last executing test programs:

11.009189789s ago: executing program 0 (id=816):
r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
bind$802154_raw(r0, &(0x7f0000000040)={0x24, @short={0x2, 0x3, 0xffff}}, 0x14) (async, rerun: 64)
r1 = syz_open_dev$audion(&(0x7f0000000000), 0x3, 0x1) (async, rerun: 64)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000180), r2) (async, rerun: 64)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x23, &(0x7f00000001c0)=@raw=[@jmp={0x5, 0x0, 0x2, 0x9, 0x6, 0xffffffffffffffc0, 0x1}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x9}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r1}}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x5}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r1}}, @printk={@li, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x7}}], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x8, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000340)={0x6, 0x3}, 0x8, 0x10, &(0x7f0000000380)={0x1, 0xb, 0x9, 0x101}, 0x10, 0x0, 0x0, 0x3, &(0x7f00000003c0)=[r1, r1, r1], &(0x7f0000000400)=[{0x1, 0x3, 0x8, 0xa}, {0x0, 0x1, 0xb, 0xa}, {0x1, 0x3, 0x4}], 0x10, 0xf}, 0x94) (rerun: 64)
timer_gettime(0x0, 0x0) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x6, &(0x7f0000000040)=ANY=[@ANYRES64=r0], &(0x7f0000000080)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x2, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, r3}, 0x94)

10.871491611s ago: executing program 0 (id=818):
unshare(0x2a000400)
syz_mount_image$ocfs2(&(0x7f0000004480), &(0x7f00000044c0)='./file1\x00', 0x2800400, &(0x7f00000001c0)=ANY=[@ANYBLOB="6c6f63616c616c6c6f633d31383434363734343037333730393535313630382c726573765f6c6576656c3d30303030303030303030303030303030303030322c6865617274626561743d6e6f6e652c636f686572656e63793d62756666657265642c6572726f72733d636f6e74696e75652c6e6f696e74722c636f686572656e63793d66756c6c2c6e6f61636c2c636f686572656e63793d66756c6c2c646174613d6f7264657265642c0004306b696ca03db375edc4c5f0f579bf2195c3cc88165b8c279abaa84a848971253cb6e898fee96fa6000000000000"], 0x6, 0x447b, &(0x7f0000004500)="$eJzs27tvHNUeAOAza+dmnZvk+pV3Iq0uBRYga50KSEFIDCgSItg8hChirR9JDGuvZa9RCiSC6CMhUSBqmkT0KKnyL1CQljJFoKBB0GC0O7P2zqyXrKJdm5jvk6LxnLf8mzlzjo6TS1SvL64VFtcKpeVCZe7q2tnCJ5Xy+tJCyO2Qan53+6czvXhOdvvZ+ze7fPH1d94/G8KNH4f/u7GxsRFqBsO2Jpp+/u3XT+earw25TJ1au9u31i0fhhBGQwj5kB1PXwjhg+9DiEIIQ0nacHIdCCEcDHHeF9/dns53aTR9D+9M3Z6avHX30dKDgYtXCm0LRiF8Uz7xwrWln5/pO/fTc13qHgAA/tYb05ffe7s4Ee5H4fC9/tb1+rHk2m59vEFHXul9KAEAAKCtrf3/YJSLWvf/o8m1zZFgsLF9ul166/Lka8WJ5Pw3asl/MUn65dW++hlq9tw3e/47lKm//flvaz9PqjG+Rr+DIcqNp+5zufHxECYuxPfHowO5cmWt+vzVyvryfNeG8dRKxz8+vU9FJznQ7zT+w5n2e3/+P9LyNNXuC917xPa0dPz72pb79vOoo/iPZOrtRPxTbva2t70mHf/+etr/mwsU4gmgFv8v+x8f/9FM+92Of+MJPVyb26PaWPOpGaC2hqmlt1uvkJaO/756WmrqTH6R7d7/PzLxP5Jpf7fm/7ELve11r0jH/z/1tPQfrW29/0O5x7//RzPt70b8a+Mf8/3vSDr+++PE9ORZ/012Ov8fy7Tfo/jfTI5VQzgchZGmvzq91x9/HBrn1fUtTS17pQej2APS8W895d/a/+U6Wv8dz9Tfqf1fo9/G/q+xDxmL4v1for9rHe8R6fgPtC3X6ft/IlOv5/N/lE92ABuf9bSfPSod/wNx4jYLwE7jfzLTfq/iX5/x8434bw34z/1xetH6ryPp+CehSn0G4g11ff0Xtcb990z8T2Xab4p/9r+GdEnr+q82/rEe9bbXpON/sG25Wvx/6OD7fzpTr937v68ro48VrfWfWDr+h9qWq7//+cfH/0ymXq+//8+2zTEBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB0Yji5DoYoN566z+XGx0MYSe6PhwPRbGl+ZrZcmft4LYTRJL0QhqNr5cpsqTyzuFyZX5gplcuVuRCOJPmjIR+tlSvVmaXSytHNtgai6wul1ersQqkaQjiWpJ8OhxptzS5Wl0or9bKNvP/lKqsr10vLM/OLqy8Xi8ViOLE5hqFo4UZ1Ybka9x7nhnBys+5g1DS4evapzbEcjD6qrK8ul8r19NNNdcqVuVK5qc6ZJO+rMBRVV9eX50rVhZly5Vqjv910PrlOXpp+d/rNiZb8QhRfh3d2WAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD8w9w/99LXIYT++C4XQjjf+CFK/qX0PbwzdXtq8tbdR0sPBi5eKWxXBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4C924EAAAAAAAMj/tRGqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsEvHKg1DURiAz70KCi7q6BM4hWRzVRRxMSL4BL5Eh75mH6NDxy6l0N5ASBro0tLh+5ZD8nPvOXAPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJfj87f9+6mbiBS3m5uI2eLxrp8/lVq/HT5/dYYZOZ2v7/b9o27Ku6dR/lJ+LV/zLl2v5v9R6nXvu9MM9mS4T3vjPkNT+zY1X9f3PlKuIuKh5M8p56o67i4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC27M2hCYBgEMfRO8Fks7iGTmFUBPcwOp5LOI8mwWAQvvpeOjh+/AEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCfcZnWuR/iyKiuzNjPtnn/u+fYvvssm6/LcgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAmx04kAEAAAAQ5m+dR/sBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIMCAAD//5FnzS8=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
syz_mount_image$bfs(&(0x7f0000000240), &(0x7f0000000080)='./file1\x00', 0x0, &(0x7f0000000400)=ANY=[], 0x4, 0xb1, &(0x7f0000000400)="$eJzs1zFqwmAYBuC3oW3aJT1Ah94gd+hRSsd261Rx8ELunsIjCB7AwU1cIjExZHYwIM8DCby8/wff+P/r4/I9VdK85awZ+fuf/Xz9tv9VBs/hjhRJyiQvbai6vPvsuoe+3+zn35dvNPo40coAAMCVitRJXvubfhZF6rprtsOZj/YtcOjD02i4vOmqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJM4BQAA//8fTCFM")
openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x6b142, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='pids.current\x00', 0x275a, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x103a42, 0x0)
openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x42, 0x0)
ioctl$FS_IOC_RESVSP(r0, 0x80106f05, &(0x7f00000000c0)={0x0, 0x4, 0x32, 0x4})

8.342353083s ago: executing program 4 (id=829):
socket$kcm(0x2d, 0x2, 0x0)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xe, &(0x7f0000000000)=0x482, 0x4)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
setsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x480, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x0, 0x0, &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, 0x0, 0xc000)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000180)=[{}], 0x1}, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000000)={'batadv0\x00', <r2=>0x0})
r3 = socket$kcm(0x10, 0x2, 0x0)
ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(r3, 0x8982, &(0x7f0000000400)={0x0, 'batadv0\x00', {0x5}})
sendmsg$nl_route(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)=@dellink={0x20, 0x11, 0x1, 0x70bd27, 0x25dfdbfd, {0x0, 0x0, 0x0, r2, 0x1480, 0x2104}}, 0x20}, 0x1, 0x0, 0x0, 0x40}, 0x80)

8.127569436s ago: executing program 0 (id=830):
ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000140)=@multiplanar_mmap={0x0, 0xa, 0x4, 0x800, 0x0, {<r0=>0x0, 0x2710}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "a730b801"}, 0x0, 0x1, {0x0}})
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x16)
syz_clone(0x1000, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = fsopen(&(0x7f0000000040)='ceph\x00', 0x0)
syz_usb_connect(0x3, 0x2d, &(0x7f0000000000)={{0x12, 0x1, 0x310, 0x19, 0xe8, 0xa4, 0x40, 0xace, 0x2011, 0x101, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x6, 0x73, 0xf0, 0x8, [{{0x9, 0x4, 0x46, 0x8, 0x1, 0x67, 0x7e, 0x58, 0x4c, [], [{{0x9, 0x5, 0x1, 0x2, 0x200, 0x7, 0x5, 0x6}}]}}]}}]}}, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0})
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000600)='\xfa\xf4\x1fJ\'E\f;\xba\xd7\x81\x95o\xa7|q\x06\x00\x00\x00#\t\x84\x02\xc4)\xadm\x04\xb0\x18R+\x88\xd1\xf0\x89\xb1\xa3\xa0F\xb2|w\xcaAG\x99\x88{H\x94\xdf\xd7\x16K\x0eS\x97\xe8\xa7\xbf*\xf0$\xc0\xcc\xc1\x926\xcc\xedU\xb5\xb9j\x9b\xc11-\xeaII\x1d\x15\x90:?\xb2\xa9\xf5di\xabh\xc3\xb7\xfb\xcd9\x82d\xb1\x19\x00\x00\x00\x00\x9f\x1d\xae\xbd\xc0!:Sz\xf3\x97\xa5\x91\x8d\x0e\x85\';X\vG\x11\"\x05\xad\'&$q*\x9c\x04u\x97\xfb\x10\v\xcdD\x00'/172, &(0x7f0000000c80)='c\x02\x17\xd3\r\xa8\x8d\xd6T\x14\xda^\xf3\xbd\x92\t\xf7\x85}\xfa\x95 \xc7\xfb\xdc\xeeG-\x99\x0f\x9ck9U\xd05\x16|\xfaPF@\xa8ft(!\xf1\x1e\xda\x89d\xb3\xfb\xb7K\x85+?\\m\xfc\x96\x11\xc7bP\x7f\x00\x97\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xce{\x88\xdf\xc8E\x9f\xff\x10\x00\x00\x00&\xcf(\xa3V\xa7dX\xa6e\x91\x13\xae\xe3C1~\xb5\xd2\xef\xfe\xd2\xd7K\x00v71HX[!P\xb3\x9b\xfb\b\x00\x00\x00@]=\x95\xaf\xf4M0H\x89f\xadn~}\xf0\xd2\xb1\x19\xc4\xcf6p\x85\xbf\x97\xd9CN\xd4JZ\xb7\f\x9aih\xc8\xc1\xc8?\x9f\x01I\x02T\x84\x11\xe2+z=8\xb1\x97\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x85', 0x0)
syz_mount_image$squashfs(&(0x7f0000000100), &(0x7f0000000700)='./file0/file0\x00', 0x0, &(0x7f0000000f40)=ANY=[@ANYRES16=0x0, @ANYRESOCT, @ANYRESOCT=0x0, @ANYBLOB="15f68975d869c9ddf9b4bf3f857600d5c18905ced1acfbce80d6902d1ec18632c70d375283b7fea6ec0c84d9945eeb48f96a8cb326b734585f83f71ca3fc8dc400928857c94b3756234c8261c46804b026ac6886313ea234d6a36de29847302c29bcb5bcaeee80b7a0ac64ade95b3bc5bc51ff73bb1f31f9b8c180a2600d0eabd460ff3c8f9dce4028210acd18964bdb4a26df18dfc9afdf5d995af5fe02ddac2ac9da181cbb92795a9ebe9835be94115536dffc9397c6094916cd1b1f13fa36c79c84c796e51c7d642fa5678555052725525dbf204c1f6480c8f9e1c576c7402f88b6f06074652bad83c8b5d1", @ANYBLOB="a6af891d142bbbe86c2b6c42ac9eefc3f3124a519189b105d77c5f5267121c170995cd3bb174096f3c", @ANYBLOB="a51b7d19e69bbcb11700c2dcb2d851f79d44e9bb8469d2a5dd66597db213ade6acfaffd88afce31be876c207fb5d362b6e91010b006a4279f2d4d02752a02b76b5413c5e7cd22d3cfad489bd1b84a85aa8ad47cc69d09522d51cf5cf88cf9da13593310d5e0d03a6e17940ddd391c7796ad75f4fa75bd62cb78c43c92e61de110508c5d605a2f981314c38526ac5aac6e4445e32d7cf128b440ca715e901f8b4299226dfd9bfec7a37f3bf63e1906fe520b65051ea9c14827e9cd737a6952d478ff3cb4436a913", @ANYRES8=r0, @ANYRESOCT, @ANYRESHEX=0x0], 0x0, 0x1df, &(0x7f0000000380)="$eJzslctqFEEUhr/qrpnJ6Cyydmsw2ehkOiC+gXkAH8Bh0sZgj5f0gM4QsHWTjQvxJQI+hQtB9y5EBDdxoaCLiKuIjFTXqbJaI+MthED/0Jz//HUuVdVU1dX8Vt4Cvu5tDZinhKLDa6XQwKKy2n7T2k9ip4J32vo90R+LfSs2H09ePLB0cq2fZelmPp5BlIJZMRXys6R/u9kB5Pn9qqL4RXD81y3+ExnFdmezrEl16GEluFXG/JAuuRzV5A+VfO5AqLx3RP1D5W6gNDjsVYBXvnRm/6ZXj+zvPDAmlvQ21W05fiT6o6wcub7yi/ciPpbOy72tgSGX5RYz2pr93JEoY4zzNIg5paEAFTP1dXR5W8Ii0B0Nb3bz8eTsxrC/nq6n15Nk5fzys5NyRKd3YSNLl1UwjcgQjYc5p+1gvAG8+T5eEEAFUzM4AcrluhR3OS+dDhLbEAW5YQ1b94nv3xItZsglzjAH3C7McILdrQVMNc0Vs7RVFLE4PR3ME/aJmCsHzg1uZGvbKJRL20H7Gr1dGt5JxDGN0pULfvnbYhfErordEbsr1r1d7k3SZYUP4i0V0OROfzTaLB8vy7yWeC2Z950j6epeQ+Vm0qJGjRo1atSoUeOY4FsAAAD//87DTTs=")
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0)
ioctl$HIDIOCGVERSION(0xffffffffffffffff, 0x80044801, &(0x7f0000000d80))
r2 = fsopen(0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
openat$cgroup_pressure(0xffffffffffffffff, 0x0, 0x2, 0x0)
close_range(r1, r1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xe, 0x6, &(0x7f0000000000)=ANY=[@ANYBLOB="050000000000000071117900000000008510000002000000850000003400000095000000000000009500a50500000000"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x6}, 0x70)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f00000001c0)=@assoc_value, &(0x7f0000000200)=0x8)

8.036294868s ago: executing program 4 (id=831):
socket$kcm(0x2d, 0x2, 0x0)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xe, &(0x7f0000000000)=0x482, 0x4)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
setsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x480, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x0, 0x0, &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, 0x0, 0xc000)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000180)=[{0x0}], 0x1}, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000000)={'batadv0\x00', <r2=>0x0})
r3 = socket$kcm(0x10, 0x2, 0x0)
ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(r3, 0x8982, &(0x7f0000000400)={0x0, 'batadv0\x00', {0x5}})
sendmsg$nl_route(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)=@dellink={0x20, 0x11, 0x1, 0x70bd27, 0x25dfdbfd, {0x0, 0x0, 0x0, r2, 0x1480, 0x2104}}, 0x20}, 0x1, 0x0, 0x0, 0x40}, 0x80)

7.660757954s ago: executing program 4 (id=834):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x2)
madvise(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0xc)
syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0)

6.934369776s ago: executing program 4 (id=835):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x9, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000200)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18, 0x0, 0x0, {0x9}}, 0x18)
write$FUSE_DIRENTPLUS(r2, &(0x7f0000002c00)=ANY=[@ANYBLOB="b0"], 0xb0)
getresuid(&(0x7f0000000440), &(0x7f0000000480), &(0x7f00000004c0)=<r3=>0x0)
write$FUSE_CREATE_OPEN(r2, &(0x7f0000000280)={0xa0, 0x0, 0x0, {{0x20, 0x1, 0x5, 0x9, 0x1000, 0xfffffff8, {0x1, 0x8, 0x65cd, 0x4000000000000000, 0xffffffffffff15ef, 0x9, 0x1, 0x7fff, 0x7, 0x4000, 0x629, r3, 0x0, 0x4000004, 0x10000}}, {0x0, 0x1}}}, 0xa0)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2, @ANYBLOB=',privport,access', @ANYRESDEC=r3])
newfstatat(0xffffffffffffff9c, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000500), 0x800)

6.713855079s ago: executing program 4 (id=837):
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r0, &(0x7f0000000440), 0x10)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x24, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)=<r2=>0x0)
timer_settime(r2, 0x0, &(0x7f0000000100)={{}, {0x0, 0x989680}}, 0x0)
r3 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r3, &(0x7f0000000040)={0x28, 0x0, 0x2710, @local}, 0x10)
listen(r3, 0x0)
r4 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r4, &(0x7f0000000640)={0x28, 0x0, 0x2710}, 0x10)
listen(r0, 0x0)
accept4$unix(r0, 0x0, 0x0, 0x0)
r5 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r5, &(0x7f0000000040)={0x28, 0x0, 0x0, @local}, 0x10)
writev(r5, &(0x7f00000002c0)=[{&(0x7f0000000080)='?', 0x20000081}], 0x2)
writev(r5, &(0x7f0000000000)=[{&(0x7f00000000c0)="f8", 0x1}], 0x1)
sendmsg$IPSET_CMD_ADD(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="540000000906010800"], 0x54}, 0x1, 0x0, 0x0, 0x10004893}, 0x80)
io_uring_setup(0x3aeb, 0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, 0x0, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000005c0)=ANY=[@ANYBLOB="200000001000010700000000e9ffffff0a0000000c0002006e6c3830323131"], 0x20}}, 0x400c0)
recvmmsg(r6, &(0x7f0000003080)=[{{0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000980)=""/208, 0xd0}, {&(0x7f0000000700)=""/141, 0x8d}, {&(0x7f0000000bc0)=""/4096, 0x1000}], 0x3}}], 0x1, 0x40, 0x0)
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f00000000c0)='./file1\x00', 0x101880a, &(0x7f0000000400)=ANY=[@ANYBLOB="6e6f646973636172642c6261636b67726f756e645f67633d73796e632c61636c2c6673796e635f6d6f64653d7374726963742c696e6c696e655f78617474722c6673796e635f6d6f64653d706f7369782c646973636172645f756e69743d7365676d656e742c6261636b67726f756e645f67633d6f6e2c6e6f696e6c696e655f78617474722c646973636172645f756e69743d626c6f636b2c6673796e635f6d6f64653d7374726963742c617467632c657874656e745f63616368652c6661756c745f696e6a656374696f6e3d30303030303030303030303030303031343033302c00271d57a599b8b169a579679e220c689eaaec4fa6229021e75c68a687d319b615573b0b0ceefba8e2e2419434463974ef8174b66469344931de0ccad650792761"], 0x1, 0x552a, &(0x7f000000cf00)="$eJzs3M2LG2UYAPAn+9Fv6yIevHWgCLvQxGb7gd6qtviBLaXqwZNmkzSkTTLLJs2uPXnwKB78T0TBk0f/Bg+evYkHxZugZN5Z7YqCsNlkd/v7weSZefPmmecdloVnJiSAp9ZK9tsvlTgfpyNiMSLORRT7lXIr3EjhhYi4EBELT2yVcvyvgRMRcSYizk+Sp5yV8q0vLo0vXlua31qBw+PFiOhvpv3tfop5J8UH5Xhj3C1i/+q4jOmN/sPyOE9xu71RZNhu7M5rFPFKJ83PNx8NJ/F+r9GcxE73fjG+OUgnHI47u3mKDzxobBXHrfZGEbvDvIidx6muncfpf9vj4SjlaZX5Pi7Sx2i0G9N4e6ed1rP5sIjNwagcT3nzVntnEsdlLE8XzbzXKurY2M+VPtze6Q4e7WTj9tawmw+ya7X6y7XJpd3KW+1R+2q10W9dv5qtdnqTadVRu9G/0cnzTq9da+b9tWy102xW6/Vs9WZ7o9sYZPV67UrtcvXaWrl3KXvjzvtZr5WtTuJr3cGjUbc3zO7nW1n6xFq2Xrvyylp2sZ69e/tudvferVu377734c0P7rx6+63Xy0mprPr1ar0sK1tdv7y+Xq1frq7X16a+/idOdMjW/2lZ9BTXD/tSmXcBAEfPzPv/n9/+9dvvTy6d/fKbH+a3amDeDq7/37oXcfD9f+j/p+JI9b/Hr//ffiliruuHfdH/AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8tX5c/urNYmclHZ8tx58ph54rjysRsRARf/yLxTixJ+dimWf5P+Yv/6OG7ypRZJic42S5nYmIG+X2+7MHfRUAAADg+Pr6kwufp249vazMuyBmKd20WTj30ZTyVSJieeWnKWVbmLw8P6Vkxd/3UuxMKVtxA+vUlJKlW25L08r2vyzuCaeeCJUUFmZaDgAAMBN7O4HZdiEAAADM0mfzLoD5qMTuo8zdZ8HFN+//fiB4es8RAAAAcARV5l0AAAAAcOCK/t/v/wEAAMDxln7/DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBPdu7nVm0YjgP4Lwkp9J+Kqt67Sm8wRkfosceKAboEA/RAV+gCzEBvHaGCijggqNATPJxE7+nzkYJxZL7YiBxsSwYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoEu/69X857eP3+/N2e7uk2c0AAAAwCWbejVv3kxT/XV7/217631bLyKijFFcmrtX8eIss2pz6ohD+x+n7ev/+vAroknYf8e4vV5FxKf2+vuu618BAAAAnq/1YjlLs/X0Mh26Q/QpLdqUbz5nyisiop7+yZRW7vM+ZApr/t+j+JoprVnAmmQKS0tuo1xpV2ke9+Oq3eSkKFJRXvzYsZPZxg4AAPSoOiv6nYUAAADQpy9Dd4BhFHHYyjxuBY5T0W7vvTyrAQAAAE9QMXQHAAAAgM418//bzv+Lx57/t3P+HwAAAGRS3dY8nf8HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAlzb1ar5eLGcPNCmvydnu7pNvRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/9ifdxQIgTAIg73rO5O5/2GlQUNjkyoQPv7GYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADe/O4v/yemxplk7rWx9DySrJ0aW6fG3rlx9Ifx9WsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgYn9eUiAEgiAK5oz/nfT9DysJegYRIqDhUUUtGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgC/63S//J6bGmWTutLF0PJKsXTW2rhp7DxpHD8bbvwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgYud+WuMowwCAPzOzs7WtYoySQ0QUPOjFptva2pt4UIIHP4IQ0m2N3fqnDWJLEXPxJjn3InoUEZR463fouYVe6q2HPVTwrMzsTHbaBlyVzmyT3w/eeZ8dhnmfdyaEPPNOFgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACojd+ZxlmxWZjEabXv1v1r60V/+6G+cGP7znLRijhpM+knw0vND8lSRBztLhkAAAAOhqyu7yPibr6zWvTpQln/5/UxRc3//TOTuKrnv6hL1ofr/7r2L9pvv957YXeghck4xUnPbYyGxx9Npfe45jjvnv3HI3rllS+fvWTlDUnf33p+nJfXM/n25s13+2V4qI1sAYD/4ljdV0H991DRD7pMDIADo9covOv6P1voNicAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACANoy34mgdJxGx3JvGhdv3r63v1d/YvrNct9PXr2/H19NzFqfII+Lcxmh4vNXZzLfLV65eWBuNhpfaD16OiK5Gf7ua/oUPZzg4op3EovoZ7+Be7OsgrW72vOTzZATd/U4CAGB/yqtW1Dx3853VYl+yGPHXDw/W/6814pix/r/30elbzbGa9f+gtRnOv5XNi5+tXL5y9Y2Ni2vnh+eHn7x5YvDW4OSZU6fOrJTPSlY8MQEAAOD/6VetWf+ni4+u/x9pxDFj/f/5d4OvmmNl6v89TRf9us4EAADgYHvulT//SPbYn/T78eXa5ualwWS7+/nEZNtBqv/aoao16/9sseusAAAAgDaMt5IH1v/PNuKYcf3/6R9f/Ll5ziwiDlfr/8fWPx2dbW86c62Nfyfueo4AAAB063DVmuv/efn+f7r7ykMaEa+/OomrrwGcqf7P3vvmp+ZYzff/T7Y3xbmULk2uR9kvRfSWus4IAACA/eypqhXF/u/5zurHvxz5oO/9fwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIC2/R0AAP//g+gyNw==")
r7 = syz_open_dev$sndpcmp(&(0x7f0000000240), 0x0, 0x0)
ioctl$SNDRV_PCM_IOCTL_STATUS64(r7, 0xc0984124, 0x0)
accept4$bt_l2cap(r5, &(0x7f0000000200)={0x1f, 0x0, @fixed}, &(0x7f00000001c0)=0xe, 0x80800)
r8 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r8, 0x80044940, &(0x7f0000000780)={<r9=>0x0, ""/256, 0x0, 0x0, <r10=>0x0, 0x0, ""/16, ""/16, ""/16, <r11=>0x0, <r12=>0x0})
syz_mount_image$msdos(&(0x7f0000000180), &(0x7f00000006c0)='.\x00', 0x1a4243c, &(0x7f0000000700)=ANY=[@ANYRES16=r10, @ANYRESDEC=r11, @ANYRESHEX=r12, @ANYRESDEC, @ANYBLOB="b1f1563f8cf9b3df43707e277e3870d9bbeca08c7c9e5ebdd62801631c9f6ff697c8ea4da0047f1529a0c7", @ANYRES8=r9, @ANYRES64=r9, @ANYRES8=0x0, @ANYRES64, @ANYRES8=r12], 0x0, 0x0, &(0x7f0000000080))
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x101542, 0x0)

