
[  397.317773][ T9522]  dump_stack_lvl+0x18c/0x250
[  397.322539][ T9522]  ? show_regs_print_info+0x20/0x20
[  397.327927][ T9522]  ? load_image+0x400/0x400
[  397.332416][ T9522]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  397.338826][ T9522]  ? cpuset_print_current_mems_allowed+0x2e7/0x360
[  397.345314][ T9522]  warn_alloc+0x246/0x340
[  397.349644][ T9522]  ? zone_watermark_ok_safe+0x230/0x230
[  397.355186][ T9522]  ? _raw_spin_unlock+0x28/0x40
[  397.360028][ T9522]  ? netlink_rcv_skb+0x241/0x4d0
[  397.364958][ T9522]  __vmalloc_node_range+0x662/0x1330
[  397.370234][ T9522]  ? __asan_memset+0x22/0x40
[  397.374821][ T9522]  ? free_vm_area+0x50/0x50
[  397.379310][ T9522]  ? kvmalloc_node+0x70/0x180
[  397.383974][ T9522]  ? rcu_is_watching+0x15/0xb0
[  397.388720][ T9522]  ? kvmalloc_node+0x70/0x180
[  397.393379][ T9522]  ? trace_kmalloc+0x1f/0x90
[  397.397959][ T9522]  kvmalloc_node+0x13f/0x180
[  397.402536][ T9522]  ? hash_netport4_resize+0x232/0x1b40
[  397.407978][ T9522]  hash_netport4_resize+0x232/0x1b40
[  397.413242][ T9522]  ? hash_netport4_uadt+0xc99/0xf30
[  397.418425][ T9522]  ? hash_netport4_uadt+0xf30/0xf30
[  397.423605][ T9522]  ? hash_netport4_kadt+0x590/0x590
[  397.428789][ T9522]  ? _local_bh_enable+0xa0/0xa0
[  397.433625][ T9522]  call_ad+0x454/0xb40
[  397.437678][ T9522]  ? ip_set_ad+0x9c0/0x9c0
[  397.442083][ T9522]  ? __nla_parse+0x40/0x50
[  397.446486][ T9522]  ip_set_ad+0x81a/0x9c0
[  397.450711][ T9522]  ? ip_set_dump_done+0x1e0/0x1e0
[  397.455718][ T9522]  ? rcu_is_watching+0x15/0xb0
[  397.460485][ T9522]  nfnetlink_rcv_msg+0xbf0/0x12b0
[  397.465492][ T9522]  ? entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  397.471561][ T9522]  ? nfnetlink_rcv_msg+0x22a/0x12b0
[  397.476750][ T9522]  ? nfnetlink_unbind+0x160/0x160
[  397.481768][ T9522]  ? __dev_queue_xmit+0x1ac2/0x36b0
[  397.486952][ T9522]  ? __netlink_deliver_tap+0x5ab/0x830
[  397.492393][ T9522]  ? netlink_deliver_tap+0x19c/0x1b0
[  397.497662][ T9522]  ? netlink_unicast+0x72c/0x8d0
[  397.502585][ T9522]  ? netlink_sendmsg+0x8d0/0xbf0
[  397.507504][ T9522]  ? ____sys_sendmsg+0x5ba/0x960
[  397.512423][ T9522]  ? ___sys_sendmsg+0x2a6/0x360
[  397.517259][ T9522]  ? __se_sys_sendmsg+0x1c2/0x2b0
[  397.522267][ T9522]  ? do_syscall_64+0x55/0xa0
[  397.526859][ T9522]  netlink_rcv_skb+0x241/0x4d0
[  397.531609][ T9522]  ? nfnetlink_unbind+0x160/0x160
[  397.536619][ T9522]  ? netlink_ack+0x1180/0x1180
[  397.541372][ T9522]  ? apparmor_capable+0x137/0x1a0
[  397.546381][ T9522]  ? bpf_lsm_capable+0x9/0x10
[  397.551041][ T9522]  ? security_capable+0x89/0xb0
[  397.555881][ T9522]  nfnetlink_rcv+0x2c9/0x24a0
[  397.560552][ T9522]  ? __local_bh_enable_ip+0x13a/0x1c0
[  397.565995][ T9522]  ? lockdep_hardirqs_on+0x98/0x150
[  397.571176][ T9522]  ? __local_bh_enable_ip+0x13a/0x1c0
[  397.576537][ T9522]  ? _local_bh_enable+0xa0/0xa0
[  397.581378][ T9522]  ? __dev_queue_xmit+0x26b/0x36b0
[  397.586473][ T9522]  ? __dev_queue_xmit+0x26b/0x36b0
[  397.591565][ T9522]  ? __dev_queue_xmit+0x124f/0x36b0
[  397.596747][ T9522]  ? nfnetlink_net_exit_batch+0xa0/0xa0
[  397.602278][ T9522]  ? __dev_queue_xmit+0x26b/0x36b0
[  397.607391][ T9522]  ? ref_tracker_free+0x690/0x840
[  397.612402][ T9522]  ? refcount_inc+0x70/0x70
[  397.616887][ T9522]  ? __asan_memcpy+0x40/0x70
[  397.621461][ T9522]  ? __skb_clone+0x63/0x790
[  397.625947][ T9522]  ? __skb_clone+0x480/0x790
[  397.630528][ T9522]  ? __netlink_deliver_tap+0x7e8/0x830
[  397.635971][ T9522]  ? netlink_deliver_tap+0x2e/0x1b0
[  397.641153][ T9522]  ? __lock_acquire+0x7d40/0x7d40
[  397.646250][ T9522]  ? netlink_deliver_tap+0x2e/0x1b0
[  397.651434][ T9522]  netlink_unicast+0x751/0x8d0
[  397.656192][ T9522]  netlink_sendmsg+0x8d0/0xbf0
[  397.660984][ T9522]  ? netlink_getsockopt+0x590/0x590
[  397.666177][ T9522]  ? aa_sock_msg_perm+0x94/0x150
[  397.671098][ T9522]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  397.676370][ T9522]  ? security_socket_sendmsg+0x80/0xa0
[  397.681807][ T9522]  ? netlink_getsockopt+0x590/0x590
[  397.686989][ T9522]  ____sys_sendmsg+0x5ba/0x960
[  397.691745][ T9522]  ? __asan_memset+0x22/0x40
[  397.696320][ T9522]  ? __sys_sendmsg_sock+0x30/0x30
[  397.701327][ T9522]  ? __import_iovec+0x5f2/0x850
[  397.706170][ T9522]  ? import_iovec+0x73/0xa0
[  397.710661][ T9522]  ___sys_sendmsg+0x2a6/0x360
[  397.715331][ T9522]  ? __sys_sendmsg+0x2a0/0x2a0
[  397.720105][ T9522]  __se_sys_sendmsg+0x1c2/0x2b0
[  397.724942][ T9522]  ? __x64_sys_sendmsg+0x80/0x80
[  397.729872][ T9522]  ? lockdep_hardirqs_on+0x98/0x150
[  397.735053][ T9522]  do_syscall_64+0x55/0xa0
[  397.739455][ T9522]  ? clear_bhb_loop+0x40/0x90
[  397.744114][ T9522]  ? clear_bhb_loop+0x40/0x90
[  397.748774][ T9522]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  397.754648][ T9522] RIP: 0033:0x7f131bf9acb9
[  397.759057][ T9522] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  397.778651][ T9522] RSP: 002b:00007f131cd84028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  397.787050][ T9522] RAX: ffffffffffffffda RBX: 00007f131c216180 RCX: 00007f131bf9acb9
[  397.795008][ T9522] RDX: 0000000000000080 RSI: 00002000000002c0 RDI: 0000000000000008
[  397.802967][ T9522] RBP: 00007f131c008bf7 R08: 0000000000000000 R09: 0000000000000000
[  397.810924][ T9522] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  397.818879][ T9522] R13: 00007f131c216218 R14: 00007f131c216180 R15: 00007ffe6b716d48
[  397.826845][ T9522]  </TASK>
[  397.830858][ T9522] Mem-Info:
[  397.834026][ T9522] active_anon:10762 inactive_anon:0 isolated_anon:0
[  397.834026][ T9522]  active_file:15665 inactive_file:40098 isolated_file:0
[  397.834026][ T9522]  unevictable:768 dirty:84 writeback:0
[  397.834026][ T9522]  slab_reclaimable:10712 slab_unreclaimable:114322
[  397.834026][ T9522]  mapped:30747 shmem:4242 pagetables:712
[  397.834026][ T9522]  sec_pagetables:0 bounce:0
[  397.834026][ T9522]  kernel_misc_reclaimable:0
[  397.834026][ T9522]  free:1312941 free_pcp:11085 free_cma:0
[  397.879495][ T9522] Node 0 active_anon:43048kB inactive_anon:0kB active_file:62660kB inactive_file:160192kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:122988kB dirty:336kB writeback:0kB shmem:15432kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11888kB pagetables:2848kB sec_pagetables:0kB all_unreclaimable? no