5.166843795s ago: executing program 2 (id=841):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000080)={0x4c, 0x0, &(0x7f0000001800)=[@reply_sg={0x40486312, {0x1, 0xfcffffff, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x400}], 0x0, 0x0, 0x0})

5.019623077s ago: executing program 2 (id=843):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000100), 0x40080, 0x0)
io_uring_setup(0x2e37, &(0x7f0000000180)={0x0, 0xc487, 0x800, 0x1, 0x27e})
r1 = syz_io_uring_setup(0xc, &(0x7f00000002c0)={0x0, 0x94c2, 0x0, 0x0, 0x20b}, &(0x7f0000000280)=<r2=>0x0, &(0x7f00000000c0)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x4, 0x4004, @fd=r1, 0xb0, &(0x7f0000000700)=[{&(0x7f00000005c0)=""/184, 0xb8}, {&(0x7f0000000680)=""/104, 0x68}, {&(0x7f0000004380)=""/4096, 0x1000}], 0x3, 0x7, 0x1}) (async)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) (async)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x101, 0x0, 0x0, {0x2}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x40, 0x3, 0xa, 0x101, 0x0, 0x0, {0x2}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}, @NFTA_CHAIN_HOOK={0x14, 0x4, 0x0, 0x1, [@NFTA_HOOK_HOOKNUM={0x8}, @NFTA_HOOK_PRIORITY={0x8}]}]}], {0x14}}, 0x88}}, 0x0) (async)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)={{0x14}, [@NFT_MSG_NEWCHAIN={0x48, 0x3, 0xa, 0x3, 0x0, 0x0, {0x2}, [@NFTA_CHAIN_HANDLE={0xc, 0x2, 0x1, 0x0, 0x1}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_COUNTERS={0x1c, 0x8, 0x0, 0x1, [@NFTA_COUNTER_PACKETS={0xc, 0x2, 0x1, 0x0, 0xfffffffffffff000}, @NFTA_COUNTER_BYTES={0xc, 0x1, 0x1, 0x0, 0x1}]}]}], {0x14}}, 0x70}, 0x1, 0x0, 0x0, 0x40000}, 0x0) (async, rerun: 64)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff) (async, rerun: 64)
r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r7 = openat$cgroup_ro(r6, &(0x7f0000000080)='cgroup.kill\x00', 0x275a, 0x0)
write$cgroup_subtree(r7, &(0x7f00000000c0)=ANY=[@ANYRESDEC, @ANYRESHEX=r7], 0x44) (async, rerun: 32)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) (async, rerun: 32)
ioctl$VFIO_IOMMU_MAP_DMA(r7, 0x3b71, &(0x7f0000000400)={0x20, 0x3, &(0x7f0000000340)="c587b1be7e6d34bdeac75d0bb86ea02a92acf44c8147a904b51dcb3cfeaa529b0489656c6d69a6aa7291e1391a94d257f925c74678b3b0c3c9198ba609bd292adb559339b42b9ee4779038bab85c63a9d2fa7132b174742dce06d58b355f90415b5812d285e5974d45bfa2da0880467f61e532a0cc2de3aa2ac0c8b64bcb814680ad7ef77f8bfc437ab0d3dda0090f605f21780fa8a0967ca3684dd6f529", 0xf, 0x6})
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000000)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1}) (async)
r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r8, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r9 = socket(0x400000000010, 0x3, 0x0) (async, rerun: 32)
r10 = socket$unix(0x1, 0x1, 0x0) (rerun: 32)
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r11=>0x0})
sendmsg$nl_route_sched(r9, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xfffffffd, {0x0, 0x0, 0x0, r11, {0x0, 0x1}, {0xffff, 0xffff}, {0xffe0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x8000)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)={{}, 0x2c, {'rootmode', 0x3d, 0x4000}}) (async, rerun: 64)
read$FUSE(0xffffffffffffffff, &(0x7f00000021c0)={0x2020, 0x0, <r12=>0x0, <r13=>0x0, <r14=>0x0}, 0x2020) (rerun: 64)
write$FUSE_INIT(0xffffffffffffffff, &(0x7f0000004300)={0x50, 0x0, r12}, 0x50) (async)
syz_fuse_handle_req(0xffffffffffffffff, &(0x7f0000008400)="56fa89ec27accfa37b55c1d33fd9e4daaadcfca329f5fdae65f341e556cd74ce8b1a1881e39bcfeef2c3989d49537b347a47cf2a40bb96bcfe21517b569189de3c94e941f30f6365384b0d6497cd0cef5ebe48a1d3d7b8b0610db4ea4b48ee5b3e2fb6dbc9e73cf0c0512101dc292e730a1a78ab75b5352c5d663b601253f7ed142ba394e95c203047e4b522f7f4f56379f4226445dcaca499b1d7ea48b81d3c121188c177a3ccf8271f9a9c9210d89f5a90d51dd0d55d139502b391b2cf9b8f576d9d161a03cc23e8114d775387fd9c08ec66aed3b65c4bd61cf3cb95b792b52adc1421f7dfa96cefde090acf183e35bff5c7a2863a067ea81847f09a24eebfffa189ef7ba7a54e5f215b73b81fa82f9a20f1b79293011dea2c7898b0ecaad9f2d7e2045e0d4fc9ecd1ae490fb9f2520e2f2796bd5821593854d749bc71f75550f9e012bbf2f9b1b2af201b39f851cff65f58f234f67573db0d7b5b14ccd67d2646a126928f27b26bbd7afee44c0117c5f4f108981717f9602f6311b16fe0ae825fce8fcb55d769f9d6c03b7675ef2f1c5eee90130a7f114497f1bd6dabbe64065f1d6cb7ef01bfee4f317027cfd187ed8178727e18bf1e92ae7539d0c3dff02704fe6f0caf1a208d5a9ac6c1ee8965be84f7595871db6df9e092ca5e13edd08b57878f8c66316ec6abc10d5d864c801933c799098256bda671e747b76426812c1f05d0986f2573a6ac39a5c29b7ba682736266330c926d6291268503d2689077e07ffaced44215ec3e51afbd40f9a8f641e3ae92632fa6021ba85d25ef5049e54baaf261c5618e81cc8a388af9dede9f981e14313b2ee3e37e3bf5cd9c16a7c97f4b7f9f039af0c99ce0bb34f9a6815a22e9cb1b903e8da6aca3d0cb581a8d31de75d4a4680509bcf9cdad652da45af5518a0e4a6211d58b4a5117cc00542bc3059fe19f7770b75c51fc898a7a9b1c224e00f0436f9f63cda33a7cb9162b10b6a35d4159ba087f6fb3af5163fe37e90ba0b0742441db7787c8bbad1ab8dc9e916118e0b579a12351af028abe547766c4aebbcc6b380bca1f9d950ac57ac25f91a1f43e3cd67a7edc400e7a5890038012023cd5a6f583bb755a3deb755e2bd3131f897c6a00307b7faf09790d016f717dde8e52b12a1f1831df09e66650f623850b63db8e3ccf1e840c25777663240f3faded302c68430aa7c9bc245d79b9de80298899bcd68a8e053ff1f31576ccb0c8bb37de12a021851d413591a7dfd398583c2648d86a592a5e55f6b389bdab28bd5974322dc5c23e5e9343891e5d82f453d66445014313c484ab658b0f1ecf4b8b1bf8d3d814ea4bc5d8ad115561f8c162c47593806b220b2147a11fc8bb2df004a8acf55871b368afd2c561c143adb948d92f7bcafbabd54e4704312309e8f8fc7ff12ceb348be6bb436c70367cb87dc6e11a73bc6df8fa19510ebdda9701b0e009147256fbf40d2c527ade3e37812b8511714885c01611151021fedaffc4e9570a78e2ed466d2a5b1279678dfad1fac9046d1ab9e299e5c3f3ed676db3d00f564da46c5de4f976906c54dddc9ce5512e447e85a052dbeab6e16f7fc0d81f3b51e28fbba64e44ed202bc4f5c57d07439147b605b254b60dc36ef0f2d1a088cad93bebb9ab07115c4506b31ba3d9079173674bd5f88e53440ae8ccce83fd3c218d71ea95812f27f642bfa1332826c599cbd79a97d77204b3e8a693e20bfce252e34c8f9023bef9c8b7c4176d78e3485fcf797c505e5e7b70627c802b8e669ea30bd3e879dedcd037209f5fd0327735acfe9b6191a45bece738b8cdf7ead198dbccc6d15ee25cd0c59d54cdc7d306a7b8533d4a6e2d5f7a64c1dba4dedc75208ccb3585b68a60389ddad0bd3bb7b69d554b70ea2e5b8f69bfd95d9d37bb056195a984d1d853c5acb98359feb3e1301261b14b8be043d863d6b79ee6ac6ddf1cf7546b19247b230d5144f4cde5ddecab335bdb5ffabbd6c9c49c29a5d2f734ef84221f9a682fd16ce7edcd555742c8c30dd53d177af57b2695686b7e297fc7e9463e6198773d3b98fb0dc70d29483cdbbd4a150ba76b0cbe2c3534b2b6aaf4d78d5502b5ad38f8f822f51d373bc1de943a8e0a9467fa7ce9571eae78a12a230c06b843abaa15209cd904a5059e88105bf2796f19e9bdf2a055e2862b6eef02c2c1c7f66f39a58ea7b1c0e5c92259e292fb9f425a52c90567f10d3f73968201f7ab600033a3dfe1c72937873d66228a2f6966fbb15091363686e5de02e045a0af99d43c9dd663e675250246cdd3b374832776c3f88e464bc0c60a9216d94ae3e0f36bc5bee2db37e58f29327c24e3ef0ba208c5b39fe49235236165f3a7e4a1d5033dd4bd4d40290124d7169132cdc82fb8898f39534ac8b730dbda35c20a13d81a5a79aa745feef1b701bc485ac56419178abde738ca19254fdc7d46ce0267782ca0dad0b1f5b0fade58fa297834b23868d50b086702ee06bb91e61008db4aa96e767ac33f6f0bd92f5ed1c91b7b32b5806d0319a3386964a6c2d074899cc432e86463059b19e4e8e31584b95395b49b8e98628e47acaa428f5754c7d41e3b3476472fd27e11c2ce1fb625acec7acb60c625dd5091015b512aa5b7b2cbccc02d3a3c4e758f2c626d562644af35587a4cae3536ce41314fceadddcf3eb8a44c4f50ee4822dbea16115e1bd859eae0f19b3431b634eb41569ca76bcd10599a037bd7d78e5c3eff1c2f0ff41fa0ab5e82f62074280218dcaae8db82744d4d382e5ed83d5b688c19f7813b89da8d16f31d748965e65aed4dc2c5a855e868b63ae25b6d82a4e1625cd86a6a43a96324baae9bd407ffd58c88bf759608fdcd20ac23365a876f7337396ed6f389e63d53d09f577eab8df4b8bb96a1419addfa48e26479f4e1057b57dfd164726dd0fabcc677827dfd6f0a71a7d8111e17c73b64476c42f1904e10c640a4cc37ad8e8f89b3b375c380db97cdfbfa1aeccd2ec7d70f86d1180ad18766b29d3556d0ab563adc27b2a6aa56383282cdb850dc51b39e371b3b14a4a57073d0d9018e93a6f2979b3747ef92499bebe051081f9d8f6fdcebd79dfc34655913cc0980d32ea83332e3c96de1d289deee7536a315eef700e54b0d1bcb5d11fe65ff52cfeb22504701c1bb56d59c35e9afd8d9be8ccda0b4d8f9d310e04f23c936253351eedbd20d4ba5458464333643c5f591fbccd0365147c58fb1d8a8c44d15b58ae44cad9a309ae9dcdcc0eac1c2be00f19fb2cebea94866a8bab2f8550253a7ad4da3fde237bfadfc7c03b1c93e4570052041f0b49efc243ea42258cd210021a2b669194140701680d517fc98b512b446605d1dbe976bd35c22ec3e441b06d8d42979bd9749420ac5073f1c2375c0cf1644f7264434f2ff0f0f170aaff151176bb0cdd596a44853d3a9d47733ec1c1d126859e35a7b11d2d0ae8f1e64c7acaeae71bf444a7be9a84c9dc2d985f65b6f1e34268ae07400f31104aa3047190b50e28cc95a9d2d586098bb51022b5230b5ce00acbb6009eb4e110c451dbe10d4c6e937d964278a94c995084296830f0b8cc1dabcbbeb2ca74f211d5cf38f7543e224a1f0eb71e2afc9bcb02600abdd2ac09d6566c0fbe868c847b4191c534edcb6822d288c5cd59c65db321f99524350156d56a28b659971a10869ffa8922b9a1ddb7064eb53d859aabf13ab222d5aa9bf9638bf67e762ed934ddb5d8770d0ef818b3aea445b12680b2bdbcd7a32fdd79d7a15c356b7e02ca783b9e845977b54913489b2c82000fb6a818c0d86152099292989c89510faecb596c43a2287f92cc1ea4a15e872e32fc548942f6bb531c3a7c99a3eed0b228b6f7a65a89360eba9f9a47404d2e01b5027a5b7af00687a9bd80833691a0d3c64749cac60f6729f2309b75d9353adf8a42395009e8eb9a9f126ce08d569d304766b66913ca7f097db150d940865ef1e1071bc03f0e5d27dea7a863a8fe7ec572dbde5880e37ff10dd7c8f8988b707fcaa241f1d504f060227b5740ffac94134cf6f76bb824363886883675b317599b03eb7266d9c36ec58202c19a8409b3c9b9ee95c97bb706f430f33a4e2e65a97814cc9700dc51f4a2ed1e1203d09a9eda37811c5ded3237c86a584ea1d12a68e768d2824876ab183ddec5ab2767967671d24390ea4e4dba715423be093a309d580106d8aaec1d2d899ae73224868d47fddb78be735d27386bc0a97d04257d6374e2c5076b981cc0920bac03e9c9b4907d31a5f37bcc25ef1ba920688d608ffbf568f381d712394e38fbd35721140eecfbfcb74d1251e035665589f978d4d1fe4bdacc209296ac19e4c06fa49331ee8d9f0112175663338feddcecd064f942d1445b7c578368a398a30c6ab7c3c44e9c0f34bbb30643b0e5fdac811ed4e742253d5fe6578b85205526e15295d24171ca141005fd582602cab303b45cd0994b17deb655b998298664e9903ad990aa2e142004a947d892a196d26e5540e49ca657f89095444e4772667cc9c12da8ca9783f00189692242ffddd1dfac7ca1761cd40c0c8e44dbac6123551d5d874a0fa8a6cc2145e48e83531a3c81a39ad0d8cc4e6e8e8e267b5af04715d5985ad94990fb664f6af0a5fff19475eb2ef49f064bc49023d9cec4543d77f8ae3bb90516b19faab0c25fd5893ab8e0f50a78088f9b2d1fe8413080090d434190c213ad67b59416f2c2627b1bdcbad4745ab6f4e05ff032918b7d924679cb399b6d701706aa16979b95472d92dfdd8ad3a7e08108ff2e16516e0bbcef2f4b85001971ac2b74726c94165f6b45f439d2d8422bd6589073bb1b2bc62c56732a996aac17f5df18008aba84ae4a7ba98772c15923722c2aadeec2569b1ced8301b95dc596309120b9a4ef98010c627daaecf50036e0b0242297eb73e032e5a1c56fe49146f0ab29d68dea9247b082a3555458579bb5afa920cb88b846c0e077f6075a93b77b7b679685ffaadc03ad92c8a16e143a2bf3b2786448d1b36751182f633b86465c257cbd96e3c4b40d120ebedc1c6c44e335a409a0b1897d3bf2b6c443c8373f0e95c7990888a6b49db7417913fb0dd6492acb3a86dc0a3e0a97dc6eb670784470a970dd21e894f739b835856459f3ead096f29f8f8b2d7c5956d108c95e3ac8f49fe5fb1acdae806dad2495a11f0982567e29c04d28c4b8e6176fd8fa428ce56dc4e62f74cd2282396fe65107864b011148a06c5c07021816fe144c83ed792ce7b0b829d29a856ceecdd380be4a6c9a8d82b66e099b4713963cc7949c4f8ad278628a38329de8dc0645a064c9144171d03bc3088cd3a42a7146f79cf58f31f845e3b3d93564c090e962775a545cab885411d350372b33e92376040f92629bcd04c387a279eda1f3f6572efa0f1fb837cc690978ba152890507e3553dc39a3a6449bec702af69617f08f0ce345f7631807cad4261796bf121f8dfe575eac45d72fda162179e1dca03e0c2c5249e575074acc7e10f0fbb7694b77202e33a002f9018236ad5041eb02f5941fb20dc3d643588fbcf5d36c0e3e996ae066266322b6ea0c0230c31f9b3fc4c2d2345d54f971d5cdb518c0f03ac4d8a32b1ffc65065217bb6f4807f14e3fbae6cbaf202bce0a25e6dece7b40a6425c1e096890c7bc08c601f523022feaa2698a669a7cee6b613b18e635436e640522897049df653c4740f84c4db31181fea62ace6a5e4eb2a414608192ab9c0fed7e7c7430a829f2dc2974cb884fcf2c404b9120f0f492a97c7d28e61f8dfddde4e9981c8edea066a8e2e64f87634c6ce92303c399bc23d55945fdbca7f8e33d56f86885144de9bede837f615a25c262b2cfa256afb572e671dad2528a6a4b9533f1462b9f8dd03bc13cc77a0504b5afb47b5a25fc4a9ff4f63eb59bd75ed9bf16f5ac68538a3502d4d91028c58e8a209be5dad4046134496bd1b546991ccd5da5c7a12198b4c5997a2b469ad70165f7747d0e389f69f05fd6f90a4aeed3256da7969bff850d6af4c2aa0be1e98c29d103ef70a3ba779a5a0276efc2425bc6d8d0c9d96350ed09c3d93611385af275e09d7518ea77d01a764d8ff1549854c529a8ecba775257d77baa54cc9a642d20f8eeab41fd327b04b4705eefe2d51386e2b27d0335cd308f7521eef76128ad76c9e42a8a0cd5a3201236e4a5fedc5b1776ee201a90b928ee2c1b3d09c6f21cc97426b96fb2e960e97202f056cfa88569ab8638c3a1f912513ffb355274dc681c4f9b9b20302abf3607f83a3640342a2d460032b0ae0235ee4649822b25b6cde4f1afa6029fbe5afd4d0aafbd46305c3dac3029d42222a0a70b6945f7e6b07ae97d8ba1f4037b7e39dcd43699678bd2b8df42eb9d3c6c4f7cf951693fb7ab30be38634ba65dfd58d3ae4d526701c5559a586a6edfe6ca1daa41441e89108561f6f6ada39c1db0b5d68b9996eb2a095b3d3ab940a028d6dcd67c8e08ef495c89a2f4e49fb859977e25e19191339b15b4c36344fcb4aa8e0a371d7a825402e4f50e394c4cd3adb2ababf0a03ac53cb487017bfc6d9ad3dc4adf67632f30f3a1eded062d08fe84ff07db82308bceac628e1ca6f2933da05b0363c59b87bbdf1f77a1a9e72769c4a68bcbddad242b6202da45f12933b7bf1edb15eeeaee89cdb38097167904065a5a260b479c373ed32eaa0b3bea183b16dd9809cbc07a11176c02cef06bd28083e7959728e63ba872510c101d7ed1dd83814baa0b09abb0ae6c31727d5a9d1199770c34633806f5070684efd52e0fa3f9d8225bb8875d7b2c804f76363e4542d447fe671622f955123d52bf9cce5ed534c2864f50a6e021c23b7f52a1b7b7793f82d73cbd759853de1c81f75a8b708f4d670272e88bad731d173f85d742b5906f22285439845a44a65eabcddf0325a0348abc7f7526b173202f3a67aef1054812b3f6b12cf75483c948671785f2d77040dcc68375e70d2622c993770b523480601b6fc7e4247b6a90e2a65a6416fa6d270525f0edbca485441f79942a2bb3309d523eed5cd390dd5628cb07754683a4c03358421684960e30ffe81e21f559cb1487c70a1ccc2749b99cc5ae55293f8479a638d5925e48b074ea6d4babb89f120842c753a2354febf4d8998782a00b4b13cf65427de5532cbbd4eb769f8b30af5254d57f666834a3bb78cdfbb65002777584ff09c05c1ad0159d26d04b4eb25240a2fc5323874047ad94e44e959d44f3e58f0fc08e16a54fff0edaba5a9621ce7ca63aa0b03ae2af3872b187f036229c6a8ccc7998581d7ada1845926b72af3360ea6138190c01eb7c7b6c7520ef912e2eef8a733f25e6add052fb6bfc15bb3117cef2b815071a984bd79cf6bbf806ef1e6a527d3266887e4f85f0dfa6a0faa81fd2a116a11881d139db20f59097b6971cd831a6507c04848f3405d1248e350893d74eda82a2433270bf0c9f00c522fa2627eb8ca59477f669214e7f957c92f42b05621672b679bac34f205e64df605e20d358b64e80bf0d9f757fa00086a665a549caaceeb524365b55e02750a7b6478cfa6ea14fd0795c1fbe37ce5788d0965f1b1c17f00bf49d2121ad344f1d1c45d39c5cf76ccf37feb3ef17519932aeee7ae1b36308950bbc4673feafe86a4a2ba6af01f3381da60f3f77e8e7c63588f6e468e3d29c91bd3fb83cd7e250ba57d3f5e739b1eef92dc416ebce0e2ce858d0b1062c47e8c779b4ba625a45e77ca4f8981a31eb33b27a37bf7b6d64497198760136be9c019cbb3edceb53cfe2cc513f22dc52263d528ba2006442cff6a5dfc94b13895e9db50fdddce65b8bd40c0e85e56a5ac4b18fd8760c042607f14545931585efcfb1110f08e90f8ba2969fe9ba0951064fc3273bcdca4ce35a8a281ffda06fb0b589df6e15266a8cf4e6843b65d8ed9be12174c355264364122caa62dadf44047b6d672a32e8e55c8ce7971d5a3c97e0ae7638bc79778e7d58fcee2f1488aaffff3cbcbb2cd74d7699f1a47dc2bdd03431585bc1b78131ea8e3b1909ac707c1e685b6cc161880d639f47d8acfe7bd372b42eb761d2dcdf0d1321131c9876f24a5d393f40db68fb3a639b71dc3e5fb0c6aa5e8e1768c3851ca4ec193b11aed2caf2261661b2aa61035daa6c1e02f2cda056e42f178547228dcf4281ffc22994146b324f4df82d6cd963af97d40eb8d586c8748452d030c85257a18f4d1644e8126fdbdc28144da90ae20ff82463fd68031226399f4e9ed9ef22439138099caa67a75844f875a8eb3283e230bf2cc5d20611319e63ed593c3ba1732b9cdf3d27b81e9374b7341432d274d75fa498f2bad0aa1fd56d83542754e2097a9b485f9eae5364efe38fc8a7ece2385d3c5fe7e1513e7ffbba5aa246fd7710a80a230c788d12e68c921d0d61694b25f1608696ef1d6e48d4c8d11fcfcbcb28186f0c0997fb62b0234482f48a135c303d58f034d3f9a72c713e04ba705cc3964a5047201323cf4f6a3a5decb235050f2634e1c0a0d5f30fdc25912a9348c9832352f26be6903ce8a16ecfc21f04ee799a55f5b953460364600354e3fb6b064c08689504d51d7f8ffe390d328b1e39c44687e52086c356225603d79fbb0d4463a87e359abc0414bed1686c39e2a9c1fea4c06ae5fed0a4f9d3f708d9ebab3929c209fa305f30a3c6316c40c3a4c81fbd71a1724987ec79ae6beac3483a4ac3ba2ce2ba2ed28a81bb1eee5682dfd9fb81f334949955de718a90bdbdccabf2670a484aecbfa896eb1dde00e0b52f4be40b5c1dd300a869be97a9e1b850717385e598dc3fda9b5a8ac56307a1c66c5ca35245729b93ea4661ab7cacbc1171d3004a6f51d19b24c33653d7ae1552310a5e68141d0e2764448c2b0121cb9fc730702e18c2b56def09316fc13dad9e9e3280923021ded5de9acef44a743b9edf3235f18632dcf7f3a08f32b53b7c502e5f06781836c855db8f6c0da7670c925f2ffa430f6826c7fb78f96c8408be48a308b7b081ab60f34b02e833c666bf9ec7a1fc43ee66e9fefa6a02e447dc1465b34f5ac0fdd0c2cfc717a5281901ad19260c699efa97f65a5bf7b845d680386c432c4acbee80d02221f4b0bb5a6d8d3062022d8cb9fcd13ef0fd36c6831656990f3fe4a7b96510cec5b9c87971cb5a1cf0d0bf0f982b5afac8b70d335eedf5fb32f65ad59a21cefabb457a6032f66bd91b5e562ded8dc23a424dab419efc65640e540b5d76bf49c2ec5343221e32505c4fa82af672371986b4872b08cd1e3f3cf90266618eaf69948b4d521628a24d7d5a696aa9013c2b76c1415af238dd78b5a22b72734a8667a0e1aadcf070b9f5ecbce1f550c86f66db79aaded637f543bed7643f1087f138c79dee88c592253351817c9beb138417579387fb99928638cea3a62b9699e4203d34fdce62f79cc00fd0b99b533982d5a7ed36a7a361164428275fc0b026dfc87d2da22a1e59ae1fe379978ff33a141b9c2636b38223c6977fda33f0c24d14d2c01f95f70abd8bf032443859b6b1b3a56fff797ff9e5c28f0ed5008e30b10a64e2e74265791e1226203606b077b85450a1753d00894e89793ba316d0596282171818b3c84c0f4cc91166755e5398637ef259d77121330ee78f9833a377144547c1f0731ed4ea757ea0b07ef7ff4dbe7a04ff0612b51dca68b9ca0dcba01bacc015bd22ecd79ef4feea98a265d1c52c119c64180eb4ae860c26e70b5a096dd696cb2ff5c5dff803951aff478247e33d5f17d0df4e49f33fb3c184121ecc0ce259f5f2527c461dde250800d997b1c976dc13edb430839e63fcee6ee721a39a01d8b12749344f0a7db8a35811a2d0284da7b3f6171eae1717e6c2fc214801aeab1766af1e7a79f8d3555f21d677ef393703dd3a128a3ee6d1f1a381af09578774736c77a4a1890b82dbb50b4eaf88c8a764c0eaaf983bf9567e795c80d29ef8987672a625f85af6dbc9eb4dc0939a5633c118154f8a4b5255e5c8415b2d17b8b93244ac2240e2ec9d1be86057434ba26f401088fda67dc2e070b1a70b5492210ca9254a696645ab79a38418203bb92dede7125368747bd404590d4ea3ffec910eef0defb74a1ce70ee25bdf0201cc40875d5b425b0e82fe27408e1d55b910f75cc1da6522e576ec40bd1e3aeecb1ff828692b374d44a5238683c723734ce2383117bdcebab4a13d9440a9d05437fa12f0dd525bf62f7c444e2c800787322ac1611535927eeca0c34a69783f980c5b85c5f2aaee9ab80d0021a1f9054d6d11c3596448caf87571dba6e1c26d1cf232ea6d1c60931f5812af5fbb0304dc0ec6688124927304bde1ea1949e800dc741cb31424acb959b82c119e4ba41f3e92d0af2903d0be0c5a37d7429839f09b01decb6e1931ce2c2c36b57b9bf0e8fe87f45617522752ee66c48fe900a6b857730ce671be2e624af2b4df24b5469af8799e3b4505ffd62bb483b89d15cf82acf79850000148d550d87d1bde8e7a9f8289161188494dde612ff9087cd7f10d1554f6df7151c0e077e7f34154fa772bf68ee6ccc84e164e2424e39a22712c699955121e59cd8bd5cd6f632749bb27a52a6d95c0b9bc0d5821d6177fd9592bd799df25682078f614e0c8dfe0871bed9a4e64193defbbe50d5ae0c5eb2529b2d2ad0f36889f7d420cfb8c13d5c89540b99ec08c34c31e43b9d75e528068030314b7ac371400351ab991a2c509d0dc461948ee22b7ca7ac3cb33d3a0ff76ed6d7a971dcc17b3064de3384b4119c8f619d8f9f289434eca80e66fb537c98120a74f8877509bbae83cc6eb2a602b0e626d279af66ba56cf464446aa5e980a91ff3172e82cfd1fc5d1b4f507706d9ae55671abfb4b0418254ad6b2643b51a37b6eed1d2ce3b855198c24b74dee2d9792e7efc51b7860388a6ac2a46cd937ce4d9029757afbcc4a3eaa18ec29ff8e7f32fcfd06985e620fd57bd332fda466209a58a39b6f6ae2d1e150e5866b4c44eb067768190aad67229faee18fa57b5209da546dc656e6c41a70af33251f0045c7eec5d261f8f4777905d3c0cb1acc9a8166265a4e188e37d12157a49d9439290bce80a9a56d27d983945d7899632760f63590bde259473e8ba75596e7340e3d2a17ff2bae7a8d1157bfbc14668aa16e7fb9b5336cb3cdcf66faf6d903e726487748435735e5edfd1b05d5b3174dd147964e66339aba7a98fda19bdbe0c86c787dc4d2f31aa0f21f8e5cd0b27a9984e5971d855f21c8e801e6ab412d9975cf930b638afdd69c71442d788fbb0b2496edbea2fe6d67f6e9df7c1a708f72cfbacb8323b63fb10f5daf1da93b0dd334658960db2b26cd801d5f622463d1e0bacf614f084351cc2cd0826666be37f785fcd3116b1649bd6977a47c3eaeb5600fd990a1b04c13d6b4c2b348fbd591767359a26dd9b55f68b319d91452c22f96c24c413634e17800287499d391f7dac1fe0c36bf9d8cfa4797c3a9e112f5ac85276230d2b50f34a323ed25394af72b44f392c090c54429fca2e217092cdf8ccc27c7fef8d4c44f1f747619014a35934ee8102cc9a87a8ed2f8562e016cb16fce449d6e545ab0fbc27ce5f73faadd", 0x2000, &(0x7f0000001000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000840)={0x90, 0x0, 0x2009, {0x4, 0x1, 0x0, 0xd8a6, 0x1, 0x2102, {0x4, 0x9, 0x3, 0x3, 0x8, 0x1000000000000007, 0xf36, 0x800, 0x1, 0x4000, 0x8, r13, r14, 0xe, 0x401}}}, 0x0, 0x0, 0x0, 0x0, 0x0}) (async)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000580)={{0x1, 0x1, 0x18, r7, {0x0, r14}}, './file0\x00'})
sendmsg$nl_route_sched(r9, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000001300)=@newtfilter={0x50, 0x2c, 0xd3f, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r11, {0xb, 0xc}, {}, {0x7, 0x5}}, [@filter_kind_options=@f_flower={{0xb}, {0x20, 0x2, [@TCA_FLOWER_KEY_ENC_IPV4_DST={0x8, 0x1d, @loopback}, @TCA_FLOWER_KEY_ENC_IPV6_SRC={0x14, 0x1f, @empty}]}}]}, 0x50}, 0x1, 0x0, 0x0, 0x10}, 0x0) (async)
fallocate(r0, 0x0, 0x2, 0x1) (async, rerun: 32)
io_uring_enter(r1, 0x847ba, 0x0, 0xe, 0x0, 0x0) (rerun: 32)

5.019167407s ago: executing program 0 (id=844):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
userfaultfd(0x80001)
syz_open_dev$video(&(0x7f0000000100), 0x49, 0x0)
r3 = socket(0x15, 0x5, 0x0)
getsockopt(r3, 0x200000000114, 0x2711, &(0x7f0000000580)=""/102393, &(0x7f0000000000)=0x18ff9)

4.751608792s ago: executing program 2 (id=845):
mount(0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)='=\n\x9b\xa1Q\x83\xe9\n@\xf6\"2a\xd7\x1fch\x1a}#\xfa\xe4\n\xdc[\x03\x97\xcd\xf1\xa6b\x9a\x1f\xff\xff\xffIT\xe4\x8c&\xac\xe6:\xc5\xe8\xd9\"\x82\xd5\xeb\x90\xef1:\xba\xc3\xc3\xd3\xad\'\xc44\x17,,\x8dZz\x04\x17-#F\xc7<\xe6\xf5]%gC\x9e\xca\nS\xc3\xc8\x98\xd8\xc8\x9eZ\xa76\x9f\xc2=\xaa\xcet7\xb9\xbd\xd47\xe3\xc8@$8\v\x9f\xfd\xe1!\x11\x19Y\x06J\x8f\x80\xef9Tw8\x1b\xe2\xf3\x85\xd5}\xa5\xb7\xd5|')
syz_mount_image$hfsplus(&(0x7f0000000100), &(0x7f0000000d80)='./bus\x00', 0x2000050, &(0x7f0000000200)=ANY=[], 0x0, 0x6da, &(0x7f00000037c0)="$eJzs3c1vHGcdB/DvrNeOt1TBaRMaoSKsRCpIEYkTK4VwwSCEcqhQVQ49W4nTWN0kVeKitELgAoITEof+AQXJNw4IiXtQuHApt159rITEJeIQ9bJoZmftXXv8lsQvgc8nGs8z87zMb347L551Vhvg/9bVc2k/SJGr5964Xy6vrsx2V1dmj9XV3SRluZW0+7MUt5PiYTJX1hdDU4bmm3y8eOWtzx6tft5fatdT1X5su34NGtou11Om6/GmG3uO73YTy3V4eTHJtXo+amK3Y400LJN2tp7DoettsryX7ns5b4EjZnB3Kvr3zU2mkheSTNa/B6S+OrQOLsL9saerHAAAADynPr1z2BEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA86f+/v+inlr1PNMpBt//PzFYV5ePoLnGtZMN6x7seywAAAAAAAAAsP++/jiPcz/HB8u9ovqb/5lq4WS+6CVfyvu5l4Xczfncz3yWspS7uZhkamigifvzS0t3L671LDX3vNTY89LOsR57ZnsNAAAAAAAAAP9zfpnO+t//AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgKCiSsf6smk7W80yl1R5ut5z8M8nEoQW6d0XTygcHHwcAAAA8lckn6PPlx3mc+zk+WO4V1TP/V6rn5cm8n9tZymKW0s1CrtfP0OVTf2t1Zba7ujJ7q5zK5dFxv//v5u01PoTXI6b/3kPzlk9XLTq5kcVqzflcq8a6nlZ/22eT04N4huIa8lEZU/G92i4T1K7TWm7s91vvwDMw+lZEa5uWnfXgkrWMzNSxlT1P9DNQVG/UJBszsdWrk5GB10xVo46vbeliWmvv/Jzch5y/UM/L/fnNvuZ8r9Yy0UqViUuDo688Z7bPRPKNv/7p7Zvd2+/evHHv3NHZpS0V22Z+4zExO5SJV57rTLT32H6mysSpteWr+VF+knOZzpu5m8X8NPNZykJ6df18ndXy59T2mZobWXpzp0gm6telfxXdTUzT+WFVms+Zqu/xLKbInVzPQl6v/l3KxXw7l3M5V4Ze4VNbxl3tW3XWtzae9YNX+m+NwZ/9Zl0or26/Xb/KzW23x2M7peQp9a/9ZV5PDOW1f9Q/Wmt1Yug8mBnK0kuD7Iw3Dv4k18b2V+tCuY1f7XCfOFhTdSbKE2hwlxhE93I/E+3qXrT5OP9Dr+yX7u1e7+b8e1uMv7xh+bV6Xh5WK1/bqfVA80vxbJXHy0uZrK8ko0dHWffy2lVmqK63fiz360bvuGW/U1VdUQzO1B/nTnUAbD5TJ+rf4TaPdKmqe6WxbraqOz1UN/L7Vu6km+sHkD8AnsQ/3l4rTuWFic6/Op92Pun8unOz88bkD45959irExn/+/h32zNjr7VeLf6ST/Lz9ed/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgyd374MN357vdhbvNhdbWVSOFTgZriiRlYaeRNxQGXzq2t15HtzCZZGRN9T1HBx5GZ2MYmwq9X/RfrwMNbPAlgs1tflcW2tnNgHMja/68ecCP9hhhsbvzYh8LrRzsRsfSfAAc4kUJOBAXlm69d+HeBx9+a/HW/DsL7yzcHr98+crMlcuvz164sdhdmOn/POwogf2wftM/7EgAAAAAAAAAAACA3Wr6YMCZF3f60MiuPuPR9D8LW4e4qwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBz6uq5tB+kyMWZ8zPl8urKbLecBuX1lu0krVZS/CwpHiZz6U+ZGhquyB8fptewnY8Xr7z12aPVz9fHavfbJ616vrXta5Ms11Omk4zV86cwMt61px6v+M9gH8qEfdHr9eaeLj54Nv4bAAD//+fs804=") (fail_nth: 44)

4.088854813s ago: executing program 3 (id=846):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x404c000}, 0x2)
madvise(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0xc)
syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0)

3.988494984s ago: executing program 0 (id=847):
socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = syz_open_dev$video(&(0x7f0000000100), 0x49, 0x0)
ioctl$VIDIOC_S_PARM(r3, 0xc0cc5616, &(0x7f0000000300)={0x9, @capture={0x1000, 0xb818cd38c9e7b677, {0x8, 0x9}, 0x8000, 0x101}})
r4 = socket(0x15, 0x5, 0x0)
getsockopt(r4, 0x200000000114, 0x2713, &(0x7f0000000580)=""/102393, &(0x7f0000000000)=0x18ff9)
sendmsg$IPSET_CMD_ADD(r4, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x10000047}, 0x8c4)

3.967070375s ago: executing program 1 (id=848):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574"], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
close(r4)
r5 = socket$unix(0x1, 0x1, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000026c0)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {0x0, 0xb}, {0xffff, 0xffff}, {0x0, 0xe}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x28, 0x2, {{0x100, 0x7, 0x6361, 0x5, 0xfffffffd, 0x6}, [@TCA_NETEM_RATE64={0xc, 0x8, 0x7fc0d8f874167320}]}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)
ioctl$SIOCSIFHWADDR(r4, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})

3.755272488s ago: executing program 3 (id=849):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/custom1\x00', 0x802, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000008f0000000000000001008000181100", @ANYRES32, @ANYBLOB="000000000000000000b70300000000000085"], 0x0, 0x7, 0x0, 0x0, 0x41100, 0xd}, 0x94)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r1)
r2 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22, 0x1, @local, 0xb}, 0x1c)
listen(r2, 0x0)
syz_emit_ethernet(0x5a, &(0x7f00000000c0)={@local, @multicast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "ff00f5", 0x24, 0x6, 0x0, @local, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x9, 0xc2, 0x0, 0x0, 0x0, {[@mptcp=@synack={0x1e, 0x10, 0x0, 0x2, 0xf3, 0x0, 0x7}]}}}}}}}}, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
r3 = socket(0xa, 0x3, 0xff)
setsockopt$inet6_int(r3, 0x29, 0x38, &(0x7f0000000040)=0xfffffffa, 0x4)
syz_emit_ethernet(0x4e, &(0x7f00000020c0)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaa3986dd6c370c8900182b01fe800000000000000000000000000025fe8000000000000000000000000000aaff"], 0x0)
recvmmsg(r3, &(0x7f0000000080)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000002240)=""/17, 0x15}, 0x8e0f}], 0x400029c, 0x40010142, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000080)={0x4c, 0x0, &(0x7f0000001800)=[@reply_sg={0x40486312, {0x1, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x400}], 0x0, 0x0, 0x0})

2.962325091s ago: executing program 0 (id=850):
ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000140)=@multiplanar_mmap={0x0, 0xa, 0x4, 0x800, 0x0, {<r0=>0x0, 0x2710}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "a730b801"}, 0x0, 0x1, {0x0}})
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x16)
syz_clone(0x1000, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = fsopen(&(0x7f0000000040)='ceph\x00', 0x0)
syz_usb_connect(0x3, 0x24, &(0x7f0000000000)={{0x12, 0x1, 0x310, 0x19, 0xe8, 0xa4, 0x40, 0xace, 0x2011, 0x101, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x6, 0x73, 0xf0, 0x8, [{{0x9, 0x4, 0x46, 0x8, 0x0, 0x67, 0x7e, 0x58, 0x4c}}]}}]}}, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0})
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000600)='\xfa\xf4\x1fJ\'E\f;\xba\xd7\x81\x95o\xa7|q\x06\x00\x00\x00#\t\x84\x02\xc4)\xadm\x04\xb0\x18R+\x88\xd1\xf0\x89\xb1\xa3\xa0F\xb2|w\xcaAG\x99\x88{H\x94\xdf\xd7\x16K\x0eS\x97\xe8\xa7\xbf*\xf0$\xc0\xcc\xc1\x926\xcc\xedU\xb5\xb9j\x9b\xc11-\xeaII\x1d\x15\x90:?\xb2\xa9\xf5di\xabh\xc3\xb7\xfb\xcd9\x82d\xb1\x19\x00\x00\x00\x00\x9f\x1d\xae\xbd\xc0!:Sz\xf3\x97\xa5\x91\x8d\x0e\x85\';X\vG\x11\"\x05\xad\'&$q*\x9c\x04u\x97\xfb\x10\v\xcdD\x00'/172, &(0x7f0000000c80)='c\x02\x17\xd3\r\xa8\x8d\xd6T\x14\xda^\xf3\xbd\x92\t\xf7\x85}\xfa\x95 \xc7\xfb\xdc\xeeG-\x99\x0f\x9ck9U\xd05\x16|\xfaPF@\xa8ft(!\xf1\x1e\xda\x89d\xb3\xfb\xb7K\x85+?\\m\xfc\x96\x11\xc7bP\x7f\x00\x97\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xce{\x88\xdf\xc8E\x9f\xff\x10\x00\x00\x00&\xcf(\xa3V\xa7dX\xa6e\x91\x13\xae\xe3C1~\xb5\xd2\xef\xfe\xd2\xd7K\x00v71HX[!P\xb3\x9b\xfb\b\x00\x00\x00@]=\x95\xaf\xf4M0H\x89f\xadn~}\xf0\xd2\xb1\x19\xc4\xcf6p\x85\xbf\x97\xd9CN\xd4JZ\xb7\f\x9aih\xc8\xc1\xc8?\x9f\x01I\x02T\x84\x11\xe2+z=8\xb1\x97\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x85', 0x0)
syz_mount_image$squashfs(&(0x7f0000000100), &(0x7f0000000700)='./file0/file0\x00', 0x0, &(0x7f0000000f40)=ANY=[@ANYRES16=0x0, @ANYRESOCT, @ANYRESOCT=0x0, @ANYBLOB="15f68975d869c9ddf9b4bf3f857600d5c18905ced1acfbce80d6902d1ec18632c70d375283b7fea6ec0c84d9945eeb48f96a8cb326b734585f83f71ca3fc8dc400928857c94b3756234c8261c46804b026ac6886313ea234d6a36de29847302c29bcb5bcaeee80b7a0ac64ade95b3bc5bc51ff73bb1f31f9b8c180a2600d0eabd460ff3c8f9dce4028210acd18964bdb4a26df18dfc9afdf5d995af5fe02ddac2ac9da181cbb92795a9ebe9835be94115536dffc9397c6094916cd1b1f13fa36c79c84c796e51c7d642fa5678555052725525dbf204c1f6480c8f9e1c576c7402f88b6f06074652bad83c8b5d1", @ANYBLOB="a6af891d142bbbe86c2b6c42ac9eefc3f3124a519189b105d77c5f5267121c170995cd3bb174096f3c", @ANYBLOB="a51b7d19e69bbcb11700c2dcb2d851f79d44e9bb8469d2a5dd66597db213ade6acfaffd88afce31be876c207fb5d362b6e91010b006a4279f2d4d02752a02b76b5413c5e7cd22d3cfad489bd1b84a85aa8ad47cc69d09522d51cf5cf88cf9da13593310d5e0d03a6e17940ddd391c7796ad75f4fa75bd62cb78c43c92e61de110508c5d605a2f981314c38526ac5aac6e4445e32d7cf128b440ca715e901f8b4299226dfd9bfec7a37f3bf63e1906fe520b65051ea9c14827e9cd737a6952d478ff3cb4436a913", @ANYRES8=r0, @ANYRESOCT, @ANYRESHEX=0x0], 0x0, 0x1df, &(0x7f0000000380)="$eJzslctqFEEUhr/qrpnJ6Cyydmsw2ehkOiC+gXkAH8Bh0sZgj5f0gM4QsHWTjQvxJQI+hQtB9y5EBDdxoaCLiKuIjFTXqbJaI+MthED/0Jz//HUuVdVU1dX8Vt4Cvu5tDZinhKLDa6XQwKKy2n7T2k9ip4J32vo90R+LfSs2H09ePLB0cq2fZelmPp5BlIJZMRXys6R/u9kB5Pn9qqL4RXD81y3+ExnFdmezrEl16GEluFXG/JAuuRzV5A+VfO5AqLx3RP1D5W6gNDjsVYBXvnRm/6ZXj+zvPDAmlvQ21W05fiT6o6wcub7yi/ciPpbOy72tgSGX5RYz2pr93JEoY4zzNIg5paEAFTP1dXR5W8Ii0B0Nb3bz8eTsxrC/nq6n15Nk5fzys5NyRKd3YSNLl1UwjcgQjYc5p+1gvAG8+T5eEEAFUzM4AcrluhR3OS+dDhLbEAW5YQ1b94nv3xItZsglzjAH3C7McILdrQVMNc0Vs7RVFLE4PR3ME/aJmCsHzg1uZGvbKJRL20H7Gr1dGt5JxDGN0pULfvnbYhfErordEbsr1r1d7k3SZYUP4i0V0OROfzTaLB8vy7yWeC2Z950j6epeQ+Vm0qJGjRo1atSoUeOY4FsAAAD//87DTTs=")
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0)
ioctl$HIDIOCGVERSION(0xffffffffffffffff, 0x80044801, &(0x7f0000000d80))
r2 = fsopen(&(0x7f00000003c0)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
openat$cgroup_pressure(0xffffffffffffffff, &(0x7f0000000080)='cpu.pressure\x00', 0x2, 0x0)
close_range(r1, r1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xe, 0x6, &(0x7f0000000000)=ANY=[@ANYBLOB="050000000000000071117900000000008510000002000000850000003400000095000000000000009500a50500000000"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x6}, 0x70)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f00000001c0)=@assoc_value, &(0x7f0000000200)=0x8)

2.962065291s ago: executing program 2 (id=851):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
setsockopt(0xffffffffffffffff, 0x84, 0x81, &(0x7f00000002c0)="1a000000020000", 0x7)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, &(0x7f0000000040), 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f0000000340), 0x8)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r2=>0x0})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000280)={'wlan0\x00'})
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
syz_emit_ethernet(0x42, &(0x7f0000000000)=ANY=[], 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NL80211_CMD_SET_INTERFACE(r0, 0x0, 0x0)
sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)={0x30, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x30}}, 0x0)
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000280)=@mgmt_frame=@probe_response={{{}, {}, @device_b, @device_a, @from_mac}, 0x0, @random=0x9, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x1, [{0x2, 0x1}]}, @void, @void, @void, @void, @val={0x72, 0x6}, @val={0x71, 0x7, {0x1, 0xffffffffffffffff, 0x1, 0x1, 0x0, 0x4, 0x21}}}, 0x40)
nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, 0x0)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r4, &(0x7f0000000180)="1a", 0x1, 0x0, &(0x7f0000000200)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r4, 0x84, 0x71, &(0x7f00000004c0)={0x0, 0x5}, &(0x7f0000000500)=0x8)
syz_80211_inject_frame(&(0x7f0000000300)=@device_b, &(0x7f0000000440)=@mgmt_frame=@beacon={{{}, {}, @device_b, @device_b, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @val={0x5, 0x3, {0x7c, 0x20, 0x8}}, @val={0x25, 0x3, {0x0, 0x2, 0x4}}, @val={0x2a, 0x1, {0x1, 0x1}}, @val={0x3c, 0x4, {0x0, 0x3d, 0xab, 0x5}}, @val={0x2d, 0x1a, {0x8, 0x3, 0x1, 0x0, {0x5, 0x1005, 0x0, 0x6, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x400, 0x4, 0x5}}, @void, @val={0x71, 0x7, {0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x21}}, @val={0x76, 0x6, {0x0, 0x9, 0x3d, 0x1}}}, 0x64)
socket$nl_generic(0x10, 0x3, 0x10)