[  397.911841][ T9522] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  397.942026][ T9522] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  397.969232][ T9522] lowmem_reserve[]: 0 2521 2522 2522 2522
[  397.975005][ T9522] Node 0 DMA32 free:1347924kB boost:0kB min:34644kB low:43304kB high:51964kB reserved_highatomic:0KB active_anon:43012kB inactive_anon:0kB active_file:62660kB inactive_file:159368kB unevictable:1536kB writepending:336kB present:3129332kB managed:2586972kB mlocked:0kB bounce:0kB free_pcp:20388kB local_pcp:18888kB free_cma:0kB
[  398.005558][ T9522] lowmem_reserve[]: 0 0 0 0 0
[  398.010248][ T9522] Node 0 Normal free:0kB boost:0kB min:8kB low:8kB high:8kB reserved_highatomic:0KB active_anon:36kB inactive_anon:0kB active_file:0kB inactive_file:824kB unevictable:0kB writepending:0kB present:1048576kB managed:872kB mlocked:0kB bounce:0kB free_pcp:12kB local_pcp:12kB free_cma:0kB
[  398.037152][ T9522] lowmem_reserve[]: 0 0 0 0 0
[  398.041842][ T9522] Node 1 Normal free:3888480kB boost:0kB min:55244kB low:69052kB high:82860kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB writepending:0kB present:4194304kB managed:4117312kB mlocked:0kB bounce:0kB free_pcp:23936kB local_pcp:15360kB free_cma:0kB
[  398.071466][ T9522] lowmem_reserve[]: 0 0 0 0 0
[  398.076205][ T9522] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  398.088866][ T9522] Node 0 DMA32: 23*4kB (UE) 103*8kB (UE) 142*16kB (UME) 523*32kB (UME) 238*64kB (UME) 58*128kB (ME) 27*256kB (ME) 20*512kB (M) 8*1024kB (M) 7*2048kB (UM) 309*4096kB (M) = 1347924kB
[  398.106943][ T9522] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  398.118398][ T9522] Node 1 Normal: 232*4kB (UME) 52*8kB (UME) 40*16kB (UME) 67*32kB (UME) 17*64kB (U) 8*128kB (UME) 1*256kB (U) 2*512kB (UM) 0*1024kB 1*2048kB (U) 947*4096kB (ME) = 3888480kB
[  398.135654][ T9522] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  398.145206][ T9522] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  398.154505][ T9522] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  398.164041][ T9522] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  398.173482][ T9522] 59997 total pagecache pages
[  398.178194][ T9522] 0 pages in swap cache
[  398.182330][ T9522] Free swap  = 124200kB
[  398.186503][ T9522] Total swap = 124996kB
[  398.190639][ T9522] 2097051 pages RAM
[  398.194482][ T9522] 0 pages HighMem/MovableOnly
[  398.199153][ T9522] 416922 pages reserved
[  398.203286][ T9522] 0 pages cma reserved
[  400.511977][ T9537] binder: 9534:9537 ioctl 4018620d 0 returned -22
[  400.609632][ T9537] binder: 9534:9537 unknown command 1074553619
[  400.644811][ T9537] binder: 9534:9537 ioctl c0306201 200000000540 returned -22
[  402.829086][ T9552] netlink: 4 bytes leftover after parsing attributes in process `syz.1.961'.
[  402.987542][ T9548] loop4: detected capacity change from 0 to 32768
[  403.039777][ T9555] loop0: detected capacity change from 0 to 2048
[  403.074229][ T9548] XFS (loop4): Mounting V5 Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[  403.165923][ T9555] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  403.363591][ T9548] XFS (loop4): Ending clean mount
[  403.631419][ T6093] XFS (loop4): Unmounting Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[  404.148666][ T9577] binder: 9574:9577 ioctl 4018620d 0 returned -22
[  404.181488][ T9577] binder: 9574:9577 unknown command 1074553619
[  404.198530][ T9577] binder: 9574:9577 ioctl c0306201 200000000540 returned -22
[  404.398813][ T9583] netlink: 27 bytes leftover after parsing attributes in process `syz.3.970'.
[  404.798160][ T9592] netlink: 4 bytes leftover after parsing attributes in process `syz.4.973'.
[  405.503391][ T9591] cgroup: fork rejected by pids controller in /syz3
[  405.752611][ T9630] netlink: 4 bytes leftover after parsing attributes in process `syz.4.977'.
[  405.803835][ T9630] netlink: 4 bytes leftover after parsing attributes in process `syz.4.977'.
[  406.176065][ T9639] netlink: 27 bytes leftover after parsing attributes in process `syz.3.981'.
[  406.278185][ T9640] loop4: detected capacity change from 0 to 128
[  406.432692][ T9640] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  406.448846][ T9640] ext4 filesystem being mounted at /227/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  406.950910][ T6093] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  406.981174][ T9629] loop1: detected capacity change from 0 to 32768
[  407.110268][ T9629] XFS (loop1): Mounting V5 Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[  407.276868][ T9629] XFS (loop1): Ending clean mount
[  407.465942][ T5771] XFS (loop1): Unmounting Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[  407.833977][ T9661] xt_CT: You must specify a L4 protocol and not use inversions on it
[  408.741268][ T9674] netlink: 4 bytes leftover after parsing attributes in process `syz.3.989'.
[  408.812548][ T9674] netlink: 4 bytes leftover after parsing attributes in process `syz.3.989'.
[  408.990489][ T9678] netlink: 27 bytes leftover after parsing attributes in process `syz.1.991'.
[  409.210802][ T9681] netlink: 4 bytes leftover after parsing attributes in process `syz.1.993'.
[  409.664819][ T9696] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1000'.
[  409.692697][ T9696] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1000'.
[  410.470905][ T9701] loop1: detected capacity change from 0 to 32768
[  410.487873][ T9701] (syz.1.1002,9701,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  410.507195][ T9701] (syz.1.1002,9701,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  410.613918][ T9701] JBD2: Ignoring recovery information on journal
[  410.621784][ T9713] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1006'.
[  410.727318][ T9701] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  411.058580][ T5771] ocfs2: Unmounting device (7,1) on (node local)
[  411.897372][ T9737] binder: 9731:9737 ioctl 4018620d 0 returned -22
[  411.905150][ T9737] binder: 9731:9737 unknown command 1074553619
[  411.911394][ T9737] binder: 9731:9737 ioctl c0306201 200000000540 returned -22
[  412.443047][ T9723] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1011'.
[  412.463605][ T9725] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1011'.