2.933148672s ago: executing program 1 (id=852):
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000080)=ANY=[], 0x15)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
dup(0xffffffffffffffff)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000004d00)='./file1\x00', 0x351142, 0x1cd)
r3 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r3, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x55}, 0x0)

2.891426553s ago: executing program 3 (id=853):
sendmsg$IEEE802154_ASSOCIATE_RESP(0xffffffffffffffff, 0x0, 0x20000010)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r3, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
syz_emit_ethernet(0xbe, &(0x7f0000000000)={@local, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "7b4b143b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af", "584cbf2649a50f2dbc43efa8698d04001c51852e4451b57d037ad3c045942824251d7d17b5191584cdd4fbe40a27424d", "bcfd56f1373669caaa2f19935e6996c7096ffe4f3a4745a8f762b964", {"9a3bfbc1f39cb307b3472eb9cdb042d2", "643fcbb2c5a5400300001d2300000009"}}}}}}}, 0x0)
syz_emit_ethernet(0xe2, &(0x7f00000000c0)={@local, @link_local, @void, {@ipv4={0x800, @udp={{0xe, 0x4, 0x0, 0x0, 0xd4, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty, {[@timestamp_prespec={0x44, 0x24, 0x17, 0x3, 0x5, [{@multicast2, 0x6}, {@empty, 0xffffffff}, {@dev={0xac, 0x14, 0x14, 0xb}, 0x4}, {@rand_addr=0x64010102, 0x8}]}]}}, {0x0, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "7b4b143b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af", "584cbf2649a50f2dbc43efa8698dfa871c51852e4451b57d037ad3c045942824251d7d17b5191584cdd4fbe40a27424d", "bcfd56f1373669caaa2f19935e6996c7096ffe4f3a4745a8f762b964", {"9a3bfbc1f39cb307b3472eb9cdb042d2", "643fcbb2c5a57df67d544af6e8dafe09"}}}}}}}, 0x0)
r4 = syz_io_uring_setup(0x18d6, &(0x7f0000000040)={0x0, 0x3}, &(0x7f0000ffe000), &(0x7f0000ffe000))
io_uring_register$IORING_REGISTER_IOWQ_MAX_WORKERS(r4, 0x2, &(0x7f0000000180), 0xfe)
r5 = socket$packet(0x11, 0x3, 0x300)
socket$nl_rdma(0x10, 0x3, 0x14)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r6=>0x0})
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="4c00000013000100000000000000000007000000", @ANYRES32=r6, @ANYBLOB="00000000db0000002c001a802800058024000480080002000000000008000100000001000800043ca400000008000b00ffff0000"], 0x4c}}, 0x0)

2.597161318s ago: executing program 4 (id=854):
unshare(0x2a000400)
syz_mount_image$ocfs2(&(0x7f0000004480), &(0x7f00000044c0)='./file1\x00', 0x2800400, &(0x7f00000001c0)=ANY=[@ANYBLOB="6c6f63616c616c6c6f633d31383434363734343037333730393535313630382c726573765f6c6576656c3d30303030303030303030303030303030303030322c6865617274626561743d6e6f6e652c636f686572656e63793d62756666657265642c6572726f72733d636f6e74696e75652c6e6f696e74722c636f686572656e63793d66756c6c2c6e6f61636c2c636f686572656e63793d66756c6c2c646174613d6f7264657265642c0004306b696ca03db375edc4c5f0f579bf2195c3cc88165b8c279abaa84a848971253cb6e898fee96fa6000000000000"], 0x8, 0x446c, &(0x7f0000004780)="$eJzs281vFOcdB/DfrN1iU6B+4x2kVXuo1VbWmlNbDqXgtkKqSu2+qOoBa/0CuF17LXtdcahUqt6RIuUQ5ZwLKPcITvwLOYRrjhxIDrlEySWOdnfW3pn1hhXy2sH5fCQYzzPzvMhfz+zz6LELqdq9lc3iymaxvFasLt7ZvFL8d7WytbochQNy2P3Tm37kJPvDc+vG7/78tysR9z8a+8H29vZ21I3Enqbbvv78s/8sth9bCrk69Xb3bm2//CMiJiJiKPLjGYiIv38QkUTEaFo2lh6HI+JENK/9//1Hc0P7NJqBF49nH83OPHzycvX58I3bxa43JhHvVs7//O7qJz8euPrxT/epewAA+Ea/n7v11z+VpuNZEqeeDnbO18+mx27z42168uv+RwkAAABd7a7/R5JC0rn+n0iPXbYEw8L2zXbzj7dmfluaTvd/k47rv0iLPv3NQGMPNb/vm9//Hc3V33v/t7Of19UaX6vfkUgKU5nzQmFqKmL6evP8XHK8UKlu1n52p7q1trRvw3hjZfNv7t5n0kk39HvNfyzXfv/3/8c7fprq58X9+xE70rL5D3S9773/JT3lP56rdxD58/qy+Q82yn7UfkOx+QKo5//W4Kvzn8i136/8T9Xf7Ul9rEOZN0B9DlMv7zZfISub//caZZlXZ/qN7Pb8f5nL/3Su/cN6/09e72+vR0U2/+83yrK/tLb7/I8WXv38n8m1fxj518c/6fO/J9n8jzULsy/Pxney1/f/2Vz7fcr/QbqtGnEqifG23zp9Otj8cGjtVzeWNPXL630YxRGQzb9zl393/Vfoaf53Llf/oNZ/rX5b67/WOmQyaa7/2Fs2/+Gu9/X6/J/P1ev7+z8ZSlcA2//taz9HVDb/483CPSaAveZ/Idd+v/JvvPGHWvnvDvirY83ykvlfT7L5p1FlPgYeNP5vzP+Szty/yOV/Mdd+W/75Pw3ZJ53zv/r4J/vU21GTzf9E1/vq+X/Yw+f/pVy9/s//I0rm+q8tm//Jrvc1nv+hV+d/OVev3/n/pJ+NAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB8B4ylx5FIClOZ80JhaipiPD0/F8eThfLS/EKluvivzYiJtLwYY8ndSnWhXJlfWasuLc+XK5XqYsTp9PpEDCWblWptfrW8fmanreHk3nJ5o7awXK5FxNm0/FKcbLW1sFJbLa837m1d+2GhurF+r7w2v7Sy8atSqVSK8ztjGE2W79eW12rN3ptXIy7s1B1J2gbXuHxxZywnkn9WtzbWypVG+aW2OpXqYrnSVudyeu3tGE1qG1tri+Xa8nylerfV32G6lh5nbs79Ze4P0x3Xi0nzOHawwwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgW+bZ1V++ExGDzbNCRFxrfZGk/zIGXjyefTQ78/DJy9XnwzduF/e6BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADga3bgQAAAAAAAyP+1EaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwS8cqDUNRGIDPvQoKLuroEziFZHNVFHExIvgEvkSHvmYfo0PHLqXQ3kBIGujS0uH7lkPyc+85cA8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJfj87f9+6mbiBS3m5uI2eLxrp8/lVq/HT5/dYYZOZ2v7/b9o27Ku6dR/lJ+LV/zLl2v5v9R6nXvu9MM9mS4T3vjPkNT+zY1X9f3PlKuIuKh5M8p56o67i4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALbszaEJgGAQx9E7wWSzuIZOYVQE9zA6nks4jybBYBC++l46OH78AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCfcZnWuR/iyKiuzNjPtnn/u+fYvvssm6/LcgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICbHTiQAQAAABDmb51H+wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIMCAAD//+N8zQE=")
capset(&(0x7f00000000c0)={0x19980330}, &(0x7f0000000100))
r0 = socket(0x28, 0x5, 0x0)
bind$vsock_stream(r0, &(0x7f0000000040)={0x28, 0x0, 0x0, @local}, 0x10)
listen(r0, 0x0)
r1 = socket(0x28, 0x5, 0x0)
pipe2$watch_queue(&(0x7f0000000100)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x80)
ioctl$IOC_WATCH_QUEUE_SET_SIZE(r2, 0x5761, 0x1000000000000)
connect$vsock_stream(r1, &(0x7f0000000080)={0x28, 0x0, 0x0, @local}, 0x10)
write$binfmt_elf64(r1, &(0x7f0000000240)=ANY=[], 0x40000)
r3 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000140), 0x400000, 0x0)
r4 = accept4$unix(r3, 0x0, 0x0, 0x80800)
recvmmsg(r4, &(0x7f0000000c00)=[{{0x0, 0x0, 0x0}, 0x3}, {{0x0, 0x0, &(0x7f0000000b00)=[{&(0x7f00000007c0)=""/240, 0xf0}], 0x1}, 0x1ff}], 0x2, 0x20022, 0x0)
recvfrom$unix(r4, &(0x7f0000000280)=""/66, 0x42, 0x0, 0x0, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.swap.current\x00', 0x275a, 0x0)
write$cgroup_int(r5, &(0x7f0000000080)=0x9, 0x12)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x4000003, 0x13, r5, 0x0)
ioctl(r5, 0x1, &(0x7f0000000080))
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000180)={'gre0\x00'})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r6, 0x1, 0x1a, &(0x7f0000000000)={0x2, &(0x7f0000000040)=[{0x20, 0x0, 0x0, 0xfffdf034}, {0x6}]}, 0x10)
r7 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_RESVSP(r7, 0x80106f05, &(0x7f00000000c0)={0x0, 0x4, 0x32, 0x4})

1.678020033s ago: executing program 1 (id=855):
ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000140)=@multiplanar_mmap={0x0, 0xa, 0x4, 0x800, 0x0, {<r0=>0x0, 0x2710}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "a730b801"}, 0x0, 0x1, {0x0}})
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x16)
syz_clone(0x1000, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = fsopen(&(0x7f0000000040)='ceph\x00', 0x0)
syz_usb_connect(0x3, 0x2d, &(0x7f0000000000)={{0x12, 0x1, 0x310, 0x19, 0xe8, 0xa4, 0x40, 0xace, 0x2011, 0x101, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x6, 0x73, 0xf0, 0x8, [{{0x9, 0x4, 0x46, 0x8, 0x1, 0x67, 0x7e, 0x58, 0x4c, [], [{{0x9, 0x5, 0x1, 0x2, 0x200, 0x7, 0x5, 0x6}}]}}]}}]}}, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0})
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000600)='\xfa\xf4\x1fJ\'E\f;\xba\xd7\x81\x95o\xa7|q\x06\x00\x00\x00#\t\x84\x02\xc4)\xadm\x04\xb0\x18R+\x88\xd1\xf0\x89\xb1\xa3\xa0F\xb2|w\xcaAG\x99\x88{H\x94\xdf\xd7\x16K\x0eS\x97\xe8\xa7\xbf*\xf0$\xc0\xcc\xc1\x926\xcc\xedU\xb5\xb9j\x9b\xc11-\xeaII\x1d\x15\x90:?\xb2\xa9\xf5di\xabh\xc3\xb7\xfb\xcd9\x82d\xb1\x19\x00\x00\x00\x00\x9f\x1d\xae\xbd\xc0!:Sz\xf3\x97\xa5\x91\x8d\x0e\x85\';X\vG\x11\"\x05\xad\'&$q*\x9c\x04u\x97\xfb\x10\v\xcdD\x00'/172, &(0x7f0000000c80)='c\x02\x17\xd3\r\xa8\x8d\xd6T\x14\xda^\xf3\xbd\x92\t\xf7\x85}\xfa\x95 \xc7\xfb\xdc\xeeG-\x99\x0f\x9ck9U\xd05\x16|\xfaPF@\xa8ft(!\xf1\x1e\xda\x89d\xb3\xfb\xb7K\x85+?\\m\xfc\x96\x11\xc7bP\x7f\x00\x97\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xce{\x88\xdf\xc8E\x9f\xff\x10\x00\x00\x00&\xcf(\xa3V\xa7dX\xa6e\x91\x13\xae\xe3C1~\xb5\xd2\xef\xfe\xd2\xd7K\x00v71HX[!P\xb3\x9b\xfb\b\x00\x00\x00@]=\x95\xaf\xf4M0H\x89f\xadn~}\xf0\xd2\xb1\x19\xc4\xcf6p\x85\xbf\x97\xd9CN\xd4JZ\xb7\f\x9aih\xc8\xc1\xc8?\x9f\x01I\x02T\x84\x11\xe2+z=8\xb1\x97\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x85', 0x0)
syz_mount_image$squashfs(&(0x7f0000000100), &(0x7f0000000700)='./file0/file0\x00', 0x0, &(0x7f0000000f40)=ANY=[@ANYRES16=0x0, @ANYRESOCT, @ANYRESOCT=0x0, @ANYBLOB="15f68975d869c9ddf9b4bf3f857600d5c18905ced1acfbce80d6902d1ec18632c70d375283b7fea6ec0c84d9945eeb48f96a8cb326b734585f83f71ca3fc8dc400928857c94b3756234c8261c46804b026ac6886313ea234d6a36de29847302c29bcb5bcaeee80b7a0ac64ade95b3bc5bc51ff73bb1f31f9b8c180a2600d0eabd460ff3c8f9dce4028210acd18964bdb4a26df18dfc9afdf5d995af5fe02ddac2ac9da181cbb92795a9ebe9835be94115536dffc9397c6094916cd1b1f13fa36c79c84c796e51c7d642fa5678555052725525dbf204c1f6480c8f9e1c576c7402f88b6f06074652bad83c8b5d1", @ANYBLOB="a6af891d142bbbe86c2b6c42ac9eefc3f3124a519189b105d77c5f5267121c170995cd3bb174096f3c", @ANYBLOB="a51b7d19e69bbcb11700c2dcb2d851f79d44e9bb8469d2a5dd66597db213ade6acfaffd88afce31be876c207fb5d362b6e91010b006a4279f2d4d02752a02b76b5413c5e7cd22d3cfad489bd1b84a85aa8ad47cc69d09522d51cf5cf88cf9da13593310d5e0d03a6e17940ddd391c7796ad75f4fa75bd62cb78c43c92e61de110508c5d605a2f981314c38526ac5aac6e4445e32d7cf128b440ca715e901f8b4299226dfd9bfec7a37f3bf63e1906fe520b65051ea9c14827e9cd737a6952d478ff3cb4436a913", @ANYRES8=r0, @ANYRESOCT, @ANYRESHEX=0x0], 0x0, 0x1df, &(0x7f0000000380)="$eJzslctqFEEUhr/qrpnJ6Cyydmsw2ehkOiC+gXkAH8Bh0sZgj5f0gM4QsHWTjQvxJQI+hQtB9y5EBDdxoaCLiKuIjFTXqbJaI+MthED/0Jz//HUuVdVU1dX8Vt4Cvu5tDZinhKLDa6XQwKKy2n7T2k9ip4J32vo90R+LfSs2H09ePLB0cq2fZelmPp5BlIJZMRXys6R/u9kB5Pn9qqL4RXD81y3+ExnFdmezrEl16GEluFXG/JAuuRzV5A+VfO5AqLx3RP1D5W6gNDjsVYBXvnRm/6ZXj+zvPDAmlvQ21W05fiT6o6wcub7yi/ciPpbOy72tgSGX5RYz2pr93JEoY4zzNIg5paEAFTP1dXR5W8Ii0B0Nb3bz8eTsxrC/nq6n15Nk5fzys5NyRKd3YSNLl1UwjcgQjYc5p+1gvAG8+T5eEEAFUzM4AcrluhR3OS+dDhLbEAW5YQ1b94nv3xItZsglzjAH3C7McILdrQVMNc0Vs7RVFLE4PR3ME/aJmCsHzg1uZGvbKJRL20H7Gr1dGt5JxDGN0pULfvnbYhfErordEbsr1r1d7k3SZYUP4i0V0OROfzTaLB8vy7yWeC2Z950j6epeQ+Vm0qJGjRo1atSoUeOY4FsAAAD//87DTTs=")
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0)
ioctl$HIDIOCGVERSION(0xffffffffffffffff, 0x80044801, &(0x7f0000000d80))
r2 = fsopen(0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
openat$cgroup_pressure(0xffffffffffffffff, 0x0, 0x2, 0x0)
close_range(r1, r1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xe, 0x6, &(0x7f0000000000)=ANY=[@ANYBLOB="050000000000000071117900000000008510000002000000850000003400000095000000000000009500a50500000000"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x6}, 0x70)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f00000001c0)=@assoc_value, &(0x7f0000000200)=0x8)

1.578229074s ago: executing program 3 (id=856):
socket$kcm(0x2d, 0x2, 0x0)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xe, &(0x7f0000000000)=0x482, 0x4)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
setsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x480, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x0, 0x0, &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, 0x0, 0xc000)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000180)=[{}], 0x1}, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000000)={'batadv0\x00', <r2=>0x0})
r3 = socket$kcm(0x10, 0x2, 0x0)
ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(r3, 0x8982, &(0x7f0000000400)={0x0, 'batadv0\x00', {0x5}})
sendmsg$nl_route(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)=@dellink={0x20, 0x11, 0x1, 0x70bd27, 0x25dfdbfd, {0x0, 0x0, 0x0, r2, 0x1480, 0x2104}}, 0x20}, 0x1, 0x0, 0x0, 0x40}, 0x80)

1.355380858s ago: executing program 3 (id=857):
sendmsg$IEEE802154_ASSOCIATE_RESP(0xffffffffffffffff, 0x0, 0x20000010)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r3, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
syz_emit_ethernet(0xbe, &(0x7f0000000000)={@local, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "7b4b143b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af", "584cbf2649a50f2dbc43efa8698d04001c51852e4451b57d037ad3c045942824251d7d17b5191584cdd4fbe40a27424d", "bcfd56f1373669caaa2f19935e6996c7096ffe4f3a4745a8f762b964", {"9a3bfbc1f39cb307b3472eb9cdb042d2", "643fcbb2c5a5400300001d2300000009"}}}}}}}, 0x0)
syz_emit_ethernet(0xe2, &(0x7f00000000c0)={@local, @link_local, @void, {@ipv4={0x800, @udp={{0xe, 0x4, 0x0, 0x0, 0xd4, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty, {[@timestamp_prespec={0x44, 0x24, 0x17, 0x3, 0x5, [{@multicast2, 0x6}, {@empty, 0xffffffff}, {@dev={0xac, 0x14, 0x14, 0xb}, 0x4}, {@rand_addr=0x64010102, 0x8}]}]}}, {0x0, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "7b4b143b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af", "584cbf2649a50f2dbc43efa8698dfa871c51852e4451b57d037ad3c045942824251d7d17b5191584cdd4fbe40a27424d", "bcfd56f1373669caaa2f19935e6996c7096ffe4f3a4745a8f762b964", {"9a3bfbc1f39cb307b3472eb9cdb042d2", "643fcbb2c5a57df67d544af6e8dafe09"}}}}}}}, 0x0)
r4 = syz_io_uring_setup(0x18d6, &(0x7f0000000040)={0x0, 0x3}, &(0x7f0000ffe000), &(0x7f0000ffe000))
io_uring_register$IORING_REGISTER_IOWQ_MAX_WORKERS(r4, 0x2, &(0x7f0000000180), 0xfe)
r5 = socket$packet(0x11, 0x3, 0x300)
sendmsg$RDMA_NLDEV_CMD_PORT_GET(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000240)=ANY=[@ANYBLOB="2000c5935c4057bdfaad00000514010000000000000000000800010000000000a8534fc51b8a4a257014aa6e84ffa4fdc39d87dcb70fb27a817bec9730f7932e0cf18f5b1aab205385fb485e230c1a438103d380a17f487074290b92e5b47a501d938943c4e443277683cf5552c48111792bd189e70fe041549f5ce3b2da5016cd8677"], 0x20}}, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r6=>0x0})
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="4c00000013000100000000000000000007000000", @ANYRES32=r6, @ANYBLOB="00000000db0000002c001a802800058024000480080002000000000008000100000001000800043ca400000008000b00ffff0000"], 0x4c}}, 0x0)

1.135865272s ago: executing program 2 (id=858):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)={0x50, 0x2, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:net,net\x00'}, @IPSET_ATTR_DATA={0x4}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x50}, 0x1, 0x0, 0x0, 0x20044000}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_TEST(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="640000000906010800000000000000000600000505000100070000003c0007801800148014000240fc0000000000000000000000000000011800018014000240ff01f9efffff0000000000000000000105000300070000000900020073797a31"], 0x64}}, 0x4800)

283.791696ms ago: executing program 1 (id=859):
sendmsg$NL80211_CMD_CHANNEL_SWITCH(0xffffffffffffffff, &(0x7f0000005040)={0x0, 0x0, &(0x7f0000005000)={&(0x7f0000002000)={0x104, 0x0, 0x0, 0x0, 0x0, {{}, {@void, @void}}, [@NL80211_ATTR_CSA_IES={0x90, 0xb9, 0x0, 0x1, [@beacon_params=[@NL80211_ATTR_IE_PROBE_RESP={0x1e, 0x7f, [@mic={0x8c, 0x18, {0x0, "2920a2909b32", @long="e9b658274ab94887bda117217aac05e0"}}]}, @NL80211_ATTR_BEACON_HEAD={0x5c, 0xe, {{{}, {}, @device_b, @device_b, @from_mac=@broadcast}, 0x0, @random, 0x0, @void, @void, @void, @void, @val={0x6, 0x2}, @void, @void, @val={0x2a, 0x1}, @void, @val={0x2d, 0x1a}, @void, @val={0x71, 0x7}, @val={0x76, 0x6}}}], @NL80211_ATTR_CSA_C_OFF_BEACON={0x6, 0xba, [0x0]}, @NL80211_ATTR_CSA_C_OFF_PRESP={0x4}, @NL80211_ATTR_CSA_C_OFF_BEACON={0x4}]}, @NL80211_ATTR_CH_SWITCH_BLOCK_TX={0x4}, @NL80211_ATTR_CSA_IES={0x54, 0xb9, 0x0, 0x1, [@beacon_params=[@NL80211_ATTR_IE_PROBE_RESP={0x4}, @NL80211_ATTR_IE={0x28, 0x2a, [@tim={0x5, 0x3}, @ssid={0x0, 0x6, @default_ap_ssid}, @rann={0x7e, 0x15, {{}, 0x0, 0x0, @broadcast}}]}, @NL80211_ATTR_IE={0x8, 0x2a, [@random, @ssid]}], @beacon_params=[@NL80211_ATTR_FTM_RESPONDER={0x4}], @NL80211_ATTR_CSA_C_OFF_PRESP={0x16, 0xbb, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}]}, @NL80211_ATTR_CSA_IES={0x8, 0xb9, 0x0, 0x1, [@beacon_params=[@NL80211_ATTR_BEACON_TAIL={0x4}]]}]}, 0x104}}, 0x0)
request_key(&(0x7f0000000040)='asymmetric\x00', &(0x7f0000001ffb)={'syz', 0x1}, &(0x7f0000001fee)='R\x10rust\xe3c*sgrVex:Dd', 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x10, 0x3, &(0x7f0000000300)=ANY=[@ANYBLOB="620ac4ff0000000071104700000000009500000000000000a152f74b4917824cb5c370c795731ae8de7ee279345153b6a40f36b8e3a9479e4f1c63e69074494ae34b8d6da8b7e8702ede650ed8aa259b5736c3af9ffd564f71a127d451c2139d545badd9e129baba584cfb60a633c72fba8559c380d338ee9dab5d1288f41b"], &(0x7f0000000480)='GPL\x00'}, 0x80)

265.464646ms ago: executing program 2 (id=860):
socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = syz_open_dev$video(&(0x7f0000000100), 0x49, 0x0)
ioctl$VIDIOC_S_PARM(r3, 0xc0cc5616, &(0x7f0000000300)={0x9, @capture={0x1000, 0xb818cd38c9e7b677, {0x8, 0x9}, 0x8000, 0x101}})
r4 = socket(0x15, 0x5, 0x0)
getsockopt(r4, 0x200000000114, 0x2713, &(0x7f0000000580)=""/102393, &(0x7f0000000000)=0x18ff9)
sendmsg$IPSET_CMD_ADD(r4, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x10000047}, 0x8c4)