[  415.872611][ T9776] loop4: detected capacity change from 0 to 32768
[  415.907827][ T9776] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop4 scanned by syz.4.1031 (9776)
[  415.932911][ T9776] BTRFS info (device loop4): first mount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0
[  415.943246][ T9776] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm
[  415.952369][ T9776] BTRFS info (device loop4): enabling disk space caching
[  415.959476][ T9776] BTRFS info (device loop4): force clearing of disk cache
[  415.966655][ T9776] BTRFS info (device loop4): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  415.976067][ T9776] BTRFS info (device loop4): use zstd compression, level 3
[  415.983255][ T9776] BTRFS info (device loop4): disk space caching is enabled
[  416.153406][ T9776] BTRFS info (device loop4): enabling ssd optimizations
[  416.160678][ T9776] BTRFS info (device loop4): auto enabling async discard
[  416.173014][ T9776] BTRFS info (device loop4): rebuilding free space tree
[  416.239179][ T9776] BTRFS info (device loop4): disabling free space tree
[  416.246296][ T9776] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  416.256632][ T9776] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  416.385850][ T9796] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1033'.
[  417.056236][   T23] IPVS: starting estimator thread 0...
[  417.164783][ T9803] IPVS: using max 26 ests per chain, 62400 per kthread
[  417.326009][ T9812] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1038'.
[  417.372482][ T6093] BTRFS info (device loop4): last unmount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0
[  417.395596][ T9812] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1038'.
[  418.441447][ T9560] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 12 /dev/loop4 scanned by udevd (9560)
[  418.597447][ T9824] batman_adv: batadv0: Adding interface: dummy0
[  418.634871][ T9827] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1043'.
[  418.694899][ T9824] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  418.876462][ T9824] batman_adv: batadv0: Interface activated: dummy0
[  418.887877][ T9828] batadv0: mtu less than device minimum
[  418.895572][ T9828] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  418.908475][ T9828] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  418.920893][ T9828] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  418.933403][ T9828] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  418.945834][ T9828] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  418.958217][ T9828] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  418.970607][ T9828] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  418.983011][ T9828] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  418.995411][ T9828] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  420.636085][   T23] usb 1-1: new full-speed USB device number 4 using dummy_hcd
[  420.848684][   T23] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  420.900301][   T23] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 2
[  420.917418][ T9868] netlink: 27 bytes leftover after parsing attributes in process `syz.3.1059'.
[  420.926568][   T23] usb 1-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  420.926593][   T23] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  420.973503][   T23] usb 1-1: config 0 descriptor??
[  420.999773][   T23] dvb-usb: found a 'Artec T1 USB2.0' in warm state.
[  421.011171][   T23] dvb-usb: bulk message failed: -22 (3/0)
[  421.058153][   T23] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  421.088736][   T23] dvbdev: DVB: registering new adapter (Artec T1 USB2.0)
[  421.114862][   T23] usb 1-1: media controller created
[  421.149714][   T23] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  421.190672][   T23] dvb-usb: bulk message failed: -22 (6/0)
[  421.306282][   T23] dvb-usb: no frontend was attached by 'Artec T1 USB2.0'
[  421.326772][   T23] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.0/usb1/1-1/input/input6
[  421.352672][   T23] dvb-usb: schedule remote query interval to 150 msecs.
[  421.395748][   T23] dvb-usb: Artec T1 USB2.0 successfully initialized and connected.
[  422.542352][ T9873] tty tty1: ldisc open failed (-12), clearing slot 0
[  422.543586][ T5837] dvb-usb: bulk message failed: -22 (1/0)
[  422.561214][ T5837] dvb-usb: error while querying for an remote control event.
[  422.677740][ T5855] usb 1-1: USB disconnect, device number 4
[  422.771376][ T9881] loop4: detected capacity change from 0 to 512
[  422.827879][ T5855] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected.
[  422.833513][ T9881] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem
[  422.953277][ T9881] EXT4-fs error (device loop4): ext4_orphan_get:1398: inode #15: comm syz.4.1063: iget: bogus i_mode (5)
[  422.984608][ T9881] EXT4-fs error (device loop4): ext4_orphan_get:1403: comm syz.4.1063: couldn't read orphan inode 15 (err -117)
[  423.011945][ T9881] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  423.024420][ T9881] ext2 filesystem being mounted at /254/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  423.467238][ T5855] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  423.924541][ T5855] usb 1-1: Using ep0 maxpacket: 16
[  424.391353][ T5855] usb 1-1: config 0 has an invalid interface number: 105 but max is 0
[  424.402450][ T5855] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  424.407203][ T6093] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  424.447791][ T5855] usb 1-1: config 0 has no interface number 0
[  424.506762][ T5855] usb 1-1: New USB device found, idVendor=046d, idProduct=08f3, bcdDevice= b.28
[  424.535005][ T5855] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  424.565643][ T5855] usb 1-1: Product: syz
[  424.571616][ T5855] usb 1-1: Manufacturer: syz
[  424.599988][ T5855] usb 1-1: SerialNumber: syz
[  424.620568][ T5855] usb 1-1: config 0 descriptor??
[  424.641419][ T5855] usb 1-1: Found UVC 0.00 device syz (046d:08f3)
[  424.650082][ T5855] usb 1-1: No valid video chain found.
[  425.189392][ T9906] loop0: detected capacity change from 0 to 256
[  425.738131][ T9907] netlink: 27 bytes leftover after parsing attributes in process `syz.3.1070'.
[  425.961849][ T9912] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1072'.
[  429.383497][ T5837] usb 1-1: USB disconnect, device number 5
[  430.769594][ T9949] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1082'.
[  433.446710][    C1] vcan0: j1939_tp_rxtimer: 0xffff888018ff7800: rx timeout, send abort
[  433.599384][ T9971] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1085'.
[  433.946814][    C1] vcan0: j1939_tp_rxtimer: 0xffff888018ff6000: rx timeout, send abort
[  433.956834][    C1] vcan0: j1939_tp_rxtimer: 0xffff888018ff7800: abort rx timeout. Force session deactivation
[  434.385035][ T9981] mmap: syz.3.1093 (9981) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  434.455180][    C1] vcan0 (unregistered): j1939_tp_rxtimer: 0xffff888018ff6000: abort rx timeout. Force session deactivation
[  436.632503][ T9981] bond1: (slave dummy0): Releasing backup interface
[  437.668270][ T9981] bond0: (slave bond_slave_0): Releasing backup interface
[  437.695484][ T9981] bond0: (slave bond_slave_1): Releasing backup interface
[  437.786309][ T9981] team0: Port device team_slave_0 removed
[  437.825896][ T9981] team0: Port device team_slave_1 removed
[  437.846453][ T9981] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  437.865707][ T9981] batman_adv: batadv0: Removing interface: batadv_slave_0
[  437.875009][ T9981] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  437.895113][ T9981] batman_adv: batadv0: Removing interface: batadv_slave_1
[  438.037679][T10003] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1097'.
[  438.611499][T10017] loop1: detected capacity change from 0 to 32768
[  438.639078][T10017] BTRFS error: device /dev/loop1 already registered with a higher generation, found 8 expect 12
[  438.669757][T10005] loop4: detected capacity change from 0 to 32768
[  438.838029][ T9560] BTRFS error: device /dev/loop1 already registered with a higher generation, found 8 expect 12
[  439.405662][T10027] loop1: detected capacity change from 0 to 32768
[  439.541569][T10005] XFS (loop4): Mounting V5 Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[  439.656847][T10027] XFS (loop1): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  439.844731][    T9] IPVS: starting estimator thread 0...
[  439.908552][T10027] XFS (loop1): Ending clean mount
[  440.025140][T10040] IPVS: using max 18 ests per chain, 43200 per kthread
[  440.278370][T10005] XFS (loop4): Ending clean mount
[  440.296345][ T1287] ieee802154 phy0 wpan0: encryption failed: -22
[  440.316306][ T5771] XFS (loop1): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  440.686226][ T6093] XFS (loop4): Unmounting Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[  442.150537][T10058] loop4: detected capacity change from 0 to 16
[  442.298606][T10058] erofs: (device loop4): mounted with root inode @ nid 36.
[  442.982591][   T23] IPVS: starting estimator thread 0...