257.480336ms ago: executing program 3 (id=861):
syz_mount_image$hfsplus(&(0x7f0000000180), &(0x7f0000000500)='./file1\x00', 0x80408a, &(0x7f0000000540)=ANY=[], 0x11, 0x6c1, &(0x7f000000abc0)="$eJzs3c9vHGcZB/DvrNc/NpVct03TgCrVNFJBRCRxrBTCJQEhFKQKVUGCs9U4jRUnDY6L0h6IC0hInDjwB7SHcIETCCEhIUUqZ7hVcLI4VULqpae0Qgza2dn12t21N3FiO/D5WLPzvPPOvvPMs/NjdyVrA/zfunA8zbtp5cLxV2612+t35pfX78xf68SN5SSTSRpJszNLcT0p3k/OpzPlc+2F9XDFsO38aunsxQ8+Xv+w02pmY7z2Q2t4gs1R9mKtnjKbZKye78Km8V57sPEmN8KiV5l2wY51Cwf7bTxJuckPj2z0DFKO9TWGnu/A46Po3Df7dM7/meRQkqnuDW2t09nY+wx3NMK16Be9aO3R5gIAAAAHwpP3bie3Mr3feQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDjpP79/6KeGt14NkX39/8n+n5jf2Kf0x1u+8ymusHdxl4kAwAAAAAAAACP1gv38puLZTndbZdFGt8fqxuHq8cn8mZuZjErOZFbWchqVrOSuSQzfQNN3FpYXV2Zy4udZ35aluWQZ54e+MzTIybc2v0+AwAAAAAAAMD/kHP1/Ce5kOl9zgUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADYpkrHOrJoOd+OZNJpJppJMtNdbS/7WjR9nd/c7AQAAAHhY/vHvsjKg68l7uZdbme62y6L6zH+k+tw/lTdzPatZymqWs5hL1XcBnU/9jfU788vrd+avtafPjvteayP+/fSOGVYjpvPdw+AtH63WaOVylqolJ/Ja3shyLqVRPbPtaDefwXm981F77HMdZZnJUWp3qZ639/yX9fxgmKkqMt6ryKl2bkWnjk9tX4lvfLSrLc2l0fvm5/B91Pzctlsp/tM9Qg91lyRPfGfnmo/f187sytZKnO47+o5sX4nki3/47Q+uLF+/eqVYO35wDqNBXhi8ePKfG9eQmfqMTfVl4GLm+yrx3MiVuHzzgFdiqOamViPP9uIL+Xa+l+OZzatZyVJ+lIWsZjGz+VYVLdTHc/txZvtKnd/UenWnnCbq12VsS05feLIz3y6nF6vnTmcp380buZTFvFz9nc5cvpozOZOzfa/wsyOc9Y0BZ/0fhyd/7Et10L5z/LyeHwztuj7VV9f+a+5M1de/pJGyvrM8/dCujT3Nz9dB+5X4ad85uP96lZhK7y7Rze6ZbgXGB1biveqycnP5+tWVKws3toxbrA3e3kvZvPsH50LSPl6e7l0jNh8d7b5nBvbNVX2He32NrX2/bvX6djpTJ+r3cJ8d6XTV99zAvvmq72hfX/v91lSSxXxalmXn/VbXM3tcVQBGdujLhyZa/2r9tfVu62etK61Xpr45+bXJ5ycy/pfxrzdPjb3UeL74Xd7Nj7PzJ3QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGBHN996++rC8vLiypagLMvbQ7oeSZBmsmnJn//Ut071W2NJRh+wvfb5RlItaaYO7i+x2w+2O+88aBH+Xr8me1LwhxJMDT1+tgaflGV5MHIeJShre771RvZ937vBvl6WgD1wcvXajZM333r7K0vXFl5ffH3x+tkzZ86eOnvm5fmTl5eWp/Y7PeARqu711fuc/c4EAAAAAAAAAAAAGNVo/5xT9JY0k9z3//YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7MKF42neTZG5UydOtdvrd+aX21M33ljzkySNJMVsUryfnE9nykzfcMWw7awlFz/4eP3DTqtZT9X6jd3vxVo9ZTbJWD0fYGrQwvL2sPGKapwbw8cbUdGrTLtgx7qFg/323wAAAP//yAscyg==")
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, 0x0, 0xffffffffffffff26)
listxattr(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)

165.371758ms ago: executing program 1 (id=862):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
r1 = syz_open_dev$vivid(&(0x7f0000000200), 0x0, 0x2)
ioctl$VIDIOC_DQBUF(r1, 0xc0585611, &(0x7f00000036c0)=@userptr={0x4, 0x9, 0x4, 0x1, 0xc1d, {}, {0x4, 0xc, 0x18, 0x4, 0x3f, 0x34, "d10fe316"}, 0x9, 0x2, {0x0}})
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, 0x0)
ioctl$SNDCTL_SYNTH_MEMAVL(0xffffffffffffffff, 0xc004510e, &(0x7f0000000000)=0x8)
ioctl$EXT4_IOC_MIGRATE(r0, 0x6609)
getsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x0, 0x0, &(0x7f0000000100))
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5)
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1)
ioctl$AUTOFS_IOC_CATATONIC(r2, 0x800443d3, 0x20000002)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x44, 0x0, &(0x7f0000000900)=[@transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})

0s ago: executing program 1 (id=863):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b"], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
close(r4)
r5 = socket$unix(0x1, 0x1, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000026c0)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {0x0, 0xb}, {0xffff, 0xffff}, {0x0, 0xe}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x28, 0x2, {{0x100, 0x7, 0x6361, 0x5, 0xfffffffd, 0x6}, [@TCA_NETEM_RATE64={0xc, 0x8, 0x7fc0d8f874167320}]}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)
ioctl$SIOCSIFHWADDR(r4, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})

kernel console output (not intermixed with test programs):