[  443.093280][T10072] IPVS: using max 21 ests per chain, 50400 per kthread
[  443.142094][T10079] netlink: 7 bytes leftover after parsing attributes in process `syz.0.1119'.
[  444.532571][T10093] loop4: detected capacity change from 0 to 512
[  444.578722][T10093] EXT4-fs (loop4): external journal device major/minor numbers have changed
[  444.623857][T10093] EXT4-fs (loop4): external journal has bad superblock
[  447.511570][T10140] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1139'.
[  449.676650][T10144] loop0: detected capacity change from 0 to 32768
[  449.849934][T10144] XFS (loop0): Mounting V5 Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[  450.077072][T10144] XFS (loop0): Ending clean mount
[  450.998735][ T5772] XFS (loop0): Unmounting Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[  452.990380][T10198] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1154'.
[  453.072861][T10198] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1154'.
[  453.215505][T10203] netlink: 27 bytes leftover after parsing attributes in process `syz.1.1157'.
[  453.580291][T10217] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1163'.
[  453.795655][T10224] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1166'.
[  453.845307][T10224] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1166'.
[  454.895537][T10241] netlink: 27 bytes leftover after parsing attributes in process `syz.0.1169'.
[  455.128729][T10249] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1173'.
[  455.326832][T10253] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1175'.
[  455.378753][T10253] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1175'.
[  459.093669][T10306] __nla_validate_parse: 2 callbacks suppressed
[  459.093680][T10306] netlink: 27 bytes leftover after parsing attributes in process `syz.1.1192'.
[  459.663572][T10304] loop4: detected capacity change from 0 to 40427
[  459.691599][T10304] F2FS-fs (loop4): build fault injection attr: rate: 771, type: 0x7ffff
[  459.726550][T10304] F2FS-fs (loop4): invalid crc value
[  459.769249][T10304] F2FS-fs (loop4): Found nat_bits in checkpoint
[  459.934348][T10304] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  460.081021][   T27] audit: type=1804 audit(1769316336.898:16): pid=10304 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.1191" name="/newroot/279/file1/bus" dev="loop4" ino=16 res=1 errno=0
[  460.118866][T10312] f2fs_ckpt-7:4: attempt to access beyond end of device
[  460.118866][T10312] loop4: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  460.184301][T10319] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1196'.
[  460.201842][T10312] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  460.220154][T10312] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  460.955138][T10328] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1198'.
[  461.717280][T10344] syz_tun: entered allmulticast mode
[  462.366105][T10345] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1206'.
[  462.434149][T10349] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1209'.
[  463.770185][T10352] loop0: detected capacity change from 0 to 32768
[  463.837833][T10352] JBD2: Ignoring recovery information on journal
[  463.905751][T10352] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  464.946425][T10382] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1218'.
[  465.174492][ T5855] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  465.384532][ T5855] usb 2-1: Using ep0 maxpacket: 8
[  465.396966][ T5855] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  465.414464][ T5855] usb 2-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  465.433818][ T5855] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  465.452942][ T5855] usb 2-1: config 0 descriptor??
[  465.696239][ T5855] iowarrior 2-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  465.717777][   T27] audit: type=1800 audit(1769316342.538:17): pid=10352 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1207" name="file1" dev="loop0" ino=17059 res=0 errno=0
[  465.838758][T10402] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1226'.
[  465.911008][ T5855] usb 2-1: USB disconnect, device number 8
[  466.185745][T10407] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1228'.
[  467.047969][T10420] netlink: 27 bytes leftover after parsing attributes in process `syz.4.1233'.
[  467.271858][ T5772] ocfs2: Unmounting device (7,0) on (node local)
[  467.750219][T10434] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1237'.
[  467.773770][T10435] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1235'.
[  469.006405][T10452] capability: warning: `syz.4.1244' uses deprecated v2 capabilities in a way that may be insecure
[  469.991496][T10454] loop1: detected capacity change from 0 to 4096
[  470.606066][T10477] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1252'.
[  471.298287][T10487] loop0: detected capacity change from 0 to 1024
[  471.738887][T10487] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  471.868689][T10487] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  472.015799][T10487] EXT4-fs error (device loop0): ext4_xattr_inode_iget:441: inode #11: comm syz.0.1255: missing EA_INODE flag
[  472.031498][T10487] EXT4-fs (loop0): Remounting filesystem read-only
[  473.857586][ T5772] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  476.607317][T10519] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1263'.
[  477.760888][T10536] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1272'.
[  478.736454][T10552] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1275'.
[  481.126964][T10584] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1285'.
[  481.714216][T10590] netlink: 27 bytes leftover after parsing attributes in process `syz.3.1288'.
[  482.564431][    C0] hrtimer: interrupt took 62083 ns
[  484.054754][T10622] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1297'.
[  485.013325][T10632] netlink: 27 bytes leftover after parsing attributes in process `syz.0.1301'.
[  487.199438][T10655] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1309'.
[  487.682156][T10668] netlink: 19 bytes leftover after parsing attributes in process `syz.4.1311'.
[  490.729580][T10695] loop4: detected capacity change from 0 to 512
[  490.742640][T10695] EXT4-fs: Ignoring removed bh option
[  490.810406][T10695] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  490.860677][T10695] ext4 filesystem being mounted at /315/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  490.974866][T10666] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  490.992774][T10666] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  491.003666][T10666] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  491.026587][T10666] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  491.093046][ T6093] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  492.313847][T10689] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1318'.
[  492.387166][T10716] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1326'.
[  492.563919][T10716] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1326'.
[  493.383398][T10713] netlink: 'syz.1.1325': attribute type 1 has an invalid length.
[  493.516548][T10713] 8021q: adding VLAN 0 to HW filter on device bond1
[  493.524207][T10714] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1325'.
[  493.540139][T10714] bond1: entered allmulticast mode
[  495.255181][T10754] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1335'.
[  495.933175][T10767] netlink: 59 bytes leftover after parsing attributes in process `syz.1.1340'.
[  496.365067][T10774] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1343'.
[  498.207611][T10784] overlayfs: missing 'lowerdir'
[  498.228891][T10784] overlayfs: failed to clone lowerpath
[  498.327591][T10790] netlink: 19 bytes leftover after parsing attributes in process `syz.1.1348'.
[  498.340251][T10791] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1347'.
[  499.574725][T10821] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1356'.
[  499.996386][T10828] netlink: 27 bytes leftover after parsing attributes in process `syz.3.1359'.
[  500.530847][T10803] loop0: detected capacity change from 0 to 40427
[  500.631061][ T9560] I/O error, dev loop0, sector 40192 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  501.074562][T10708] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  501.194540][T10709] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  501.268483][T10708] usb 2-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice= 0.00
[  501.284828][T10708] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  501.303557][T10708] usb 2-1: Product: syz
[  501.308101][T10708] usb 2-1: Manufacturer: syz
[  501.312719][T10708] usb 2-1: SerialNumber: syz
[  501.329907][T10708] usb 2-1: config 0 descriptor??
[  501.384663][T10709] usb 1-1: Using ep0 maxpacket: 16
[  501.392430][T10709] usb 1-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 2.00
[  501.412618][T10709] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  501.435951][T10709] usb 1-1: config 0 descriptor??
[  501.456682][T10709] ftdi_sio 1-1:0.0: FTDI USB Serial Device converter detected
[  501.555522][T10708] usb-storage 2-1:0.0: USB Mass Storage device detected
[  501.710859][ T1287] ieee802154 phy0 wpan0: encryption failed: -22
[  501.717459][T10709] usb 1-1: Detected FT232A
[  501.729824][T10709] usb 1-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  501.807323][T10709] usb 1-1: USB disconnect, device number 6
[  501.998001][T10709] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  502.529263][T10709] ftdi_sio 1-1:0.0: device disconnected
[  502.571682][T10857] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1368'.
[  502.728239][T10861] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1370'.
[  504.284838][T10708] usb 2-1: USB disconnect, device number 9
[  504.420697][T10886] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1379'.
[  504.430632][T10885] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1378'.
[  505.102055][T10896] netlink: 88 bytes leftover after parsing attributes in process `syz.4.1384'.
[  505.580946][T10897] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1383'.
[  506.046282][T10899] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1383'.
[  506.477937][T10913] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1388'.
[  506.816763][T10926] netlink: 19 bytes leftover after parsing attributes in process `syz.1.1393'.
[  506.957779][T10929] loop4: detected capacity change from 0 to 256
[  507.163671][T10929] exFAT-fs (loop4): failed to load upcase table (idx : 0x0001e4a3, chksum : 0xe65db40a, utbl_chksum : 0x7319d30d)
[  507.691474][T10934] loop1: detected capacity change from 0 to 2048
[  508.803879][T10934] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  509.615623][T10929] exFAT-fs (loop4): error, found bogus dentry(15) beyond unused empty group(0) (start_clu : 7, cur_clu : 7)
[  509.630731][T10929] exFAT-fs (loop4): Filesystem has been set read-only
[  510.762380][T10947] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1399'.
[  510.875403][T10950] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1399'.
[  510.895050][T10952] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1400'.
[  511.108702][T10955] loop1: detected capacity change from 0 to 2048
[  511.179694][T10955] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  513.018912][T10959] loop1: detected capacity change from 0 to 32768
[  513.040527][T10959] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 scanned by syz.1.1403 (10959)
[  513.322869][T10975] netlink: 19 bytes leftover after parsing attributes in process `syz.3.1408'.
[  514.004598][T10959] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  514.043627][T10959] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm
[  514.095748][T10959] BTRFS warning (device loop1): 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  514.124857][T10959] BTRFS info (device loop1): trying to use backup root at mount time
[  514.148445][T10979] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1410'.
[  514.173678][T10959] BTRFS info (device loop1): setting nodatasum
[  514.188650][T10959] BTRFS info (device loop1): force zlib compression, level 3
[  514.225543][T10983] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1410'.
[  514.278974][T10959] BTRFS info (device loop1): turning on flush-on-commit
[  514.339433][T10959] BTRFS info (device loop1): enabling disk space caching
[  514.394952][T10959] BTRFS error (device loop1): cannot disable free space tree
[  514.445273][T10959] BTRFS error (device loop1): open_ctree failed: -22
[  514.466491][T10985] loop4: detected capacity change from 0 to 2048
[  514.593799][T10985] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  514.814628][T10990] loop0: detected capacity change from 0 to 4096
[  515.447355][   T27] audit: type=1326 audit(1769316392.228:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10987 comm="syz.3.1413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37e8f9acb9 code=0x7ffc0000
[  515.617828][T10990] NILFS (loop0): invalid segment: Checksum error in segment payload
[  515.626706][T10990] NILFS (loop0): trying rollback from an earlier position
[  515.721640][ T9560] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 scanned by udevd (9560)
[  515.789991][T10990] NILFS (loop0): recovery complete
[  515.857840][T10994] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  515.990489][   T27] audit: type=1326 audit(1769316392.238:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10987 comm="syz.3.1413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37e8f9acb9 code=0x7ffc0000
[  516.323032][   T27] audit: type=1326 audit(1769316392.238:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10987 comm="syz.3.1413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f37e8f9acb9 code=0x7ffc0000
[  517.434489][   T27] audit: type=1326 audit(1769316392.238:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10987 comm="syz.3.1413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37e8f9acb9 code=0x7ffc0000
[  517.519857][   T27] audit: type=1326 audit(1769316392.238:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10987 comm="syz.3.1413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37e8f9acb9 code=0x7ffc0000
[  517.604511][   T27] audit: type=1326 audit(1769316392.238:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10987 comm="syz.3.1413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f37e8f9acb9 code=0x7ffc0000
[  517.777308][   T27] audit: type=1326 audit(1769316392.238:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10987 comm="syz.3.1413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37e8f9acb9 code=0x7ffc0000
[  517.801451][   T27] audit: type=1326 audit(1769316392.238:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10987 comm="syz.3.1413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37e8f9acb9 code=0x7ffc0000
[  517.825404][T11011] binder: 11007:11011 ioctl 4018620d 0 returned -22
[  517.832781][   T27] audit: type=1326 audit(1769316392.238:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10987 comm="syz.3.1413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f37e8f9acb9 code=0x7ffc0000
[  517.855849][T11011] binder: 11007:11011 unknown command 1074553619
[  517.862243][T11011] binder: 11007:11011 ioctl c0306201 200000000540 returned -22
[  517.930494][   T27] audit: type=1326 audit(1769316392.248:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10987 comm="syz.3.1413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37e8f9acb9 code=0x7ffc0000
[  518.697374][T11027] loop1: detected capacity change from 0 to 1024
[  518.746298][T11027] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  518.772009][T11027] EXT4-fs (loop1): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  518.866820][T11027] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  519.023978][T11027] EXT4-fs error (device loop1): ext4_xattr_inode_iget:441: inode #11: comm syz.1.1425: missing EA_INODE flag
[  519.057367][T11027] EXT4-fs (loop1): Remounting filesystem read-only
[  519.209135][ T5771] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  519.236489][T11036] loop4: detected capacity change from 0 to 32768
[  519.280869][T11036] BTRFS info (device loop4): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  519.320857][T11036] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm
[  519.347933][T11036] BTRFS info (device loop4): enabling auto defrag
[  519.386723][T11036] BTRFS info (device loop4): use no compression
[  519.393041][T11036] BTRFS info (device loop4): force clearing of disk cache
[  519.434905][T11036] BTRFS info (device loop4): max_inline at 4096
[  519.444491][T11036] BTRFS info (device loop4): disabling tree log
[  519.450872][T11036] BTRFS info (device loop4): using free space tree
[  519.474111][T11043] loop1: detected capacity change from 0 to 4096
[  519.826612][T11036] BTRFS info (device loop4): enabling ssd optimizations
[  519.878009][T11036] BTRFS info (device loop4): auto enabling async discard
[  519.934681][T11036] BTRFS info (device loop4): rebuilding free space tree
[  522.564795][ T5902] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  522.609205][ T6093] BTRFS info (device loop4): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  522.764788][ T5902] usb 1-1: Using ep0 maxpacket: 16
[  522.964100][ T5902] usb 1-1: device descriptor read/all, error -71
[  523.477343][T11081] binder: 11077:11081 ioctl 4018620d 0 returned -22
[  523.488975][T11081] binder: 11077:11081 unknown command 1074553619
[  523.501578][T11081] binder: 11077:11081 ioctl c0306201 200000000540 returned -22
[  524.358190][T11101] loop1: detected capacity change from 0 to 256
[  525.326743][T11108] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1443'.
[  525.342458][T11110] loop4: detected capacity change from 0 to 512
[  525.350097][T11110] EXT4-fs: Ignoring removed bh option
[  525.434110][T11110] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  525.467221][T11110] ext4 filesystem being mounted at /341/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  525.558628][T11115] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1445'.
[  525.922206][ T6093] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  527.322034][T11148] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1455'.
[  530.511617][T11185] relay: one or more items not logged [item size (56) > sub-buffer size (10)]
[  531.888230][T11214] loop1: detected capacity change from 0 to 8192
[  536.400552][T11240] net_ratelimit: 10 callbacks suppressed
[  536.400569][T11240] Set syz1 is full, maxelem 6117 reached
[  543.154630][  T787] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  543.511197][  T787] usb 1-1: New USB device found, idVendor=04fc, idProduct=504a, bcdDevice=43.02
[  543.525973][  T787] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  543.535358][  T787] usb 1-1: Product: syz
[  543.539565][  T787] usb 1-1: Manufacturer: syz
[  543.544171][  T787] usb 1-1: SerialNumber: syz
[  543.566215][  T787] usb 1-1: config 0 descriptor??