 information on journal
[   90.812828][  T136] wlan1: send auth to 08:02:11:00:00:00 (try 3/3)
[   90.896726][ T4900] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[   90.922511][  T136] wlan1: authentication with 08:02:11:00:00:00 timed out
[   90.980892][ T4926] loop0: detected capacity change from 0 to 1024
[   90.999963][ T4036] ocfs2: Unmounting device (7,2) on (node local)
[   91.010188][ T4928] binder: 4927:4928 got reply transaction with no transaction stack
[   91.024127][ T4928] binder: 4927:4928 transaction failed 29201/-71, size 0-0 line 2822
[   91.028261][ T4928] binder: 4927:4928 ioctl c0306201 20000240 returned -14
[   91.033595][ T4926] hfsplus: unable to parse mount options
[   91.211046][ T4936] 9p: Unknown uid 18446744073709551615
[   91.561372][ T4920] syz.1.233 uses obsolete (PF_INET,SOCK_PACKET)
[   91.582116][ T4947] netlink: 56 bytes leftover after parsing attributes in process `syz.4.244'.
[   91.588956][ T4947] loop2: detected capacity change from 0 to 7
[   91.594388][ T4947] Dev loop2: unable to read RDB block 7
[   91.596074][ T4947]  loop2: AHDI p2 p3 p4
[   91.597198][ T4947] loop2: partition table partially beyond EOD, truncated
[   91.600037][ T4947] loop2: p2 size 150995456 extends beyond EOD, truncated
[   91.606060][ T4947] loop2: p3 size 4211081215 extends beyond EOD, truncated
[   91.617790][ T4947] device syzkaller1 entered promiscuous mode
[   92.566889][ T4941] loop0: detected capacity change from 0 to 32768
[   92.604332][ T3652] Dev loop2: unable to read RDB block 7
[   92.605883][ T3652]  loop2: AHDI p2 p3 p4
[   92.606964][ T3652] loop2: partition table partially beyond EOD, truncated
[   92.608951][ T3652] loop2: p2 size 150995456 extends beyond EOD, truncated
[   92.646687][ T3652] loop2: p3 size 4211081215 extends beyond EOD, truncated
[   92.650913][ T4941] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[   92.706279][ T4941] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[   92.756065][ T4941] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[   92.824650][ T4960] rdma_rxe: already configured on lo
[   92.926295][ T4959] (unnamed net_device) (uninitialized): (slave bond_slave_1): Device is not our slave
[   92.947380][ T4959] (unnamed net_device) (uninitialized): option active_slave: invalid value (bond_slave_1)
[   92.969043][ T4964] netlink: 48 bytes leftover after parsing attributes in process `syz.2.248'.
[   93.015512][ T4965] FAULT_INJECTION: forcing a failure.
[   93.015512][ T4965] name failslab, interval 1, probability 0, space 0, times 0
[   93.041643][ T4965] CPU: 0 PID: 4965 Comm: syz.4.249 Not tainted 5.15.189-syzkaller #0
[   93.043875][ T4965] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   93.046591][ T4965] Call trace:
[   93.047517][ T4965]  dump_backtrace+0x0/0x43c
[   93.048749][ T4965]  show_stack+0x2c/0x3c
[   93.049868][ T4965]  __dump_stack+0x30/0x40
[   93.051082][ T4965]  dump_stack_lvl+0xf8/0x160
[   93.052369][ T4965]  dump_stack+0x1c/0x5c
[   93.053507][ T4965]  should_fail+0x3c0/0x51c
[   93.054676][ T4965]  __should_failslab+0xbc/0x10c
[   93.055986][ T4965]  should_failslab+0x10/0x28
[   93.057235][ T4965]  slab_pre_alloc_hook+0x64/0xec
[   93.058568][ T4965]  kmem_cache_alloc+0x94/0x3e4
[   93.059869][ T4965]  __khugepaged_enter+0x38/0x344
[   93.061222][ T4965]  copy_mm+0x4f4/0x1084
[   93.062318][ T4965]  copy_process+0x14d8/0x34ac
[   93.063638][ T4965]  kernel_clone+0x1d8/0x9d4
[   93.064884][ T4965]  __arm64_sys_clone+0x138/0x190
[   93.066226][ T4965]  invoke_syscall+0x98/0x2b8
[   93.067429][ T4965]  el0_svc_common+0x138/0x258
[   93.068672][ T4965]  do_el0_svc+0x58/0x14c
[   93.069815][ T4965]  el0_svc+0x78/0x1e0
[   93.070857][ T4965]  el0t_64_sync_handler+0xcc/0xe4
[   93.072156][ T4965]  el0t_64_sync+0x1a0/0x1a4
[   93.320726][ T4839] udevd[4839]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory
[   93.328529][ T4331] udevd[4331]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory
[   93.347574][ T4035] ocfs2: Unmounting device (7,0) on (node local)
[   93.351151][ T4970] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[   93.400182][ T4974] overlayfs: "xino" feature enabled using 2 upper inode bits.
[   93.448974][ T4974] loop2: detected capacity change from 0 to 1024
[   93.520869][ T4974] hfsplus: bad catalog entry type
[   93.587485][ T4987] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[   93.603335][ T4989] FAULT_INJECTION: forcing a failure.
[   93.603335][ T4989] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[   93.614687][ T1629] hfsplus: b-tree write err: -5, ino 4
[   93.623078][ T4989] CPU: 0 PID: 4989 Comm: syz.0.253 Not tainted 5.15.189-syzkaller #0
[   93.625329][ T4989] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   93.628064][ T4989] Call trace:
[   93.628963][ T4989]  dump_backtrace+0x0/0x43c
[   93.630227][ T4989]  show_stack+0x2c/0x3c
[   93.631360][ T4989]  __dump_stack+0x30/0x40
[   93.632543][ T4989]  dump_stack_lvl+0xf8/0x160
[   93.633771][ T4989]  dump_stack+0x1c/0x5c
[   93.634870][ T4989]  should_fail+0x3c0/0x51c
[   93.636036][ T4989]  should_fail_alloc_page+0x74/0xa8
[   93.637466][ T4989]  prepare_alloc_pages+0x160/0x460
[   93.638868][ T4989]  __alloc_pages+0x108/0x470
[   93.640113][ T4989]  alloc_pages_vma+0x284/0x7a8
[   93.641461][ T4989]  alloc_zeroed_user_highpage_movable+0x9c/0xd8
[   93.643192][ T4989]  wp_page_copy+0x188/0x11ec
[   93.644515][ T4989]  do_wp_page+0x6c0/0x994
[   93.645699][ T4989]  handle_mm_fault+0x1770/0x2950
[   93.647063][ T4989]  do_page_fault+0x694/0xad4
[   93.648381][ T4989]  do_mem_abort+0x6c/0x1ac
[   93.649652][ T4989]  el0_da+0x90/0x1fc
[   93.650714][ T4989]  el0t_64_sync_handler+0xd8/0xe4
[   93.652091][ T4989]  el0t_64_sync+0x1a0/0x1a4
[   93.769638][ T4999] loop2: detected capacity change from 0 to 512
[   93.774177][ T4989] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[   93.780652][ T4989] loop0: detected capacity change from 0 to 1024
[   93.845055][ T4989] hfsplus: unable to parse mount options
[   93.958771][ T5008] FAULT_INJECTION: forcing a failure.
[   93.958771][ T5008] name failslab, interval 1, probability 0, space 0, times 0
[   93.971538][ T5008] CPU: 0 PID: 5008 Comm: syz.2.260 Not tainted 5.15.189-syzkaller #0
[   93.973809][ T5008] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   93.976586][ T5008] Call trace:
[   93.977474][ T5008]  dump_backtrace+0x0/0x43c
[   93.978719][ T5008]  show_stack+0x2c/0x3c
[   93.979896][ T5008]  __dump_stack+0x30/0x40
[   93.981122][ T5008]  dump_stack_lvl+0xf8/0x160
[   93.982399][ T5008]  dump_stack+0x1c/0x5c
[   93.983552][ T5008]  should_fail+0x3c0/0x51c
[   93.984773][ T5008]  __should_failslab+0xbc/0x10c
[   93.986150][ T5008]  should_failslab+0x10/0x28
[   93.987406][ T5008]  slab_pre_alloc_hook+0x64/0xec
[   93.988797][ T5008]  kmem_cache_alloc_node+0x98/0x41c
[   93.990294][ T5008]  __alloc_skb+0x134/0x67c
[   93.991555][ T5008]  netlink_sendmsg+0x548/0x9cc
[   93.992953][ T5008]  ____sys_sendmsg+0x61c/0x920
[   93.994305][ T5008]  ___sys_sendmsg+0x1d0/0x240
[   93.995615][ T5008]  __arm64_sys_sendmsg+0x1a8/0x254
[   93.997086][ T5008]  invoke_syscall+0x98/0x2b8
[   93.998375][ T5008]  el0_svc_common+0x138/0x258
[   93.999641][ T5008]  do_el0_svc+0x58/0x14c
[   94.000824][ T5008]  el0_svc+0x78/0x1e0
[   94.001899][ T5008]  el0t_64_sync_handler+0xcc/0xe4
[   94.003300][ T5008]  el0t_64_sync+0x1a0/0x1a4
[   94.038948][ T5010] loop1: detected capacity change from 0 to 128
[   94.065632][ T5014] binder: 5013:5014 got reply transaction with no transaction stack
[   94.067823][ T5014] binder: 5013:5014 transaction failed 29201/-71, size 0-0 line 2822
[   94.070535][ T4153] binder: undelivered TRANSACTION_ERROR: 29201
[   94.094729][ T5010] ufs: You didn't specify the type of your ufs filesystem
[   94.094729][ T5010] 
[   94.094729][ T5010] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[   94.094729][ T5010] 
[   94.094729][ T5010] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[   94.133195][ T5010] ufs: ufs_fill_super(): fragment size 2066844866 is not a power of 2
[   94.279466][ T5035] binder: 5032:5035 got transaction to invalid handle, 1
[   94.281520][ T5035] binder: 5032:5035 transaction failed 29201/-22, size 0-0 line 2917
[   94.293882][ T4153] binder: undelivered TRANSACTION_ERROR: 29201
[   94.307880][ T5036] device syzkaller0 entered promiscuous mode
[   94.457631][ T5041] 9p: Unknown uid 18446744073709551615
[   94.531578][ T5046] loop1: detected capacity change from 0 to 64
[   94.536158][ T5044] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[   94.629000][ T5053] FAULT_INJECTION: forcing a failure.
[   94.629000][ T5053] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[   94.632727][ T5053] CPU: 1 PID: 5053 Comm: syz.0.277 Not tainted 5.15.189-syzkaller #0
[   94.634926][ T5053] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   94.637522][ T5053] Call trace:
[   94.638406][ T5053]  dump_backtrace+0x0/0x43c
[   94.639623][ T5053]  show_stack+0x2c/0x3c
[   94.640839][ T5053]  __dump_stack+0x30/0x40
[   94.642047][ T5053]  dump_stack_lvl+0xf8/0x160
[   94.643310][ T5053]  dump_stack+0x1c/0x5c
[   94.644420][ T5053]  should_fail+0x3c0/0x51c
[   94.645604][ T5053]  should_fail_alloc_page+0x74/0xa8
[   94.647015][ T5053]  prepare_alloc_pages+0x160/0x460
[   94.648387][ T5053]  __alloc_pages+0x108/0x470
[   94.649623][ T5053]  alloc_pages+0x34c/0x5c0
[   94.650832][ T5053]  __vmalloc_node_range+0x514/0x8d8
[   94.652226][ T5053]  dup_task_struct+0x5d8/0xc44
[   94.653512][ T5053]  copy_process+0x4c8/0x34ac
[   94.654840][ T5053]  kernel_clone+0x1d8/0x9d4
[   94.656033][ T5053]  __arm64_sys_clone+0x138/0x190
[   94.657357][ T5053]  invoke_syscall+0x98/0x2b8
[   94.658574][ T5053]  el0_svc_common+0x138/0x258
[   94.659863][ T5053]  do_el0_svc+0x58/0x14c
[   94.661037][ T5053]  el0_svc+0x78/0x1e0
[   94.662090][ T5053]  el0t_64_sync_handler+0xcc/0xe4
[   94.663464][ T5053]  el0t_64_sync+0x1a0/0x1a4
[   94.664763][    C1] vkms_vblank_simulate: vblank timer overrun
[   94.915103][ T5075] FAULT_INJECTION: forcing a failure.
[   94.915103][ T5075] name failslab, interval 1, probability 0, space 0, times 0
[   94.927571][ T5075] CPU: 1 PID: 5075 Comm: syz.3.282 Not tainted 5.15.189-syzkaller #0
[   94.929774][ T5075] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   94.932539][ T5075] Call trace:
[   94.933403][ T5075]  dump_backtrace+0x0/0x43c
[   94.934595][ T5075]  show_stack+0x2c/0x3c
[   94.935712][ T5075]  __dump_stack+0x30/0x40
[   94.936867][ T5075]  dump_stack_lvl+0xf8/0x160
[   94.938063][ T5075]  dump_stack+0x1c/0x5c
[   94.939142][ T5075]  should_fail+0x3c0/0x51c
[   94.940344][ T5075]  __should_failslab+0xbc/0x10c
[   94.941664][ T5075]  should_failslab+0x10/0x28
[   94.942937][ T5075]  slab_pre_alloc_hook+0x64/0xec
[   94.944242][ T5075]  kmem_cache_alloc_trace+0x98/0x3fc
[   94.945627][ T5075]  binder_get_thread+0x220/0x768
[   94.946895][ T5075]  binder_ioctl+0x2a4/0x1c98
[   94.948136][ T5075]  __arm64_sys_ioctl+0x14c/0x1c8
[   94.949447][ T5075]  invoke_syscall+0x98/0x2b8
[   94.950690][ T5075]  el0_svc_common+0x138/0x258
[   94.951998][ T5075]  do_el0_svc+0x58/0x14c
[   94.953152][ T5075]  el0_svc+0x78/0x1e0
[   94.954205][ T5075]  el0t_64_sync_handler+0xcc/0xe4
[   94.955550][ T5075]  el0t_64_sync+0x1a0/0x1a4
[   94.956877][    C1] vkms_vblank_simulate: vblank timer overrun
[   95.026449][ T5075] binder: 5074:5075 ioctl c0306201 20000780 returned -12
[   96.135873][ T5094] netlink: 4 bytes leftover after parsing attributes in process `syz.1.288'.
[   96.176303][ T5094] netlink: 12 bytes leftover after parsing attributes in process `syz.1.288'.
[   96.195748][ T5096] loop4: detected capacity change from 0 to 128
[   96.226154][ T5096] ufs: You didn't specify the type of your ufs filesystem
[   96.226154][ T5096] 
[   96.226154][ T5096] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[   96.226154][ T5096] 
[   96.226154][ T5096] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[   96.304081][ T5071] loop0: detected capacity change from 0 to 32768
[   96.321586][ T5096] ufs: ufs_fill_super(): fragment size 2066844866 is not a power of 2
[   96.326934][ T5105] binder: 5104:5105 got transaction to invalid handle, 1
[   96.328811][ T5105] binder: 5104:5105 transaction failed 29201/-22, size 0-0 line 2917
[   96.345034][ T4148] binder: undelivered TRANSACTION_ERROR: 29201
[   96.437108][ T5109] loop2: detected capacity change from 0 to 128
[   96.440761][ T5109] ufs: You didn't specify the type of your ufs filesystem
[   96.440761][ T5109] 
[   96.440761][ T5109] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[   96.440761][ T5109] 
[   96.440761][ T5109] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[   96.467494][ T5110] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[   96.474041][ T5071] JBD2: Ignoring recovery information on journal
[   96.575005][ T5109] ufs: ufs_fill_super(): fragment size 2066844866 is not a power of 2
[   96.606864][ T5071] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[   96.696957][ T4035] ocfs2: Unmounting device (7,0) on (node local)
[   96.788027][ T5083] loop3: detected capacity change from 0 to 32768
[   96.862035][ T5083] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 scanned by syz.3.284 (5083)
[   96.912569][ T5127] netlink: 32 bytes leftover after parsing attributes in process `syz.1.297'.
[   96.992376][ T5083] BTRFS info (device loop3): using crc32c (crc32c-generic) checksum algorithm
[   96.995095][ T5083] BTRFS info (device loop3): setting nodatacow, compression disabled
[   96.997434][ T5083] BTRFS info (device loop3): max_inline at 0
[   97.073856][ T5135] binder: 5124:5135 Acquire 1 refcount change on invalid ref 3 ret -22
[   97.136321][ T5135] loop4: detected capacity change from 0 to 256
[   97.201212][ T5135] exfat: Deprecated parameter 'utf8'
[   97.296799][ T5135] exFAT-fs (loop4): failed to load upcase table (idx : 0x00011e3e, chksum : 0x38c882e6, utbl_chksum : 0xe619d30d)
[   97.544882][ T5083] BTRFS info (device loop3): disabling tree log
[   97.705231][ T5083] BTRFS info (device loop3): turning off barriers
[   97.707039][ T5083] BTRFS info (device loop3): force zlib compression, level 3
[   97.709095][ T5083] BTRFS info (device loop3): doing ref verification
[   97.710837][ T5083] BTRFS info (device loop3): force clearing of disk cache
[   97.719143][ T5136] 9p: Unknown uid 18446744073709551615
[   97.727277][ T5083] BTRFS info (device loop3): setting nodatasum
[   97.732500][ T5083] BTRFS info (device loop3): enabling ssd optimizations
[   97.741339][ T5083] BTRFS info (device loop3): max_inline at 4096
[   97.760620][ T5083] BTRFS info (device loop3): using free space tree
[   97.767067][ T5083] BTRFS info (device loop3): has skinny extents
[   97.770261][ T5139] capability: warning: `syz.0.301' uses 32-bit capabilities (legacy support in use)
[   97.890882][ T5149] loop4: detected capacity change from 0 to 512
[   97.899467][ T5155] loop2: detected capacity change from 0 to 1024
[   97.936003][ T5155] hfsplus: unable to parse mount options
[   98.016386][ T5083] BTRFS info (device loop3): clearing free space tree
[   98.018700][ T5083] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[   98.021675][ T5083] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[   98.067492][ T5083] BTRFS info (device loop3): creating free space tree
[   98.071075][ T5083] BTRFS info (device loop3): setting compat-ro feature flag for FREE_SPACE_TREE (0x1)
[   98.102322][ T5083] BTRFS info (device loop3): setting compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[   98.104165][ T5175] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[   98.556912][ T5199] 9p: Unknown uid 18446744073709551615
[   98.762336][ T1533] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[   98.890108][ T5181] loop2: detected capacity change from 0 to 32768
[   98.959668][ T5177] loop1: detected capacity change from 0 to 32768
[   98.981473][ T5181] XFS (loop2): Mounting V5 Filesystem
[   99.068580][ T5181] XFS (loop2): Ending clean mount
[   99.075176][ T5181] XFS (loop2): Quotacheck needed: Please wait.
[   99.088940][ T5177] JBD2: Ignoring recovery information on journal
[   99.110409][ T5181] XFS (loop2): Quotacheck: Done.
[   99.215555][ T5177] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[   99.232363][ T1533] usb 1-1: unable to get BOS descriptor or descriptor too short
[   99.235950][ T4036] XFS (loop2): Unmounting Filesystem
[   99.307404][ T4034] ocfs2: Unmounting device (7,1) on (node local)
[   99.332362][ T1533] usb 1-1: config 6 has an invalid interface number: 70 but max is 0
[   99.334563][ T1533] usb 1-1: config 6 has no interface number 0
[   99.336177][ T1533] usb 1-1: config 6 interface 70 has no altsetting 0
[   99.472333][ T5201] loop3: detected capacity change from 0 to 40427
[   99.513510][ T1533] usb 1-1: New USB device found, idVendor=0ace, idProduct=2011, bcdDevice= 1.01
[   99.515956][ T1533] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   99.518059][ T1533] usb 1-1: Product: syz
[   99.519211][ T1533] usb 1-1: Manufacturer: syz
[   99.520425][ T1533] usb 1-1: SerialNumber: syz
[   99.525446][ T5201] F2FS-fs (loop3): build fault injection attr: rate: 771, type: 0x1ffff
[   99.534540][ T5201] F2FS-fs (loop3): invalid crc value
[   99.557700][ T5201] F2FS-fs (loop3): Found nat_bits in checkpoint
[   99.598807][ T5201] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[   99.614704][ T5214] attempt to access beyond end of device
[   99.614704][ T5214] loop3: rw=2049, want=45104, limit=40427
[   99.619572][ T5201] FAULT_INJECTION: forcing a failure.
[   99.619572][ T5201] name failslab, interval 1, probability 0, space 0, times 0
[   99.630959][ T5201] CPU: 0 PID: 5201 Comm: syz.3.314 Not tainted 5.15.189-syzkaller #0
[   99.633205][ T5201] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   99.636061][ T5201] Call trace:
[   99.636980][ T5201]  dump_backtrace+0x0/0x43c
[   99.638292][ T5201]  show_stack+0x2c/0x3c
[   99.639439][ T5201]  __dump_stack+0x30/0x40
[   99.640655][ T5201]  dump_stack_lvl+0xf8/0x160
[   99.641915][ T5201]  dump_stack+0x1c/0x5c
[   99.643062][ T5201]  should_fail+0x3c0/0x51c
[   99.644262][ T5201]  __should_failslab+0xbc/0x10c
[   99.645638][ T5201]  should_failslab+0x10/0x28
[   99.646893][ T5201]  slab_pre_alloc_hook+0x64/0xec
[   99.648280][ T5201]  kmem_cache_alloc+0x94/0x3e4
[   99.649612][ T5201]  getname_flags+0xb8/0x450
[   99.650929][ T5201]  __arm64_sys_unlinkat+0xb4/0xfc
[   99.652354][ T5201]  invoke_syscall+0x98/0x2b8
[   99.653638][ T5201]  el0_svc_common+0x138/0x258
[   99.654993][ T5201]  do_el0_svc+0x58/0x14c
[   99.656197][ T5201]  el0_svc+0x78/0x1e0
[   99.657313][ T5201]  el0t_64_sync_handler+0xcc/0xe4
[   99.658753][ T5201]  el0t_64_sync+0x1a0/0x1a4
[   99.748668][ T5197] loop4: detected capacity change from 0 to 65536
[   99.790173][ T5221] binder: 5220:5221 unknown command 0
[   99.791709][ T5221] binder: 5220:5221 ioctl c0306201 20000780 returned -22
[   99.816028][ T5187] loop0: detected capacity change from 0 to 8
[   99.858833][ T5197] XFS (loop4): Mounting V5 Filesystem
[   99.987078][ T5197] XFS (loop4): Ending clean mount
[  100.004089][ T5197] XFS (loop4): Quotacheck needed: Please wait.
[  100.040528][ T5197] XFS (loop4): Quotacheck: Done.
[  100.053056][ T1533] usb-storage 1-1:6.70: USB Mass Storage device detected
[  100.069241][ T1533] usb-storage 1-1:6.70: device ignored
[  100.114649][ T1533] usb 1-1: USB disconnect, device number 5
[  100.161747][ T5213] loop1: detected capacity change from 0 to 40427
[  100.267161][ T5213] F2FS-fs (loop1): build fault injection attr: rate: 771, type: 0x1ffff
[  100.271256][ T5213] F2FS-fs (loop1): invalid crc value
[  100.280151][ T5243] loop3: detected capacity change from 0 to 128
[  100.288875][ T5213] F2FS-fs (loop1): Found nat_bits in checkpoint
[  100.297194][ T5230] loop2: detected capacity change from 0 to 40427
[  100.313817][ T5213] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  100.333484][ T5244] attempt to access beyond end of device
[  100.333484][ T5244] loop1: rw=2049, want=45104, limit=40427
[  100.333934][ T5243] ufs: You didn't specify the type of your ufs filesystem
[  100.333934][ T5243] 
[  100.333934][ T5243] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  100.333934][ T5243] 
[  100.333934][ T5243] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  100.353678][ T5243] ufs: ufs_fill_super(): fragment size 2066844866 is not a power of 2
[  100.405753][ T4048] XFS (loop4): Unmounting Filesystem
[  100.582338][ T5253] IPVS: set_ctl: invalid protocol: 22 224.0.0.1:20004
[  100.593471][ T5249] netlink: 128 bytes leftover after parsing attributes in process `syz.1.321'.
[  100.686052][ T5261] tipc: Enabling of bearer <eth:syzk> rejected, failed to enable media
[  100.701931][ T5261] device syzkaller0 entered promiscuous mode
[  100.719214][ T5264] loop2: detected capacity change from 0 to 512
[  100.777866][ T5264] EXT4-fs (loop2): can't mount with data=, fs mounted w/o journal
[  100.896273][ T5261] udc-core: couldn't find an available UDC or it's busy
[  100.898198][ T5261] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  101.048941][ T5262] loop0: detected capacity change from 0 to 32768
[  101.051861][ T5269] loop2: detected capacity change from 0 to 512
[  101.055088][ T5271] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  101.120880][ T5269] EXT4-fs error (device loop2): ext4_orphan_get:1401: inode #15: comm syz.2.329: casefold flag without casefold feature
[  101.127130][ T5262] JBD2: Ignoring recovery information on journal
[  101.132819][ T5269] EXT4-fs error (device loop2): ext4_orphan_get:1406: comm syz.2.329: couldn't read orphan inode 15 (err -117)
[  101.138251][ T5269] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  101.167041][ T5262] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  101.195634][ T5269] netlink: 4 bytes leftover after parsing attributes in process `syz.2.329'.
[  101.273154][ T4035] ocfs2: Unmounting device (7,0) on (node local)
[  101.340456][ T5285] binder: 5284:5285 ioctl c0306201 0 returned -14
[  101.420175][ T5291] binder: 5289:5291 got reply transaction with no transaction stack
[  101.421400][ T5290] loop1: detected capacity change from 0 to 512
[  101.433276][ T5291] binder: 5289:5291 transaction failed 29201/-71, size 0-0 line 2822
[  101.438558][ T5291] FAULT_INJECTION: forcing a failure.
[  101.438558][ T5291] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  101.449494][ T5290] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  101.453945][ T5290] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  101.460763][ T5291] CPU: 0 PID: 5291 Comm: syz.0.333 Not tainted 5.15.189-syzkaller #0
[  101.462980][ T5291] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  101.465631][ T5291] Call trace:
[  101.466479][ T5291]  dump_backtrace+0x0/0x43c
[  101.467679][ T5291]  show_stack+0x2c/0x3c
[  101.468820][ T5291]  __dump_stack+0x30/0x40
[  101.470027][ T5291]  dump_stack_lvl+0xf8/0x160
[  101.471257][ T5291]  dump_stack+0x1c/0x5c
[  101.472389][ T5291]  should_fail+0x3c0/0x51c
[  101.473580][ T5291]  should_fail_usercopy+0x20/0x30
[  101.474997][ T5291]  simple_read_from_buffer+0xd0/0x264
[  101.476518][ T5291]  proc_fail_nth_read+0x19c/0x244
[  101.477954][ T5291]  vfs_read+0x278/0xa10
[  101.479055][ T5291]  ksys_read+0x120/0x210
[  101.480262][ T5291]  __arm64_sys_read+0x7c/0x90
[  101.481575][ T5291]  invoke_syscall+0x98/0x2b8
[  101.482848][ T5291]  el0_svc_common+0x138/0x258
[  101.484128][ T5291]  do_el0_svc+0x58/0x14c
[  101.485282][ T5291]  el0_svc+0x78/0x1e0
[  101.486335][ T5291]  el0t_64_sync_handler+0xcc/0xe4
[  101.487710][ T5291]  el0t_64_sync+0x1a0/0x1a4
[  101.515924][ T5290] EXT4-fs (loop1): 1 truncate cleaned up
[  101.517586][ T5290] EXT4-fs (loop1): mounted filesystem without journal. Opts: quota,dioread_lock,inode_readahead_blks=0x0000000008000000,debug_want_extra_isize=0x0000000000000040,block_validity,jqfmt=vfsv1,,errors=continue. Quota mode: writeback.
[  101.536905][   T21] binder: undelivered TRANSACTION_ERROR: 29201
[  101.551875][ T5296] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  101.602144][ T5299] loop0: detected capacity change from 0 to 512
[  101.639958][ T5295] udc-core: couldn't find an available UDC or it's busy
[  101.654949][ T5306] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2228: inode #15: comm syz.1.332: corrupted in-inode xattr
[  101.660610][ T5295] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  101.674836][ T5295] loop3: detected capacity change from 0 to 8
[  101.682710][ T5306] EXT4-fs warning (device loop1): ext4_xattr_set_entry:1760: inode #15: comm syz.1.332: unable to update i_inline_off
[  101.712609][ T5306] EXT4-fs warning (device loop1): ext4_expand_extra_isize_ea:2825: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  101.716561][ T5306] EXT4-fs error (device loop1): ext4_xattr_ibody_get:603: inode #15: comm syz.1.332: corrupted in-inode xattr
[  101.772787][ T5306] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2228: inode #15: comm syz.1.332: corrupted in-inode xattr
[  101.927427][ T5320] netlink: 'syz.1.338': attribute type 6 has an invalid length.
[  102.008820][ T5328] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  102.165247][ T5338] binder: 5337:5338 ioctl c0306201 0 returned -14
[  102.250214][ T5344] FAULT_INJECTION: forcing a failure.
[  102.250214][ T5344] name failslab, interval 1, probability 0, space 0, times 0
[  102.264753][ T5344] CPU: 1 PID: 5344 Comm: syz.1.347 Not tainted 5.15.189-syzkaller #0
[  102.266949][ T5344] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  102.269573][ T5344] Call trace:
[  102.270439][ T5344]  dump_backtrace+0x0/0x43c
[  102.271661][ T5344]  show_stack+0x2c/0x3c
[  102.272766][ T5344]  __dump_stack+0x30/0x40
[  102.273885][ T5344]  dump_stack_lvl+0xf8/0x160
[  102.275099][ T5344]  dump_stack+0x1c/0x5c
[  102.276200][ T5344]  should_fail+0x3c0/0x51c
[  102.277390][ T5344]  __should_failslab+0xbc/0x10c
[  102.278677][ T5344]  should_failslab+0x10/0x28
[  102.279955][ T5344]  slab_pre_alloc_hook+0x64/0xec
[  102.281349][ T5344]  kmem_cache_alloc+0x94/0x3e4
[  102.282789][ T5344]  anon_vma_fork+0xdc/0x49c
[  102.284135][ T5344]  copy_mm+0x7bc/0x1084
[  102.285344][ T5344]  copy_process+0x14d8/0x34ac
[  102.286670][ T5344]  kernel_clone+0x1d8/0x9d4
[  102.287929][ T5344]  __arm64_sys_clone+0x138/0x190