[  543.649810][  T787] gspca_main: sunplus-2.14.0 probing 04fc:504a
[  544.052704][  T787] gspca_sunplus: reg_w_riv err -71
[  544.070983][  T787] sunplus: probe of 1-1:0.0 failed with error -71
[  544.099873][  T787] usb 1-1: USB disconnect, device number 9
[  544.291774][T11312] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1509'.
[  544.405837][ T6191] ------------[ cut here ]------------
[  544.411878][ T6191] WARNING: CPU: 1 PID: 6191 at net/mac80211/chan.c:92 ieee80211_vif_use_reserved_switch+0x10e8/0x28f0
[  544.422936][ T6191] Modules linked in:
[  544.426937][ T6191] CPU: 1 PID: 6191 Comm: kworker/u4:14 Not tainted syzkaller #0
[  544.434695][ T6191] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  544.444829][ T6191] Workqueue: phy5 ieee80211_csa_finalize_work
[  544.450936][ T6191] RIP: 0010:ieee80211_vif_use_reserved_switch+0x10e8/0x28f0
[  544.458419][ T6191] Code: 48 89 df e8 0a 4a d8 f7 e9 dc fc ff ff e8 d0 22 80 f7 eb 24 e8 c9 22 80 f7 c7 04 24 f4 ff ff ff e9 e4 f5 ff ff e8 b8 22 80 f7 <0f> 0b 0f 0b e9 cf f5 ff ff e8 aa 22 80 f7 48 8b 7c 24 08 4c 8b 7c
[  544.478582][ T6191] RSP: 0018:ffffc900030579c0 EFLAGS: 00010293
[  544.484957][ T6191] RAX: ffffffff8a06ec6e RBX: 0000000000000001 RCX: ffff88805e520000
[  544.492966][ T6191] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[  544.501914][    C1] ------------[ cut here ]------------
[  544.501966][    C1] WARNING: CPU: 1 PID: 6191 at net/mac80211/tx.c:5031 __ieee80211_beacon_get+0x1233/0x1600
[  544.502009][    C1] Modules linked in:
[  544.502024][    C1] CPU: 1 PID: 6191 Comm: kworker/u4:14 Not tainted syzkaller #0
[  544.502045][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  544.502060][    C1] Workqueue: phy5 ieee80211_csa_finalize_work
[  544.502087][    C1] RIP: 0010:__ieee80211_beacon_get+0x1233/0x1600
[  544.502113][    C1] Code: 24 4c 89 e7 e8 5e 86 c2 f7 45 31 f6 4c 8b bc 24 a0 00 00 00 e9 7a fe ff ff e8 59 ce 84 f7 0f 0b e9 f6 f7 ff ff e8 4d ce 84 f7 <0f> 0b e9 48 fb ff ff e8 41 ce 84 f7 48 c7 c7 e0 4c 64 8e 4c 89 e6
[  544.502138][    C1] RSP: 0018:ffffc900001f0a18 EFLAGS: 00010246
[  544.502159][    C1] RAX: ffffffff8a0244d3 RBX: ffffffff8a0232d6 RCX: ffff88805e520000
[  544.502175][    C1] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000000
[  544.502188][    C1] RBP: 0000000000000000 R08: ffff88805e520000 R09: 0000000000000003
[  544.502203][    C1] R10: 0000000000000007 R11: 0000000000000100 R12: ffff88805ca963c0
[  544.502218][    C1] R13: dffffc0000000000 R14: ffff88805ca968b0 R15: ffff88804b959024
[  544.502236][    C1] FS:  0000000000000000(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000
[  544.502255][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  544.502270][    C1] CR2: 00007f131cd456b8 CR3: 000000000cf32000 CR4: 00000000003506e0
[  544.502290][    C1] Call Trace:
[  544.502298][    C1]  <IRQ>
[  544.502309][    C1]  ? __ieee80211_beacon_get+0x36/0x1600
[  544.502342][    C1]  ieee80211_beacon_get_tim+0xbf/0x580
[  544.502369][    C1]  ? ieee80211_beacon_get_template_ema_list+0x90/0x90
[  544.502404][    C1]  mac80211_hwsim_beacon_tx+0x3c7/0x780
[  544.502445][    C1]  __iterate_interfaces+0x243/0x500
[  544.502474][    C1]  ? mac80211_hwsim_vendor_cmd_test+0x2f0/0x2f0
[  544.502498][    C1]  ? ieee80211_iterate_active_interfaces_atomic+0x2a/0x180
[  544.502531][    C1]  ? mac80211_hwsim_vendor_cmd_test+0x2f0/0x2f0
[  544.502555][    C1]  ieee80211_iterate_active_interfaces_atomic+0xdb/0x180
[  544.502588][    C1]  mac80211_hwsim_beacon+0xbb/0x1b0
[  544.502613][    C1]  __hrtimer_run_queues+0x52a/0xc40
[  544.502644][    C1]  ? hw_scan_work+0xf60/0xf60
[  544.502673][    C1]  ? hrtimer_interrupt+0x9c0/0x9c0
[  544.502696][    C1]  ? ktime_get_update_offsets_now+0x3d2/0x3f0
[  544.502732][    C1]  hrtimer_run_softirq+0x187/0x2b0
[  544.502760][    C1]  handle_softirqs+0x280/0x820
[  544.502788][    C1]  ? __irq_exit_rcu+0xd3/0x190
[  544.502814][    C1]  ? do_softirq+0x1a0/0x1a0
[  544.502840][    C1]  ? irqtime_account_irq+0xb6/0x1c0
[  544.502871][    C1]  __irq_exit_rcu+0xd3/0x190
[  544.502893][    C1]  ? irq_exit_rcu+0x20/0x20
[  544.502923][    C1]  irq_exit_rcu+0x9/0x20
[  544.502942][    C1]  sysvec_apic_timer_interrupt+0xa4/0xc0
[  544.502966][    C1]  </IRQ>
[  544.502974][    C1]  <TASK>
[  544.502984][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  544.503007][    C1] RIP: 0010:console_flush_all+0x8b1/0xd20
[  544.503035][    C1] Code: ed 01 00 00 e8 70 80 1b 00 4d 85 ff 48 8b 5c 24 38 75 07 e8 61 80 1b 00 eb 06 e8 5a 80 1b 00 fb 49 bf 00 00 00 00 00 fc ff df <48> 8b 44 24 58 42 0f b6 04 38 84 c0 0f 85 2f 02 00 00 80 3b 01 0f
[  544.503053][    C1] RSP: 0018:ffffc90003057340 EFLAGS: 00000293
[  544.503074][    C1] RAX: ffffffff816b92c6 RBX: ffffc900030574df RCX: ffff88805e520000
[  544.503092][    C1] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  544.503106][    C1] RBP: ffffc900030574b0 R08: ffffffff911be507 R09: 1ffffffff2237ca0
[  544.503123][    C1] R10: dffffc0000000000 R11: fffffbfff2237ca1 R12: ffffffff8d8b7b40
[  544.503139][    C1] R13: 1ffffffff19f96f8 R14: ffffffff8d8b7b98 R15: dffffc0000000000
[  544.503162][    C1]  ? console_flush_all+0x8a6/0xd20
[  544.503197][    C1]  ? console_flush_all+0x10a/0xd20
[  544.503236][    C1]  ? is_console_locked+0x20/0x20
[  544.503263][    C1]  ? lock_chain_count+0x20/0x20
[  544.503291][    C1]  ? __down_trylock_console_sem+0xf6/0x1f0
[  544.503322][    C1]  console_unlock+0xad/0x350
[  544.503350][    C1]  ? other_cpu_in_panic+0xf0/0xf0
[  544.503374][    C1]  ? vprintk_emit+0x53d/0x610
[  544.503405][    C1]  ? irq_work_queue+0xc3/0x140
[  544.503439][    C1]  vprintk_emit+0x497/0x610
[  544.503467][    C1]  ? printk_sprint+0x460/0x460
[  544.503494][    C1]  ? _printk+0xde/0x130
[  544.503518][    C1]  ? copy_from_kernel_nofault+0x1d2/0x310
[  544.503558][    C1]  _printk+0xde/0x130
[  544.503581][    C1]  ? ieee80211_vif_use_reserved_switch+0x10be/0x28f0
[  544.503610][    C1]  ? load_image+0x400/0x400
[  544.503648][    C1]  __show_regs+0x159/0x600
[  544.503672][    C1]  ? dump_stack_print_info+0xf5/0x150
[  544.503704][    C1]  show_regs+0x44/0x90
[  544.503732][    C1]  __warn+0x160/0x470
[  544.503752][    C1]  ? ieee80211_vif_use_reserved_switch+0x10e8/0x28f0
[  544.503779][    C1]  ? ieee80211_vif_use_reserved_switch+0x10e8/0x28f0
[  544.503802][    C1]  report_bug+0x2be/0x4f0
[  544.503831][    C1]  ? ieee80211_vif_use_reserved_switch+0x10e8/0x28f0
[  544.503856][    C1]  ? ieee80211_vif_use_reserved_switch+0x10e8/0x28f0
[  544.503879][    C1]  ? ieee80211_vif_use_reserved_switch+0x10ea/0x28f0
[  544.503900][    C1]  handle_bug+0xcf/0x120
[  544.503930][    C1]  exc_invalid_op+0x1a/0x50
[  544.503958][    C1]  asm_exc_invalid_op+0x1a/0x20
[  544.503979][    C1] RIP: 0010:ieee80211_vif_use_reserved_switch+0x10e8/0x28f0
[  544.504004][    C1] Code: 48 89 df e8 0a 4a d8 f7 e9 dc fc ff ff e8 d0 22 80 f7 eb 24 e8 c9 22 80 f7 c7 04 24 f4 ff ff ff e9 e4 f5 ff ff e8 b8 22 80 f7 <0f> 0b 0f 0b e9 cf f5 ff ff e8 aa 22 80 f7 48 8b 7c 24 08 4c 8b 7c
[  544.504022][    C1] RSP: 0018:ffffc900030579c0 EFLAGS: 00010293
[  544.504042][    C1] RAX: ffffffff8a06ec6e RBX: 0000000000000001 RCX: ffff88805e520000
[  544.504058][    C1] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[  544.504073][    C1] RBP: dffffc0000000000 R08: ffff88805ca955af R09: 1ffff1100b952ab5
[  544.504089][    C1] R10: dffffc0000000000 R11: ffffed100b952ab6 R12: 0000000000000001
[  544.504105][    C1] R13: ffff88805ca965d9 R14: ffff88807f9f2c70 R15: ffff88807f9f2ce8
[  544.504146][    C1]  ? ieee80211_vif_use_reserved_switch+0xcee/0x28f0
[  544.504190][    C1]  ieee80211_link_use_reserved_context+0x383/0x5c0
[  544.504219][    C1]  ieee80211_csa_finalize+0x5a6/0xf20
[  544.504245][    C1]  ? mutex_lock_nested+0x20/0x20
[  544.504275][    C1]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  544.504300][    C1]  ? ieee80211_csa_finalize_work+0x140/0x140
[  544.504326][    C1]  ? read_lock_is_recursive+0x20/0x20
[  544.504397][    C1]  ieee80211_csa_finalize_work+0xf6/0x140
[  544.504427][    C1]  ? process_scheduled_works+0x96f/0x15d0
[  544.504453][    C1]  process_scheduled_works+0xa5d/0x15d0
[  544.504505][    C1]  ? assign_work+0x430/0x430
[  544.504537][    C1]  ? assign_work+0x3d0/0x430
[  544.504569][    C1]  worker_thread+0xa55/0xfc0
[  544.504621][    C1]  kthread+0x2fa/0x390
[  544.504641][    C1]  ? pr_cont_work+0x560/0x560
[  544.504667][    C1]  ? kthread_blkcg+0xd0/0xd0
[  544.504689][    C1]  ret_from_fork+0x48/0x80
[  544.504714][    C1]  ? kthread_blkcg+0xd0/0xd0
[  544.504736][    C1]  ret_from_fork_asm+0x11/0x20
[  544.504771][    C1]  </TASK>
[  544.504781][    C1] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  544.504790][    C1] CPU: 1 PID: 6191 Comm: kworker/u4:14 Not tainted syzkaller #0
[  544.504806][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  544.504817][    C1] Workqueue: phy5 ieee80211_csa_finalize_work
[  544.504838][    C1] Call Trace:
[  544.504844][    C1]  <IRQ>
[  544.504850][    C1]  dump_stack_lvl+0x18c/0x250
[  544.504877][    C1]  ? show_regs_print_info+0x20/0x20
[  544.504899][    C1]  ? load_image+0x400/0x400
[  544.504930][    C1]  panic+0x2dc/0x730
[  544.504949][    C1]  ? bpf_jit_dump+0xd0/0xd0
[  544.504968][    C1]  ? ret_from_fork_asm+0x11/0x20
[  544.504989][    C1]  __warn+0x2e0/0x470
[  544.505003][    C1]  ? __ieee80211_beacon_get+0x1233/0x1600
[  544.505020][    C1]  ? __ieee80211_beacon_get+0x1233/0x1600
[  544.505035][    C1]  report_bug+0x2be/0x4f0
[  544.505055][    C1]  ? __ieee80211_beacon_get+0x1233/0x1600
[  544.505071][    C1]  ? __ieee80211_beacon_get+0x1233/0x1600
[  544.505087][    C1]  ? __ieee80211_beacon_get+0x1235/0x1600
[  544.505102][    C1]  handle_bug+0xcf/0x120
[  544.505121][    C1]  exc_invalid_op+0x1a/0x50
[  544.505140][    C1]  asm_exc_invalid_op+0x1a/0x20
[  544.505154][    C1] RIP: 0010:__ieee80211_beacon_get+0x1233/0x1600
[  544.505172][    C1] Code: 24 4c 89 e7 e8 5e 86 c2 f7 45 31 f6 4c 8b bc 24 a0 00 00 00 e9 7a fe ff ff e8 59 ce 84 f7 0f 0b e9 f6 f7 ff ff e8 4d ce 84 f7 <0f> 0b e9 48 fb ff ff e8 41 ce 84 f7 48 c7 c7 e0 4c 64 8e 4c 89 e6
[  544.505184][    C1] RSP: 0018:ffffc900001f0a18 EFLAGS: 00010246
[  544.505196][    C1] RAX: ffffffff8a0244d3 RBX: ffffffff8a0232d6 RCX: ffff88805e520000
[  544.505207][    C1] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000000
[  544.505216][    C1] RBP: 0000000000000000 R08: ffff88805e520000 R09: 0000000000000003
[  544.505225][    C1] R10: 0000000000000007 R11: 0000000000000100 R12: ffff88805ca963c0
[  544.505234][    C1] R13: dffffc0000000000 R14: ffff88805ca968b0 R15: ffff88804b959024
[  544.505247][    C1]  ? __ieee80211_beacon_get+0x36/0x1600
[  544.505264][    C1]  ? __ieee80211_beacon_get+0x1233/0x1600
[  544.505284][    C1]  ? __ieee80211_beacon_get+0x1233/0x1600
[  544.505300][    C1]  ? __ieee80211_beacon_get+0x36/0x1600
[  544.505321][    C1]  ieee80211_beacon_get_tim+0xbf/0x580
[  544.505339][    C1]  ? ieee80211_beacon_get_template_ema_list+0x90/0x90
[  544.505362][    C1]  mac80211_hwsim_beacon_tx+0x3c7/0x780