[  102.289316][ T5344]  invoke_syscall+0x98/0x2b8
[  102.290577][ T5344]  el0_svc_common+0x138/0x258
[  102.291896][ T5344]  do_el0_svc+0x58/0x14c
[  102.293072][ T5344]  el0_svc+0x78/0x1e0
[  102.294156][ T5344]  el0t_64_sync_handler+0xcc/0xe4
[  102.295601][ T5344]  el0t_64_sync+0x1a0/0x1a4
[  102.493923][ T5316] loop2: detected capacity change from 0 to 40427
[  102.504516][ T5316] F2FS-fs (loop2): build fault injection attr: rate: 771, type: 0x1ffff
[  102.517557][ T5316] F2FS-fs (loop2): invalid crc value
[  102.535725][ T5316] F2FS-fs (loop2): Found nat_bits in checkpoint
[  102.576448][ T5365] netlink: 44 bytes leftover after parsing attributes in process `syz.0.354'.
[  102.595458][ T5357] loop1: detected capacity change from 0 to 4096
[  102.600399][ T5365] netlink: 40 bytes leftover after parsing attributes in process `syz.0.354'.
[  102.603881][ T5316] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  102.616156][ T5362] attempt to access beyond end of device
[  102.616156][ T5362] loop2: rw=2049, want=45104, limit=40427
[  102.620179][ T5316] FAULT_INJECTION: forcing a failure.
[  102.620179][ T5316] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  102.635883][ T5365] bridge0: port 2(bridge_slave_1) entered disabled state
[  102.645088][ T5316] CPU: 0 PID: 5316 Comm: syz.2.337 Not tainted 5.15.189-syzkaller #0
[  102.647361][ T5316] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  102.650143][ T5316] Call trace:
[  102.651000][ T5316]  dump_backtrace+0x0/0x43c
[  102.652227][ T5316]  show_stack+0x2c/0x3c
[  102.653408][ T5316]  __dump_stack+0x30/0x40
[  102.654615][ T5316]  dump_stack_lvl+0xf8/0x160
[  102.655912][ T5316]  dump_stack+0x1c/0x5c
[  102.657036][ T5316]  should_fail+0x3c0/0x51c
[  102.658270][ T5316]  should_fail_usercopy+0x20/0x30
[  102.659671][ T5316]  strncpy_from_user+0x48/0x598
[  102.661049][ T5316]  getname_flags+0xec/0x450
[  102.662273][ T5316]  __arm64_sys_unlinkat+0xb4/0xfc
[  102.663680][ T5316]  invoke_syscall+0x98/0x2b8
[  102.664979][ T5316]  el0_svc_common+0x138/0x258
[  102.666213][ T5316]  do_el0_svc+0x58/0x14c
[  102.667384][ T5316]  el0_svc+0x78/0x1e0
[  102.668486][ T5316]  el0t_64_sync_handler+0xcc/0xe4
[  102.669846][ T5316]  el0t_64_sync+0x1a0/0x1a4
[  102.703348][ T5357] ntfs3: loop1: ino=5, "/" directory corrupted
[  102.708420][ T5357] ntfs3: loop1: Mark volume as dirty due to NTFS errors
[  102.898774][ T5374] binder: 5373:5374 got transaction to invalid handle, 1
[  102.911144][ T5374] binder: 5373:5374 transaction failed 29201/-22, size 0-0 line 2917
[  102.927425][ T5372] loop0: detected capacity change from 0 to 1024
[  102.931440][ T5374] FAULT_INJECTION: forcing a failure.
[  102.931440][ T5374] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  102.941840][ T5352] loop3: detected capacity change from 0 to 32768
[  102.945006][ T5374] CPU: 1 PID: 5374 Comm: syz.1.356 Not tainted 5.15.189-syzkaller #0
[  102.947124][ T5374] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  102.949784][ T5374] Call trace:
[  102.950665][ T5374]  dump_backtrace+0x0/0x43c
[  102.951916][ T5374]  show_stack+0x2c/0x3c
[  102.953047][ T5374]  __dump_stack+0x30/0x40
[  102.954211][ T5374]  dump_stack_lvl+0xf8/0x160
[  102.955424][ T5374]  dump_stack+0x1c/0x5c
[  102.956521][ T5374]  should_fail+0x3c0/0x51c
[  102.957649][ T5374]  should_fail_usercopy+0x20/0x30
[  102.959061][ T5374]  binder_ioctl_write_read+0x9040/0xaad8
[  102.960563][ T5374]  binder_ioctl+0x38c/0x1c98
[  102.961829][ T5374]  __arm64_sys_ioctl+0x14c/0x1c8
[  102.963142][ T5374]  invoke_syscall+0x98/0x2b8
[  102.964351][ T5374]  el0_svc_common+0x138/0x258
[  102.965644][ T5374]  do_el0_svc+0x58/0x14c
[  102.966770][ T5374]  el0_svc+0x78/0x1e0
[  102.967841][ T5374]  el0t_64_sync_handler+0xcc/0xe4
[  102.969225][ T5374]  el0t_64_sync+0x1a0/0x1a4
[  102.983880][ T5374] binder: 5373:5374 ioctl c0306201 20000780 returned -14
[  103.003024][ T5372] hfsplus: unable to parse mount options
[  103.012998][ T5189] binder: undelivered TRANSACTION_ERROR: 29201
[  103.014320][ T5352] JBD2: Ignoring recovery information on journal
[  103.066678][ T5352] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  103.140285][ T5381] udc-core: couldn't find an available UDC or it's busy
[  103.144201][ T5381] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  103.151867][ T5381] loop2: detected capacity change from 0 to 8
[  103.178556][ T5361] loop4: detected capacity change from 0 to 32768
[  103.192963][ T5382] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  103.209362][ T5382] tipc: Resetting bearer <eth:syzkaller0>
[  103.224977][ T5361] debugfs: Directory '03E7AA51A951448EB9EB6DD609435E20' with parent 'ocfs2' already present!
[  103.230004][ T5377] tipc: Disabling bearer <eth:syzkaller0>
[  103.244669][ T5361] JBD2: Ignoring recovery information on journal
[  103.248311][ T4044] ocfs2: Unmounting device (7,3) on (node local)
[  103.254949][ T5386] loop0: detected capacity change from 0 to 512
[  103.299720][ T5393] FAULT_INJECTION: forcing a failure.
[  103.299720][ T5393] name failslab, interval 1, probability 0, space 0, times 0
[  103.303664][ T5393] CPU: 1 PID: 5393 Comm: syz.1.363 Not tainted 5.15.189-syzkaller #0
[  103.305998][ T5393] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  103.308731][ T5393] Call trace:
[  103.309624][ T5393]  dump_backtrace+0x0/0x43c
[  103.310843][ T5393]  show_stack+0x2c/0x3c
[  103.311932][ T5393]  __dump_stack+0x30/0x40
[  103.313119][ T5393]  dump_stack_lvl+0xf8/0x160
[  103.314367][ T5393]  dump_stack+0x1c/0x5c
[  103.315503][ T5393]  should_fail+0x3c0/0x51c
[  103.316671][ T5393]  __should_failslab+0xbc/0x10c
[  103.318035][ T5393]  should_failslab+0x10/0x28
[  103.319298][ T5393]  slab_pre_alloc_hook+0x64/0xec
[  103.320612][ T5393]  kmem_cache_alloc+0x94/0x3e4
[  103.321904][ T5393]  xas_create+0x4e8/0x12f8
[  103.323046][ T5393]  xas_create_range+0x1a0/0x6d0
[  103.324340][ T5393]  shmem_add_to_page_cache+0x8dc/0x134c
[  103.325891][ T5393]  shmem_getpage_gfp+0x1258/0x1ef0
[  103.327296][ T5393]  shmem_write_begin+0xe0/0x29c
[  103.328660][ T5393]  generic_perform_write+0x204/0x480
[  103.330133][ T5393]  __generic_file_write_iter+0x23c/0x454
[  103.331641][ T5393]  generic_file_write_iter+0xb0/0x1b4
[  103.333085][ T5393]  vfs_write+0x7c8/0xa2c
[  103.334186][ T5393]  ksys_write+0x120/0x210
[  103.335372][ T5393]  __arm64_sys_write+0x7c/0x90
[  103.336629][ T5393]  invoke_syscall+0x98/0x2b8
[  103.337848][ T5393]  el0_svc_common+0x138/0x258
[  103.339142][ T5393]  do_el0_svc+0x58/0x14c
[  103.340276][ T5393]  el0_svc+0x78/0x1e0
[  103.341381][ T5393]  el0t_64_sync_handler+0xcc/0xe4
[  103.342712][ T5393]  el0t_64_sync+0x1a0/0x1a4
[  103.357979][ T5393] loop1: detected capacity change from 0 to 1024
[  103.361065][ T5361] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  103.434471][ T5393] hfsplus: unable to parse mount options
[  103.470724][ T4048] ocfs2: Unmounting device (7,4) on (node local)
[  103.566456][ T5406] binder: 5405:5406 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  103.569498][ T5404] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input2
[  103.570180][ T5406] binder: 5406 RLIMIT_NICE not set
[  103.663577][ T5412] netlink: 20 bytes leftover after parsing attributes in process `syz.4.366'.
[  103.916812][ T5420] rdma_rxe: rxe_register_device failed with error -23
[  103.918866][ T5420] rdma_rxe: failed to add lo
[  104.305836][ T5424] loop4: detected capacity change from 0 to 1024
[  104.337066][ T5424] hfsplus: bad catalog entry type
[  104.349119][ T5424] netlink: 'syz.4.372': attribute type 10 has an invalid length.
[  104.411307][ T5424] 8021q: adding VLAN 0 to HW filter on device bond0
[  104.437705][ T5424] team0: Port device bond0 added
[  104.440499][ T5426] netlink: 4 bytes leftover after parsing attributes in process `syz.4.372'.
[  104.502967][ T5430] loop1: detected capacity change from 0 to 512
[  104.524378][ T5426] team0 (unregistering): Port device team_slave_0 removed
[  104.541511][ T5426] team0 (unregistering): Port device team_slave_1 removed
[  104.560321][ T5426] team0 (unregistering): Port device bond0 removed
[  104.674591][ T5435] device syzkaller0 entered promiscuous mode
[  104.687424][ T5435] IPv6: ADDRCONF(NETDEV_CHANGE): syzkaller0: link becomes ready
[  104.793067][ T5450] device bpq0 entered promiscuous mode
[  104.810704][ T5450] IPv6: ADDRCONF(NETDEV_CHANGE): bpq0: link becomes ready
[  105.049631][ T5457] udc-core: couldn't find an available UDC or it's busy
[  105.051672][ T5457] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  105.076590][ T5457] loop2: detected capacity change from 0 to 8
[  105.207827][ T1629] hfsplus: b-tree write err: -5, ino 4
[  105.329723][ T5465] loop4: detected capacity change from 0 to 1024
[  105.337327][ T5449] loop1: detected capacity change from 0 to 40427
[  105.348528][ T5449] F2FS-fs (loop1): build fault injection attr: rate: 771, type: 0x1ffff
[  105.357054][ T5449] F2FS-fs (loop1): invalid crc value
[  105.378082][ T5449] F2FS-fs (loop1): Found nat_bits in checkpoint
[  105.383276][ T5465] hfsplus: unable to parse mount options
[  105.426412][ T5449] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  105.438460][ T5466] attempt to access beyond end of device
[  105.438460][ T5466] loop1: rw=2049, want=45104, limit=40427
[  105.442369][ T5449] FAULT_INJECTION: forcing a failure.
[  105.442369][ T5449] name failslab, interval 1, probability 0, space 0, times 0
[  105.448431][ T5449] CPU: 0 PID: 5449 Comm: syz.1.378 Not tainted 5.15.189-syzkaller #0
[  105.450798][ T5449] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  105.453699][ T5449] Call trace:
[  105.454641][ T5449]  dump_backtrace+0x0/0x43c
[  105.455894][ T5449]  show_stack+0x2c/0x3c
[  105.457061][ T5449]  __dump_stack+0x30/0x40
[  105.458262][ T5449]  dump_stack_lvl+0xf8/0x160
[  105.459575][ T5449]  dump_stack+0x1c/0x5c
[  105.460711][ T5449]  should_fail+0x3c0/0x51c
[  105.461926][ T5449]  __should_failslab+0xbc/0x10c
[  105.463237][ T5449]  should_failslab+0x10/0x28
[  105.464474][ T5449]  slab_pre_alloc_hook+0x64/0xec
[  105.465802][ T5449]  __kmalloc+0xbc/0x44c
[  105.466916][ T5449]  tomoyo_realpath_from_path+0xcc/0x510
[  105.468471][ T5449]  tomoyo_path_perm+0x1b4/0x440
[  105.469825][ T5449]  tomoyo_path_unlink+0xa4/0xe8
[  105.471171][ T5449]  security_path_unlink+0xe4/0x134
[  105.472587][ T5449]  do_unlinkat+0x280/0x600
[  105.473781][ T5449]  __arm64_sys_unlinkat+0xe0/0xfc
[  105.475290][ T5449]  invoke_syscall+0x98/0x2b8
[  105.476533][ T5449]  el0_svc_common+0x138/0x258
[  105.477827][ T5449]  do_el0_svc+0x58/0x14c
[  105.479062][ T5449]  el0_svc+0x78/0x1e0
[  105.480167][ T5449]  el0t_64_sync_handler+0xcc/0xe4
[  105.481562][ T5449]  el0t_64_sync+0x1a0/0x1a4
[  105.502482][ T5449] ERROR: Out of memory at tomoyo_realpath_from_path.
[  105.575713][ T5475] rdma_rxe: rxe_register_device failed with error -23
[  105.577789][ T5475] rdma_rxe: failed to add lo
[  105.625834][ T5476] loop2: detected capacity change from 0 to 7
[  105.630756][ T5476] Dev loop2: unable to read RDB block 7
[  105.632609][ T5476]  loop2: unable to read partition table
[  105.634241][ T5476] loop2: partition table beyond EOD, truncated
[  105.635960][ T5476] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  105.744444][ T3652] Dev loop2: unable to read RDB block 7
[  105.746127][ T3652]  loop2: unable to read partition table
[  105.750880][ T3652] loop2: partition table beyond EOD, truncated
[  105.821036][ T3652] Dev loop2: unable to read RDB block 7
[  105.828873][ T3652]  loop2: unable to read partition table
[  105.833686][ T3652] loop2: partition table beyond EOD, truncated
[  105.858601][ T5485] IPv6: NLM_F_REPLACE set, but no existing node found!
[  105.864677][  T149] block nbd3: Attempted send on invalid socket
[  105.867863][  T149] print_req_error: 2 callbacks suppressed
[  105.867875][  T149] blk_update_request: I/O error, dev nbd3, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  105.873458][ T5485] binder: 5484:5485 got reply transaction with no transaction stack
[  105.877137][  T149] block nbd3: Attempted send on invalid socket
[  105.879006][  T149] blk_update_request: I/O error, dev nbd3, sector 120 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  105.882265][ T5487] Mount JFS Failure: -5
[  105.884912][ T5485] binder: 5484:5485 transaction failed 29201/-71, size 0-0 line 2822
[  105.908125][ T5485] binder: 5484:5485 ioctl c0306201 20000240 returned -14
[  105.962529][ T5496] binder: 5484:5496 BC_DEAD_BINDER_DONE 0000000000000000 not found
[  105.965891][ T5496] binder: 5484:5496 BC_INCREFS_DONE u0000000000000003 no match
[  105.969122][ T5496] binder: 5484:5496 BC_DEAD_BINDER_DONE 0000000000000000 not found
[  105.977871][ T5496] binder: 5484:5496 IncRefs 0 refcount change on invalid ref 2 ret -22
[  105.988790][ T5496] binder: 5484:5496 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 14)
[  106.003001][ T5490] loop1: detected capacity change from 0 to 8192
[  106.005503][ T5496] binder: 5496 RLIMIT_NICE not set
[  106.013770][ T5490] REISERFS (device loop1): found reiserfs format "3.5" with non-standard journal
[  106.016710][ T5490] REISERFS (device loop1): using ordered data mode
[  106.018619][ T5490] reiserfs: using flush barriers
[  106.028820][ T5490] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  106.033714][ T5490] REISERFS (device loop1): checking transaction log (loop1)
[  106.054576][ T5490] REISERFS (device loop1): Using rupasov hash to sort names
[  106.067077][ T5490] REISERFS (device loop1): using 3.5.x disk format
[  106.079412][ T5490] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  106.098142][ T5490] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  106.114560][ T5490] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  106.128076][ T5490] REISERFS warning (device loop1): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 UNKNOWN] (nlink == 1) not found (pos 2)
[  106.140846][ T5490] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage.
[  106.161020][ T5489] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  106.186081][ T5489] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  106.226728][ T5500] loop3: detected capacity change from 0 to 8192
[  106.235540][ T5502] binder: 5484:5502 ioctl c0306201 20000540 returned -14
[  106.268078][ T5500]  loop3: p4 < >
[  106.476249][ T5511] loop1: detected capacity change from 0 to 512
[  106.558271][ T5511] EXT4-fs (loop1): Invalid log block size: 65535
[  106.584038][ T4839] udevd[4839]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory
[  106.721680][ T5521] tipc: Started in network mode
[  106.724269][ T5521] tipc: Node identity 3afce8fa83c, cluster identity 4711
[  106.728871][ T5521] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  106.745538][ T5521] tipc: Resetting bearer <eth:syzkaller0>
[  106.759928][ T5517] tipc: Disabling bearer <eth:syzkaller0>
[  107.112332][ T5531] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  107.389860][ T5540] loop1: detected capacity change from 0 to 512
[  107.640721][ T5546] netlink: 8 bytes leftover after parsing attributes in process `syz.4.406'.
[  107.643441][ T5546] netlink: 8 bytes leftover after parsing attributes in process `syz.4.406'.
[  107.645822][ T5546] netlink: 4 bytes leftover after parsing attributes in process `syz.4.406'.
[  107.649346][ T5549] loop0: detected capacity change from 0 to 1024
[  107.710959][ T5552] loop1: detected capacity change from 0 to 1024
[  107.712112][ T5543] lo speed is unknown, defaulting to 1000
[  107.718563][ T5546] netlink: 4 bytes leftover after parsing attributes in process `syz.4.406'.
[  107.752937][ T5549] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  107.814322][ T5552] EXT4-fs (loop1): mounted filesystem without journal. Opts: user_xattr,nodioread_nolock,,errors=continue. Quota mode: none.
[  107.941810][ T5559] EXT4-fs error (device loop1): ext4_map_blocks:739: inode #15: block 1: comm syz.1.410: lblock 1 mapped to illegal pblock 1 (length 1)
[  108.076352][ T5552] netlink: 4 bytes leftover after parsing attributes in process `syz.1.410'.
[  108.183038][ T1855] EXT4-fs error (device loop1): ext4_map_blocks:739: inode #15: block 1: comm kworker/u4:6: lblock 1 mapped to illegal pblock 1 (length 1)
[  108.193821][ T1855] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 1 with error 117
[  108.199481][ T1855] EXT4-fs (loop1): This should not happen!! Data will be lost
[  108.199481][ T1855] 
[  108.202333][   T21] Bluetooth: hci5: command 0xfc11 tx timeout
[  108.204012][ T4040] Bluetooth: hci5: Entering manufacturer mode failed (-110)
[  108.273036][ T5527] loop3: detected capacity change from 0 to 32768
[  108.344783][ T5570] loop4: detected capacity change from 0 to 1024
[  108.359817][ T5527] JBD2: Ignoring recovery information on journal
[  108.411174][ T5570] EXT2-fs (loop4): error: can't find an ext2 filesystem on dev loop4.
[  108.480050][ T5573] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  108.621177][ T5527] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  108.635572][ T5527] FAULT_INJECTION: forcing a failure.
[  108.635572][ T5527] name failslab, interval 1, probability 0, space 0, times 0
[  108.659735][ T5527] CPU: 0 PID: 5527 Comm: syz.3.402 Not tainted 5.15.189-syzkaller #0
[  108.662063][ T5527] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  108.664981][ T5527] Call trace:
[  108.665982][ T5527]  dump_backtrace+0x0/0x43c
[  108.667231][ T5527]  show_stack+0x2c/0x3c
[  108.668399][ T5527]  __dump_stack+0x30/0x40
[  108.669600][ T5527]  dump_stack_lvl+0xf8/0x160
[  108.670939][ T5527]  dump_stack+0x1c/0x5c
[  108.672043][ T5527]  should_fail+0x3c0/0x51c
[  108.673213][ T5527]  __should_failslab+0xbc/0x10c
[  108.674567][ T5527]  should_failslab+0x10/0x28
[  108.675816][ T5527]  slab_pre_alloc_hook+0x64/0xec
[  108.677177][ T5527]  __kmalloc+0xbc/0x44c
[  108.678300][ T5527]  tomoyo_encode+0x274/0x4a4
[  108.679546][ T5527]  tomoyo_realpath_from_path+0x4bc/0x510
[  108.681138][ T5527]  tomoyo_path_number_perm+0x1b0/0x518
[  108.682587][ T5527]  tomoyo_file_ioctl+0x2c/0x3c
[  108.683906][ T5527]  security_file_ioctl+0x80/0xbc
[  108.685202][ T5527]  __arm64_sys_ioctl+0xa8/0x1c8
[  108.686509][ T5527]  invoke_syscall+0x98/0x2b8
[  108.687725][ T5527]  el0_svc_common+0x138/0x258
[  108.689024][ T5527]  do_el0_svc+0x58/0x14c
[  108.690199][ T5527]  el0_svc+0x78/0x1e0
[  108.691289][ T5527]  el0t_64_sync_handler+0xcc/0xe4
[  108.692638][ T5527]  el0t_64_sync+0x1a0/0x1a4
[  108.693892][    C0] vkms_vblank_simulate: vblank timer overrun
[  108.719215][ T5527] ERROR: Out of memory at tomoyo_realpath_from_path.
[  108.768858][ T4044] ocfs2: Unmounting device (7,3) on (node local)
[  108.837020][ T5591] kAFS: unable to lookup cell '
[  108.837020][ T5591] >.€·?](<â›'
[  108.837020][ T5591] Ø¡—§P!×0Ä^O¹œ[àÆZéøvMTölÆAèÉß/H=9.äÜb>9ðF9ºÙ*‰ŒmªTS¶û'
[  108.889203][ T5594] loop2: detected capacity change from 0 to 1024
[  108.955315][ T5594] hfsplus: bad catalog entry type
[  109.031367][ T5605] rdma_rxe: rxe_register_device failed with error -23
[  109.033542][ T5605] rdma_rxe: failed to add lo
[  110.249193][ T5617] FAULT_INJECTION: forcing a failure.
[  110.249193][ T5617] name failslab, interval 1, probability 0, space 0, times 0
[  110.249231][ T5617] CPU: 1 PID: 5617 Comm: syz.0.428 Not tainted 5.15.189-syzkaller #0
[  110.249244][ T5617] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  110.249252][ T5617] Call trace:
[  110.249256][ T5617]  dump_backtrace+0x0/0x43c
[  110.249270][ T5617]  show_stack+0x2c/0x3c
[  110.249278][ T5617]  __dump_stack+0x30/0x40
[  110.249289][ T5617]  dump_stack_lvl+0xf8/0x160
[  110.249298][ T5617]  dump_stack+0x1c/0x5c
[  110.249307][ T5617]  should_fail+0x3c0/0x51c
[  110.249318][ T5617]  __should_failslab+0xbc/0x10c
[  110.249329][ T5617]  should_failslab+0x10/0x28
[  110.249338][ T5617]  slab_pre_alloc_hook+0x64/0xec
[  110.249349][ T5617]  __kmalloc+0xbc/0x44c
[  110.249356][ T5617]  security_prepare_creds+0x54/0x140
[  110.249366][ T5617]  prepare_creds+0x438/0x71c
[  110.249376][ T5617]  copy_creds+0x114/0xc9c
[  110.249386][ T5617]  copy_process+0x858/0x34ac
[  110.249394][ T5617]  kernel_clone+0x1d8/0x9d4
[  110.249403][ T5617]  __arm64_sys_clone+0x138/0x190
[  110.249411][ T5617]  invoke_syscall+0x98/0x2b8
[  110.249421][ T5617]  el0_svc_common+0x138/0x258
[  110.249430][ T5617]  do_el0_svc+0x58/0x14c
[  110.249439][ T5617]  el0_svc+0x78/0x1e0
[  110.249449][ T5617]  el0t_64_sync_handler+0xcc/0xe4
[  110.249459][ T5617]  el0t_64_sync+0x1a0/0x1a4
[  110.845698][ T5625] binder: 5624:5625 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  110.879451][ T5625] binder: 5625 RLIMIT_NICE not set
[  111.063832][ T5619] loop3: detected capacity change from 0 to 512
[  111.096310][ T5628] binder: 5627:5628 Release 1 refcount change on invalid ref 3 ret -22
[  111.106540][ T5628] binder: 5627:5628 BC_REQUEST_DEATH_NOTIFICATION invalid ref 0
[  111.131109][ T5596] loop4: detected capacity change from 0 to 32768
[  111.149945][ T5600] loop1: detected capacity change from 0 to 32768
[  111.181635][ T5596] JBD2: Ignoring recovery information on journal
[  111.193670][ T5600] (syz.1.423,5600,0):ocfs2_parse_options:1447 ERROR: Unrecognized mount option "0xffffffffffffffff" or missing value
[  111.197035][ T5600] (syz.1.423,5600,0):ocfs2_fill_super:1177 ERROR: status = -22
[  111.261382][ T5596] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  111.345672][ T4048] ocfs2: Unmounting device (7,4) on (node local)
[  111.380383][ T5600] netlink: 32 bytes leftover after parsing attributes in process `syz.1.423'.
[  111.494569][ T5642] binder: 5640:5642 got reply transaction with no transaction stack
[  111.501500][ T5642] binder: 5640:5642 transaction failed 29201/-71, size 0-0 line 2822
[  111.508587][ T5642] binder: 5640:5642 ioctl c0306201 20000240 returned -14
[  111.595678][ T5646] binder: 5640:5646 unknown command 0
[  111.597334][ T5646] binder: 5640:5646 ioctl c0306201 20000540 returned -22
[  111.640584][ T5651] FAULT_INJECTION: forcing a failure.
[  111.640584][ T5651] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  111.645198][ T5651] CPU: 1 PID: 5651 Comm: syz.3.438 Not tainted 5.15.189-syzkaller #0
[  111.647480][ T5651] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  111.650360][ T5651] Call trace:
[  111.651289][ T5651]  dump_backtrace+0x0/0x43c
[  111.652500][ T5651]  show_stack+0x2c/0x3c
[  111.653624][ T5651]  __dump_stack+0x30/0x40
[  111.654822][ T5651]  dump_stack_lvl+0xf8/0x160
[  111.656102][ T5651]  dump_stack+0x1c/0x5c
[  111.657249][ T5651]  should_fail+0x3c0/0x51c
[  111.658460][ T5651]  should_fail_usercopy+0x20/0x30
[  111.659806][ T5651]  copy_page_from_iter_atomic+0x3b8/0x1214
[  111.661457][ T5651]  generic_perform_write+0x284/0x480
[  111.662874][ T5651]  __generic_file_write_iter+0x23c/0x454
[  111.664403][ T5651]  generic_file_write_iter+0xb0/0x1b4
[  111.665866][ T5651]  vfs_write+0x7c8/0xa2c
[  111.667039][ T5651]  ksys_write+0x120/0x210
[  111.668204][ T5651]  __arm64_sys_write+0x7c/0x90
[  111.669481][ T5651]  invoke_syscall+0x98/0x2b8
[  111.670670][ T5651]  el0_svc_common+0x138/0x258
[  111.671925][ T5651]  do_el0_svc+0x58/0x14c
[  111.673072][ T5651]  el0_svc+0x78/0x1e0
[  111.674107][ T5651]  el0t_64_sync_handler+0xcc/0xe4
[  111.675533][ T5651]  el0t_64_sync+0x1a0/0x1a4
[  111.716836][ T5651] loop3: detected capacity change from 0 to 1024
[  112.413646][ T5654] tipc: Enabling of bearer <eth:syzk> rejected, failed to enable media
[  112.416811][ T5654] device syzkaller0 entered promiscuous mode
[  112.449309][ T5660] capability: warning: `syz.2.442' uses deprecated v2 capabilities in a way that may be insecure
[  112.468265][ T5651] hfsplus: unable to parse mount options
[  112.549640][ T5654] udc-core: couldn't find an available UDC or it's busy
[  112.551615][ T5654] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  112.717911][ T5670] netlink: 84 bytes leftover after parsing attributes in process `syz.0.445'.
[  112.831960][ T5670] loop0: detected capacity change from 0 to 4096
[  112.985722][ T5680] loop3: detected capacity change from 0 to 2048
[  113.083070][ T5680] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  113.093331][ T5680] dlm: non-version read from control device 2
[  113.194760][ T5662] loop1: detected capacity change from 0 to 32768
[  113.286941][ T5662] JBD2: Ignoring recovery information on journal
[  113.469345][ T5662] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  113.992135][ T5693] loop4: detected capacity change from 0 to 32768
[  114.008318][ T4034] ocfs2: Unmounting device (7,1) on (node local)
[  114.073866][ T5693] JBD2: Ignoring recovery information on journal
[  114.287135][ T5693] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  114.348881][ T4048] ocfs2: Unmounting device (7,4) on (node local)
[  114.423812][ T5771] binder: 5768:5771 got reply transaction with no transaction stack
[  114.426143][ T5771] binder: 5768:5771 transaction failed 29201/-71, size 0-0 line 2822
[  114.449495][ T4081] binder: undelivered TRANSACTION_ERROR: 29201
[  114.559079][ T5775] tipc: Enabling of bearer <eth:syzk> rejected, failed to enable media
[  114.577053][ T5775] device syzkaller0 entered promiscuous mode
[  114.641295][ T5773] loop0: detected capacity change from 0 to 8192
[  114.698243][ T5773] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal
[  114.700735][ T5773] REISERFS (device loop0): using ordered data mode
[  114.707259][ T5775] udc-core: couldn't find an available UDC or it's busy
[  114.709205][ T5775] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  114.712615][ T5773] reiserfs: using flush barriers
[  114.718589][ T5773] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  114.750685][ T5773] REISERFS (device loop0): checking transaction log (loop0)
[  114.770006][ T5773] REISERFS (device loop0): Using rupasov hash to sort names
[  114.772029][ T5773] REISERFS (device loop0): using 3.5.x disk format
[  114.792360][ T5773] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  114.795421][ T5773] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  114.798434][ T5773] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  114.809844][ T5784] binder: 5783:5784 got reply transaction with no transaction stack
[  114.819159][ T5784] binder: 5783:5784 transaction failed 29201/-71, size 0-0 line 2822
[  114.842276][ T5773] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage.