[  544.505382][    C1]  __iterate_interfaces+0x243/0x500
[  544.505401][    C1]  ? mac80211_hwsim_vendor_cmd_test+0x2f0/0x2f0
[  544.505424][    C1]  ? ieee80211_iterate_active_interfaces_atomic+0x2a/0x180
[  544.505445][    C1]  ? mac80211_hwsim_vendor_cmd_test+0x2f0/0x2f0
[  544.505460][    C1]  ieee80211_iterate_active_interfaces_atomic+0xdb/0x180
[  544.505483][    C1]  mac80211_hwsim_beacon+0xbb/0x1b0
[  544.505499][    C1]  __hrtimer_run_queues+0x52a/0xc40
[  544.505518][    C1]  ? hw_scan_work+0xf60/0xf60
[  544.505537][    C1]  ? hrtimer_interrupt+0x9c0/0x9c0
[  544.505552][    C1]  ? ktime_get_update_offsets_now+0x3d2/0x3f0
[  544.505574][    C1]  hrtimer_run_softirq+0x187/0x2b0
[  544.505592][    C1]  handle_softirqs+0x280/0x820
[  544.505609][    C1]  ? __irq_exit_rcu+0xd3/0x190
[  544.505626][    C1]  ? do_softirq+0x1a0/0x1a0
[  544.505642][    C1]  ? irqtime_account_irq+0xb6/0x1c0
[  544.505662][    C1]  __irq_exit_rcu+0xd3/0x190
[  544.505676][    C1]  ? irq_exit_rcu+0x20/0x20
[  544.505695][    C1]  irq_exit_rcu+0x9/0x20
[  544.505707][    C1]  sysvec_apic_timer_interrupt+0xa4/0xc0
[  544.505721][    C1]  </IRQ>
[  544.505726][    C1]  <TASK>
[  544.505731][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  544.505746][    C1] RIP: 0010:console_flush_all+0x8b1/0xd20
[  544.505764][    C1] Code: ed 01 00 00 e8 70 80 1b 00 4d 85 ff 48 8b 5c 24 38 75 07 e8 61 80 1b 00 eb 06 e8 5a 80 1b 00 fb 49 bf 00 00 00 00 00 fc ff df <48> 8b 44 24 58 42 0f b6 04 38 84 c0 0f 85 2f 02 00 00 80 3b 01 0f
[  544.505775][    C1] RSP: 0018:ffffc90003057340 EFLAGS: 00000293
[  544.505786][    C1] RAX: ffffffff816b92c6 RBX: ffffc900030574df RCX: ffff88805e520000
[  544.505796][    C1] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  544.505804][    C1] RBP: ffffc900030574b0 R08: ffffffff911be507 R09: 1ffffffff2237ca0
[  544.505814][    C1] R10: dffffc0000000000 R11: fffffbfff2237ca1 R12: ffffffff8d8b7b40
[  544.505824][    C1] R13: 1ffffffff19f96f8 R14: ffffffff8d8b7b98 R15: dffffc0000000000
[  544.505839][    C1]  ? console_flush_all+0x8a6/0xd20
[  544.505863][    C1]  ? console_flush_all+0x10a/0xd20
[  544.505893][    C1]  ? is_console_locked+0x20/0x20
[  544.505911][    C1]  ? lock_chain_count+0x20/0x20
[  544.505929][    C1]  ? __down_trylock_console_sem+0xf6/0x1f0
[  544.505948][    C1]  console_unlock+0xad/0x350
[  544.505966][    C1]  ? other_cpu_in_panic+0xf0/0xf0
[  544.505981][    C1]  ? vprintk_emit+0x53d/0x610
[  544.506001][    C1]  ? irq_work_queue+0xc3/0x140
[  544.506019][    C1]  vprintk_emit+0x497/0x610
[  544.506036][    C1]  ? printk_sprint+0x460/0x460
[  544.506053][    C1]  ? _printk+0xde/0x130
[  544.506068][    C1]  ? copy_from_kernel_nofault+0x1d2/0x310
[  544.506093][    C1]  _printk+0xde/0x130
[  544.506108][    C1]  ? ieee80211_vif_use_reserved_switch+0x10be/0x28f0
[  544.506126][    C1]  ? load_image+0x400/0x400
[  544.506150][    C1]  __show_regs+0x159/0x600
[  544.506166][    C1]  ? dump_stack_print_info+0xf5/0x150
[  544.506186][    C1]  show_regs+0x44/0x90
[  544.506204][    C1]  __warn+0x160/0x470
[  544.506216][    C1]  ? ieee80211_vif_use_reserved_switch+0x10e8/0x28f0
[  544.506233][    C1]  ? ieee80211_vif_use_reserved_switch+0x10e8/0x28f0
[  544.506248][    C1]  report_bug+0x2be/0x4f0
[  544.506267][    C1]  ? ieee80211_vif_use_reserved_switch+0x10e8/0x28f0
[  544.506282][    C1]  ? ieee80211_vif_use_reserved_switch+0x10e8/0x28f0
[  544.506297][    C1]  ? ieee80211_vif_use_reserved_switch+0x10ea/0x28f0
[  544.506312][    C1]  handle_bug+0xcf/0x120
[  544.506331][    C1]  exc_invalid_op+0x1a/0x50
[  544.506349][    C1]  asm_exc_invalid_op+0x1a/0x20
[  544.506362][    C1] RIP: 0010:ieee80211_vif_use_reserved_switch+0x10e8/0x28f0
[  544.506378][    C1] Code: 48 89 df e8 0a 4a d8 f7 e9 dc fc ff ff e8 d0 22 80 f7 eb 24 e8 c9 22 80 f7 c7 04 24 f4 ff ff ff e9 e4 f5 ff ff e8 b8 22 80 f7 <0f> 0b 0f 0b e9 cf f5 ff ff e8 aa 22 80 f7 48 8b 7c 24 08 4c 8b 7c
[  544.506389][    C1] RSP: 0018:ffffc900030579c0 EFLAGS: 00010293
[  544.506400][    C1] RAX: ffffffff8a06ec6e RBX: 0000000000000001 RCX: ffff88805e520000
[  544.506415][    C1] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[  544.506423][    C1] RBP: dffffc0000000000 R08: ffff88805ca955af R09: 1ffff1100b952ab5
[  544.506434][    C1] R10: dffffc0000000000 R11: ffffed100b952ab6 R12: 0000000000000001
[  544.506443][    C1] R13: ffff88805ca965d9 R14: ffff88807f9f2c70 R15: ffff88807f9f2ce8
[  544.506458][    C1]  ? ieee80211_vif_use_reserved_switch+0xcee/0x28f0
[  544.506485][    C1]  ieee80211_link_use_reserved_context+0x383/0x5c0
[  544.506505][    C1]  ieee80211_csa_finalize+0x5a6/0xf20
[  544.506521][    C1]  ? mutex_lock_nested+0x20/0x20
[  544.506541][    C1]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  544.506557][    C1]  ? ieee80211_csa_finalize_work+0x140/0x140
[  544.506573][    C1]  ? read_lock_is_recursive+0x20/0x20
[  544.506594][    C1]  ieee80211_csa_finalize_work+0xf6/0x140
[  544.506611][    C1]  ? process_scheduled_works+0x96f/0x15d0
[  544.506628][    C1]  process_scheduled_works+0xa5d/0x15d0
[  544.506662][    C1]  ? assign_work+0x430/0x430
[  544.506682][    C1]  ? assign_work+0x3d0/0x430
[  544.506703][    C1]  worker_thread+0xa55/0xfc0
[  544.506735][    C1]  kthread+0x2fa/0x390
[  544.506748][    C1]  ? pr_cont_work+0x560/0x560
[  544.506765][    C1]  ? kthread_blkcg+0xd0/0xd0
[  544.506778][    C1]  ret_from_fork+0x48/0x80
[  544.506795][    C1]  ? kthread_blkcg+0xd0/0xd0
[  544.506808][    C1]  ret_from_fork_asm+0x11/0x20
[  544.506835][    C1]  </TASK>
[  544.507259][    C1] Kernel Offset: disabled