[  114.847477][ T5784] binder: 5783:5784 ioctl c0306201 20000240 returned -14
[  114.855585][ T5785] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  114.858584][ T5785] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  114.902498][ T5786] binder: tried to use weak ref as strong ref
[  114.904274][ T5786] binder: 5783:5786 Release 1 refcount change on invalid ref 0 ret -22
[  114.906867][ T5786] binder: 5783:5786 unknown command 0
[  114.908467][ T5786] binder: 5783:5786 ioctl c0306201 20000540 returned -22
[  114.982905][ T5766] loop1: detected capacity change from 0 to 32768
[  114.993909][ T5767] netlink: 12 bytes leftover after parsing attributes in process `syz.1.454'.
[  114.996911][ T5767] netlink: 40 bytes leftover after parsing attributes in process `syz.1.454'.
[  114.999314][ T5767] netlink: 40 bytes leftover after parsing attributes in process `syz.1.454'.
[  115.017267][ T5766] netlink: 12 bytes leftover after parsing attributes in process `syz.1.454'.
[  115.019755][ T5766] netlink: 40 bytes leftover after parsing attributes in process `syz.1.454'.
[  115.031562][ T5766] netlink: 40 bytes leftover after parsing attributes in process `syz.1.454'.
[  115.054279][ T5789] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  115.084489][ T5789] tipc: Resetting bearer <eth:syzkaller0>
[  115.093858][ T5787] tipc: Disabling bearer <eth:syzkaller0>
[  115.191481][ T5791] device syzkaller0 entered promiscuous mode
[  115.241327][ T5793] binder: 5792:5793 got transaction to invalid handle, 1
[  115.251542][ T5793] binder: 5792:5793 transaction failed 29201/-22, size 0-0 line 2917
[  115.258480][ T4081] binder: undelivered TRANSACTION_ERROR: 29201
[  115.293068][ T5795] FAULT_INJECTION: forcing a failure.
[  115.293068][ T5795] name failslab, interval 1, probability 0, space 0, times 0
[  115.296610][ T5795] CPU: 1 PID: 5795 Comm: syz.4.463 Not tainted 5.15.189-syzkaller #0
[  115.298901][ T5795] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  115.301626][ T5795] Call trace:
[  115.302530][ T5795]  dump_backtrace+0x0/0x43c
[  115.303790][ T5795]  show_stack+0x2c/0x3c
[  115.304950][ T5795]  __dump_stack+0x30/0x40
[  115.306151][ T5795]  dump_stack_lvl+0xf8/0x160
[  115.307427][ T5795]  dump_stack+0x1c/0x5c
[  115.308563][ T5795]  should_fail+0x3c0/0x51c
[  115.309696][ T5795]  __should_failslab+0xbc/0x10c
[  115.311064][ T5795]  should_failslab+0x10/0x28
[  115.312322][ T5795]  slab_pre_alloc_hook+0x64/0xec
[  115.313758][ T5795]  __kmalloc+0xbc/0x44c
[  115.314902][ T5795]  tomoyo_realpath_from_path+0xcc/0x510
[  115.316459][ T5795]  tomoyo_path_number_perm+0x1b0/0x518
[  115.318014][ T5795]  tomoyo_file_ioctl+0x2c/0x3c
[  115.319333][ T5795]  security_file_ioctl+0x80/0xbc
[  115.320691][ T5795]  __arm64_sys_ioctl+0xa8/0x1c8
[  115.322043][ T5795]  invoke_syscall+0x98/0x2b8
[  115.323377][ T5795]  el0_svc_common+0x138/0x258
[  115.324636][ T5795]  do_el0_svc+0x58/0x14c
[  115.325849][ T5795]  el0_svc+0x78/0x1e0
[  115.326962][ T5795]  el0t_64_sync_handler+0xcc/0xe4
[  115.328366][ T5795]  el0t_64_sync+0x1a0/0x1a4
[  115.374391][ T5795] ERROR: Out of memory at tomoyo_realpath_from_path.
[  115.382734][ T5795] binder: 5794:5795 got transaction to invalid handle, 1
[  115.384815][ T5795] binder: 5794:5795 transaction failed 29201/-22, size 0-0 line 2917
[  115.403445][ T5188] binder: undelivered TRANSACTION_ERROR: 29201
[  115.570269][ T5809] loop4: detected capacity change from 0 to 1024
[  115.648826][ T5809] hfsplus: failed to load catalog file
[  115.708371][ T5818] FAULT_INJECTION: forcing a failure.
[  115.708371][ T5818] name failslab, interval 1, probability 0, space 0, times 0
[  115.721449][ T5818] CPU: 0 PID: 5818 Comm: syz.2.472 Not tainted 5.15.189-syzkaller #0
[  115.723719][ T5818] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  115.726505][ T5818] Call trace:
[  115.727326][ T5818]  dump_backtrace+0x0/0x43c
[  115.728533][ T5818]  show_stack+0x2c/0x3c
[  115.729679][ T5818]  __dump_stack+0x30/0x40
[  115.730909][ T5818]  dump_stack_lvl+0xf8/0x160
[  115.732171][ T5818]  dump_stack+0x1c/0x5c
[  115.733343][ T5818]  should_fail+0x3c0/0x51c
[  115.734573][ T5818]  __should_failslab+0xbc/0x10c
[  115.735941][ T5818]  should_failslab+0x10/0x28
[  115.737556][ T5818]  slab_pre_alloc_hook+0x64/0xec
[  115.738925][ T5818]  kmem_cache_alloc+0x94/0x3e4
[  115.740187][ T5818]  copy_sighand+0x50/0x218
[  115.741424][ T5818]  copy_process+0x13e0/0x34ac
[  115.742717][ T5818]  kernel_clone+0x1d8/0x9d4
[  115.744014][ T5818]  __arm64_sys_clone+0x138/0x190
[  115.745296][ T5818]  invoke_syscall+0x98/0x2b8
[  115.746566][ T5818]  el0_svc_common+0x138/0x258
[  115.747903][ T5818]  do_el0_svc+0x58/0x14c
[  115.749025][ T5818]  el0_svc+0x78/0x1e0
[  115.750130][ T5818]  el0t_64_sync_handler+0xcc/0xe4
[  115.751583][ T5818]  el0t_64_sync+0x1a0/0x1a4
[  115.762966][ T5820] tipc: Enabling of bearer <eth:syzk> rejected, failed to enable media
[  115.768215][ T5820] device syzkaller0 entered promiscuous mode
[  115.833336][ T5822] udc-core: couldn't find an available UDC or it's busy
[  115.835341][ T5822] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  115.957869][ T5805] loop1: detected capacity change from 0 to 32768
[  115.961296][ T5820] udc-core: couldn't find an available UDC or it's busy
[  115.965418][ T5820] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  116.021282][ T5822] loop4: detected capacity change from 0 to 8
[  116.074408][ T5805] JBD2: Ignoring recovery information on journal
[  116.098153][ T5805] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  116.221799][ T5830] rdma_rxe: rxe_register_device failed with error -23
[  116.225359][ T5830] rdma_rxe: failed to add lo
[  116.855643][ T5805] FAULT_INJECTION: forcing a failure.
[  116.855643][ T5805] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  116.859338][ T5805] CPU: 1 PID: 5805 Comm: syz.1.468 Not tainted 5.15.189-syzkaller #0
[  116.861543][ T5805] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  116.864298][ T5805] Call trace:
[  116.865189][ T5805]  dump_backtrace+0x0/0x43c
[  116.866389][ T5805]  show_stack+0x2c/0x3c
[  116.867542][ T5805]  __dump_stack+0x30/0x40
[  116.868689][ T5805]  dump_stack_lvl+0xf8/0x160
[  116.869936][ T5805]  dump_stack+0x1c/0x5c
[  116.871103][ T5805]  should_fail+0x3c0/0x51c
[  116.872312][ T5805]  should_fail_usercopy+0x20/0x30
[  116.873714][ T5805]  simple_read_from_buffer+0xd0/0x264
[  116.875138][ T5805]  proc_fail_nth_read+0x19c/0x244
[  116.876536][ T5805]  vfs_read+0x278/0xa10
[  116.877667][ T5805]  ksys_read+0x120/0x210
[  116.878834][ T5805]  __arm64_sys_read+0x7c/0x90
[  116.880148][ T5805]  invoke_syscall+0x98/0x2b8
[  116.881498][ T5805]  el0_svc_common+0x138/0x258
[  116.882872][ T5805]  do_el0_svc+0x58/0x14c
[  116.884141][ T5805]  el0_svc+0x78/0x1e0
[  116.885287][ T5805]  el0t_64_sync_handler+0xcc/0xe4
[  116.886681][ T5805]  el0t_64_sync+0x1a0/0x1a4
[  116.987634][ T4034] ocfs2: Unmounting device (7,1) on (node local)
[  117.071948][ T5838] loop0: detected capacity change from 0 to 128
[  117.093295][ T5838] ufs: You didn't specify the type of your ufs filesystem
[  117.093295][ T5838] 
[  117.093295][ T5838] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  117.093295][ T5838] 
[  117.093295][ T5838] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  117.122685][ T5838] ufs: ufs_fill_super(): fragment size 2066844866 is not a power of 2
[  117.305688][ T5834] loop2: detected capacity change from 0 to 4096
[  117.375442][ T5851] loop3: detected capacity change from 0 to 1024
[  117.393451][ T5852] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  117.581934][ T5851] netlink: 'syz.3.485': attribute type 1 has an invalid length.
[  117.591172][ T5851] netlink: 'syz.3.485': attribute type 1 has an invalid length.
[  117.837145][ T5846] loop1: detected capacity change from 0 to 32768
[  117.917984][ T5850] loop0: detected capacity change from 0 to 32768
[  117.963470][ T5850] (syz.0.484,5850,0):ocfs2_parse_options:1459 ERROR: Invalid heartbeat mount options
[  117.966198][ T5850] (syz.0.484,5850,0):ocfs2_fill_super:1177 ERROR: status = -22
[  118.005127][ T5863] FAULT_INJECTION: forcing a failure.
[  118.005127][ T5863] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  118.008943][ T5863] CPU: 0 PID: 5863 Comm: syz.3.490 Not tainted 5.15.189-syzkaller #0
[  118.011319][ T5863] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  118.014158][ T5863] Call trace:
[  118.015106][ T5863]  dump_backtrace+0x0/0x43c
[  118.016378][ T5863]  show_stack+0x2c/0x3c
[  118.017544][ T5863]  __dump_stack+0x30/0x40
[  118.018858][ T5863]  dump_stack_lvl+0xf8/0x160
[  118.020174][ T5863]  dump_stack+0x1c/0x5c
[  118.021339][ T5863]  should_fail+0x3c0/0x51c
[  118.022523][ T5863]  should_fail_usercopy+0x20/0x30
[  118.023916][ T5863]  copy_page_from_iter_atomic+0x3b8/0x1214
[  118.025574][ T5863]  generic_perform_write+0x284/0x480
[  118.027036][ T5863]  __generic_file_write_iter+0x23c/0x454
[  118.028605][ T5863]  generic_file_write_iter+0xb0/0x1b4
[  118.030091][ T5863]  vfs_write+0x7c8/0xa2c
[  118.031255][ T5863]  ksys_write+0x120/0x210
[  118.032530][ T5863]  __arm64_sys_write+0x7c/0x90
[  118.033843][ T5863]  invoke_syscall+0x98/0x2b8
[  118.035117][ T5863]  el0_svc_common+0x138/0x258
[  118.036392][ T5863]  do_el0_svc+0x58/0x14c
[  118.037592][ T5863]  el0_svc+0x78/0x1e0
[  118.038633][ T5863]  el0t_64_sync_handler+0xcc/0xe4
[  118.040066][ T5863]  el0t_64_sync+0x1a0/0x1a4
[  118.063563][ T5863] loop3: detected capacity change from 0 to 1024
[  118.066343][ T5863] hfsplus: unable to parse mount options
[  118.113513][ T5865] tipc: Enabling of bearer <eth:syzk> rejected, failed to enable media
[  118.121621][ T5866] loop4: detected capacity change from 0 to 4096
[  118.124377][ T5865] device syzkaller0 entered promiscuous mode
[  118.161465][ T5871] FAULT_INJECTION: forcing a failure.
[  118.161465][ T5871] name failslab, interval 1, probability 0, space 0, times 0
[  118.175654][ T5871] CPU: 0 PID: 5871 Comm: syz.0.494 Not tainted 5.15.189-syzkaller #0
[  118.178023][ T5871] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  118.180893][ T5871] Call trace:
[  118.181757][ T5871]  dump_backtrace+0x0/0x43c
[  118.182991][ T5871]  show_stack+0x2c/0x3c
[  118.184145][ T5871]  __dump_stack+0x30/0x40
[  118.185353][ T5871]  dump_stack_lvl+0xf8/0x160
[  118.186615][ T5871]  dump_stack+0x1c/0x5c
[  118.187719][ T5871]  should_fail+0x3c0/0x51c
[  118.189023][ T5871]  __should_failslab+0xbc/0x10c
[  118.190360][ T5871]  should_failslab+0x10/0x28
[  118.190640][ T5874] loop3: detected capacity change from 0 to 2048
[  118.191649][ T5871]  slab_pre_alloc_hook+0x64/0xec
[  118.194802][ T5871]  kmem_cache_alloc+0x94/0x3e4
[  118.196083][ T5871]  ptlock_alloc+0x28/0x78
[  118.197275][ T5871]  pte_alloc_one+0x70/0x248
[  118.198580][ T5871]  copy_huge_pmd+0x7c/0xb94
[  118.199858][ T5871]  copy_page_range+0x740/0x22b8
[  118.201187][ T5871]  copy_mm+0x9c8/0x1084
[  118.202342][ T5871]  copy_process+0x14d8/0x34ac
[  118.203625][ T5871]  kernel_clone+0x1d8/0x9d4
[  118.204843][ T5871]  __arm64_sys_clone+0x138/0x190
[  118.206190][ T5871]  invoke_syscall+0x98/0x2b8
[  118.207432][ T5871]  el0_svc_common+0x138/0x258
[  118.208678][ T5871]  do_el0_svc+0x58/0x14c
[  118.209852][ T5871]  el0_svc+0x78/0x1e0
[  118.210957][ T5871]  el0t_64_sync_handler+0xcc/0xe4
[  118.212296][ T5871]  el0t_64_sync+0x1a0/0x1a4
[  118.222721][ T5874] UDF-fs: error (device loop3): udf_process_sequence: Primary Volume Descriptor not found!
[  118.250881][ T5874] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  118.259536][ T5866] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  118.267877][ T5865] udc-core: couldn't find an available UDC or it's busy
[  118.269730][ T5865] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  118.311807][ T5858] fs-verity: sha256 using implementation "sha256-ce"
[  118.349361][ T5858] fs-verity (loop4, inode 16): fs-verity keyring is empty, rejecting signed file!
[  118.415608][ T5880] UDF-fs: bad mount option "mpo|=preve" or missing value
[  118.563907][ T5878] loop0: detected capacity change from 0 to 32768
[  118.633331][ T5878] JBD2: Ignoring recovery information on journal
[  118.695273][ T5883] udc-core: couldn't find an available UDC or it's busy
[  118.697145][ T5883] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  118.717676][ T5883] loop4: detected capacity change from 0 to 8
[  118.753526][ T5878] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  118.784562][ T4035] ocfs2: Unmounting device (7,0) on (node local)
[  118.856802][ T5887] binder: 5886:5887 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  118.860381][ T5887] binder: 5887 RLIMIT_NICE not set
[  118.908445][ T5888] FAULT_INJECTION: forcing a failure.
[  118.908445][ T5888] name failslab, interval 1, probability 0, space 0, times 0
[  118.912015][ T5888] CPU: 0 PID: 5888 Comm: syz.1.498 Not tainted 5.15.189-syzkaller #0
[  118.914261][ T5888] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  118.917047][ T5888] Call trace:
[  118.917962][ T5888]  dump_backtrace+0x0/0x43c
[  118.919280][ T5888]  show_stack+0x2c/0x3c
[  118.920456][ T5888]  __dump_stack+0x30/0x40
[  118.921748][ T5888]  dump_stack_lvl+0xf8/0x160
[  118.923033][ T5888]  dump_stack+0x1c/0x5c
[  118.924119][ T5888]  should_fail+0x3c0/0x51c
[  118.925287][ T5888]  __should_failslab+0xbc/0x10c
[  118.926597][ T5888]  should_failslab+0x10/0x28
[  118.927868][ T5888]  slab_pre_alloc_hook+0x64/0xec
[  118.929274][ T5888]  __kmalloc+0xbc/0x44c
[  118.930429][ T5888]  tomoyo_realpath_from_path+0xcc/0x510
[  118.931966][ T5888]  tomoyo_path_number_perm+0x1b0/0x518
[  118.933579][ T5888]  tomoyo_file_ioctl+0x2c/0x3c
[  118.934928][ T5888]  security_file_ioctl+0x80/0xbc
[  118.936293][ T5888]  __arm64_sys_ioctl+0xa8/0x1c8
[  118.937696][ T5888]  invoke_syscall+0x98/0x2b8
[  118.938990][ T5888]  el0_svc_common+0x138/0x258
[  118.940294][ T5888]  do_el0_svc+0x58/0x14c
[  118.941508][ T5888]  el0_svc+0x78/0x1e0
[  118.942599][ T5888]  el0t_64_sync_handler+0xcc/0xe4
[  118.944085][ T5888]  el0t_64_sync+0x1a0/0x1a4
[  118.992383][ T5888] ERROR: Out of memory at tomoyo_realpath_from_path.
[  118.994623][ T5887] binder: 5886:5887 ioctl c0306201 20000240 returned -14
[  119.063020][ T5892] binder: 5891:5892 unknown command 0
[  119.064473][ T5892] binder: 5891:5892 ioctl c0306201 20000780 returned -22
[  120.189723][ T5915] loop1: detected capacity change from 0 to 128
[  120.211933][ T5914] tipc: Enabling of bearer <eth:syzk> rejected, failed to enable media
[  120.217066][ T5914] device syzkaller0 entered promiscuous mode
[  120.223717][ T5915] ufs: You didn't specify the type of your ufs filesystem
[  120.223717][ T5915] 
[  120.223717][ T5915] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  120.223717][ T5915] 
[  120.223717][ T5915] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  120.254161][ T5917] device syzkaller0 entered promiscuous mode
[  120.257007][ T5915] ufs: ufs_fill_super(): fragment size 2066844866 is not a power of 2
[  120.265428][ T5921] binder: 5919:5921 got transaction to invalid handle, 1
[  120.267359][ T5921] binder: 5919:5921 transaction failed 29201/-22, size 0-0 line 2917
[  120.272455][   T21] binder: undelivered TRANSACTION_ERROR: 29201
[  120.351900][ T5914] udc-core: couldn't find an available UDC or it's busy
[  120.355273][ T5914] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  120.381657][ T5929] Cannot find set identified by id 2 to match
[  120.424451][ T5930] loop2: detected capacity change from 0 to 256
[  120.447976][ T5933] FAULT_INJECTION: forcing a failure.
[  120.447976][ T5933] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  120.451549][ T5933] CPU: 1 PID: 5933 Comm: syz.0.514 Not tainted 5.15.189-syzkaller #0
[  120.453745][ T5933] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  120.456466][ T5933] Call trace:
[  120.457341][ T5933]  dump_backtrace+0x0/0x43c
[  120.458511][ T5933]  show_stack+0x2c/0x3c
[  120.459614][ T5933]  __dump_stack+0x30/0x40
[  120.460768][ T5933]  dump_stack_lvl+0xf8/0x160
[  120.462023][ T5933]  dump_stack+0x1c/0x5c
[  120.463107][ T5933]  should_fail+0x3c0/0x51c
[  120.464253][ T5933]  should_fail_alloc_page+0x74/0xa8
[  120.465662][ T5933]  prepare_alloc_pages+0x160/0x460
[  120.467024][ T5933]  __alloc_pages+0x108/0x470
[  120.468246][ T5933]  alloc_pages_vma+0x284/0x7a8
[  120.469511][ T5933]  shmem_alloc_and_acct_page+0x38c/0xac4
[  120.471014][ T5933]  shmem_getpage_gfp+0x1028/0x1ef0
[  120.472444][ T5933]  shmem_write_begin+0xe0/0x29c
[  120.473749][ T5933]  generic_perform_write+0x204/0x480
[  120.475180][ T5933]  __generic_file_write_iter+0x23c/0x454
[  120.476705][ T5933]  generic_file_write_iter+0xb0/0x1b4
[  120.478205][ T5933]  vfs_write+0x7c8/0xa2c
[  120.479324][ T5933]  ksys_write+0x120/0x210
[  120.480532][ T5933]  __arm64_sys_write+0x7c/0x90
[  120.481805][ T5933]  invoke_syscall+0x98/0x2b8
[  120.483088][ T5933]  el0_svc_common+0x138/0x258
[  120.484331][ T5933]  do_el0_svc+0x58/0x14c
[  120.485465][ T5933]  el0_svc+0x78/0x1e0
[  120.486544][ T5933]  el0t_64_sync_handler+0xcc/0xe4
[  120.487880][ T5933]  el0t_64_sync+0x1a0/0x1a4
[  120.493822][ T5930] exfat: Unknown parameter 'syzkaller'
[  120.529532][ T5935] udc-core: couldn't find an available UDC or it's busy
[  120.531730][ T5935] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  120.532719][ T5937] binder: 5936:5937 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  120.535938][ T5935] loop4: detected capacity change from 0 to 8
[  120.539287][ T5937] binder: 5937 RLIMIT_NICE not set
[  120.584219][ T5937] binder: 5936:5937 ioctl c0306201 20000240 returned -14
[  120.651321][ T5945] binder: 5944:5945 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  120.655234][ T5945] binder: 5945 RLIMIT_NICE not set
[  120.712409][ T5946] FAULT_INJECTION: forcing a failure.
[  120.712409][ T5946] name failslab, interval 1, probability 0, space 0, times 0
[  120.715884][ T5946] CPU: 1 PID: 5946 Comm: syz.0.519 Not tainted 5.15.189-syzkaller #0
[  120.717966][ T5946] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  120.720633][ T5946] Call trace:
[  120.721501][ T5946]  dump_backtrace+0x0/0x43c
[  120.722714][ T5946]  show_stack+0x2c/0x3c
[  120.723835][ T5946]  __dump_stack+0x30/0x40
[  120.724976][ T5946]  dump_stack_lvl+0xf8/0x160
[  120.726186][ T5946]  dump_stack+0x1c/0x5c
[  120.727311][ T5946]  should_fail+0x3c0/0x51c
[  120.728515][ T5946]  __should_failslab+0xbc/0x10c
[  120.729895][ T5946]  should_failslab+0x10/0x28
[  120.731253][ T5946]  slab_pre_alloc_hook+0x64/0xec
[  120.732590][ T5946]  __kmalloc+0xbc/0x44c
[  120.733704][ T5946]  tomoyo_encode+0x274/0x4a4
[  120.734977][ T5946]  tomoyo_realpath_from_path+0x4bc/0x510
[  120.736525][ T5946]  tomoyo_path_number_perm+0x1b0/0x518
[  120.738010][ T5946]  tomoyo_file_ioctl+0x2c/0x3c
[  120.739404][ T5946]  security_file_ioctl+0x80/0xbc
[  120.740733][ T5946]  __arm64_sys_ioctl+0xa8/0x1c8
[  120.742066][ T5946]  invoke_syscall+0x98/0x2b8
[  120.743297][ T5946]  el0_svc_common+0x138/0x258
[  120.744614][ T5946]  do_el0_svc+0x58/0x14c
[  120.745769][ T5946]  el0_svc+0x78/0x1e0
[  120.746845][ T5946]  el0t_64_sync_handler+0xcc/0xe4
[  120.748266][ T5946]  el0t_64_sync+0x1a0/0x1a4
[  120.767155][ T5946] ERROR: Out of memory at tomoyo_realpath_from_path.
[  120.773368][ T5949] x_tables: ip_tables: bpf.1 match: invalid size 528 (kernel) != (user) 536
[  120.776171][ T5945] binder: 5944:5945 ioctl c0306201 20000240 returned -14
[  120.882223][ T5952] rdma_rxe: rxe_register_device failed with error -23
[  120.885809][ T5952] rdma_rxe: failed to add lo
[  121.584476][ T5949] binder: 5948:5949 got transaction to invalid handle, 1
[  121.586479][ T5949] binder: 5948:5949 transaction failed 29201/-22, size 0-0 line 2917
[  121.663635][   T21] binder: undelivered TRANSACTION_ERROR: 29201
[  121.747873][ T5963] binder: 5961:5963 got reply transaction with no transaction stack
[  121.750106][ T5963] binder: 5961:5963 transaction failed 29201/-71, size 0-0 line 2822
[  121.795714][ T5963] binder: 5961:5963 ioctl c0306201 20000240 returned -14
[  121.858140][ T5977] binder: BC_ATTEMPT_ACQUIRE not supported
[  121.859826][ T5977] binder: 5961:5977 ioctl c0306201 20000540 returned -22
[  121.875233][ T5976] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  121.914029][ T5958] loop2: detected capacity change from 0 to 512
[  121.950344][ T5976] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  122.007226][ T5958] EXT4-fs (loop2): 1 orphan inode deleted
[  122.009009][ T5958] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  122.224514][ T5981] loop4: detected capacity change from 0 to 32768
[  122.237789][ T5988] loop2: detected capacity change from 0 to 512
[  122.244861][ T5988] EXT2-fs (loop2): error: revision level too high, forcing read-only mode
[  122.386482][ T5969] loop1: detected capacity change from 0 to 32768
[  122.398258][ T5981] JBD2: Ignoring recovery information on journal
[  122.445462][ T5969] jfs: Unrecognized mount option "/sys/kernel/debug/sync/info" or missing value
[  122.464167][ T5981] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  123.407118][ T6002] loop0: detected capacity change from 0 to 128
[  123.523450][ T6002] ufs: You didn't specify the type of your ufs filesystem
[  123.523450][ T6002] 
[  123.523450][ T6002] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  123.523450][ T6002] 
[  123.523450][ T6002] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  123.573249][ T6002] ufs: ufs_fill_super(): fragment size 2066844866 is not a power of 2
[  123.700313][ T6008] udc-core: couldn't find an available UDC or it's busy
[  123.713076][ T6013] rdma_rxe: rxe_register_device failed with error -23
[  123.715963][ T6008] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  123.722802][ T6013] rdma_rxe: failed to add lo
[  123.725128][ T6008] loop2: detected capacity change from 0 to 8
[  123.842887][ T6015] binder: 6014:6015 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  123.846585][ T6015] binder: 6015 RLIMIT_NICE not set
[  123.896512][ T6015] binder: 6014:6015 ioctl c0306201 20000240 returned -14
[  123.980683][ T6021] netlink: 24 bytes leftover after parsing attributes in process `syz.3.544'.
[  124.083240][ T5981] (syz.4.530,5981,1):ocfs2_remount:624 ERROR: Cannot change heartbeat mode on remount
[  124.215222][ T4048] ocfs2: Unmounting device (7,4) on (node local)
[  124.262309][ T6027] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  124.270511][ T6029] loop3: detected capacity change from 0 to 512
[  124.313501][ T6029] EXT2-fs (loop3): error: revision level too high, forcing read-only mode
[  124.343209][ T6027] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  124.502080][ T6032] binder: 6030:6032 got transaction to invalid handle, 1
[  124.511813][ T6032] binder: 6030:6032 transaction failed 29201/-22, size 0-0 line 2917
[  124.523302][ T4148] binder: undelivered TRANSACTION_ERROR: 29201
[  126.406484][ T6055] device syzkaller0 entered promiscuous mode
[  126.435461][ T6058] binder: 6057:6058 IncRefs 0 refcount change on invalid ref 0 ret -22
[  126.480569][ T6058] binder: 6057:6058 ioctl c0306201 20000540 returned -14
[  126.551857][ T6062] binder: 6061:6062 got reply transaction with no transaction stack
[  126.559566][ T6062] binder: 6061:6062 transaction failed 29201/-71, size 0-0 line 2822
[  126.564835][ T6062] binder: 6061:6062 ioctl c0306201 20000240 returned -14
[  126.621692][ T6060] udc-core: couldn't find an available UDC or it's busy
[  126.623966][ T6060] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  126.629725][ T6060] loop2: detected capacity change from 0 to 8
[  126.638445][ T6067] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  126.702928][ T6067] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  126.817898][ T6070] device syzkaller0 entered promiscuous mode
[  127.109243][ T6077] loop1: detected capacity change from 0 to 32768
[  127.160756][ T6077] JBD2: Ignoring recovery information on journal
[  127.224812][ T6077] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  127.295587][ T4034] ocfs2: Unmounting device (7,1) on (node local)
[  127.625407][ T6110] FAULT_INJECTION: forcing a failure.
[  127.625407][ T6110] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  127.638807][ T6110] CPU: 0 PID: 6110 Comm: syz.1.573 Not tainted 5.15.189-syzkaller #0
[  127.641052][ T6110] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  127.643753][ T6110] Call trace:
[  127.644628][ T6110]  dump_backtrace+0x0/0x43c
[  127.645857][ T6110]  show_stack+0x2c/0x3c
[  127.647004][ T6110]  __dump_stack+0x30/0x40
[  127.648170][ T6110]  dump_stack_lvl+0xf8/0x160
[  127.649413][ T6110]  dump_stack+0x1c/0x5c
[  127.650544][ T6110]  should_fail+0x3c0/0x51c
[  127.651735][ T6110]  should_fail_alloc_page+0x74/0xa8
[  127.653181][ T6110]  prepare_alloc_pages+0x160/0x460
[  127.654543][ T6110]  __alloc_pages+0x108/0x470
[  127.655800][ T6110]  alloc_pages_vma+0x284/0x7a8
[  127.657105][ T6110]  shmem_alloc_and_acct_page+0x38c/0xac4
[  127.658646][ T6110]  shmem_getpage_gfp+0x1028/0x1ef0
[  127.660068][ T6110]  shmem_write_begin+0xe0/0x29c
[  127.661398][ T6110]  generic_perform_write+0x204/0x480
[  127.662827][ T6110]  __generic_file_write_iter+0x23c/0x454
[  127.664324][ T6110]  generic_file_write_iter+0xb0/0x1b4
[  127.665782][ T6110]  vfs_write+0x7c8/0xa2c
[  127.666918][ T6110]  ksys_write+0x120/0x210
[  127.668115][ T6110]  __arm64_sys_write+0x7c/0x90
[  127.669453][ T6110]  invoke_syscall+0x98/0x2b8
[  127.670720][ T6110]  el0_svc_common+0x138/0x258
[  127.672002][ T6110]  do_el0_svc+0x58/0x14c
[  127.673153][ T6110]  el0_svc+0x78/0x1e0
[  127.674199][ T6110]  el0t_64_sync_handler+0xcc/0xe4
[  127.675582][ T6110]  el0t_64_sync+0x1a0/0x1a4
[  127.678110][ T6104] rdma_rxe: rxe_register_device failed with error -23
[  127.680198][ T6104] rdma_rxe: failed to add lo
[  127.825738][ T6120] FAULT_INJECTION: forcing a failure.
[  127.825738][ T6120] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  127.829268][ T6120] CPU: 1 PID: 6120 Comm: syz.0.577 Not tainted 5.15.189-syzkaller #0
[  127.831366][ T6120] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  127.834079][ T6120] Call trace:
[  127.834975][ T6120]  dump_backtrace+0x0/0x43c
[  127.836193][ T6120]  show_stack+0x2c/0x3c
[  127.837341][ T6120]  __dump_stack+0x30/0x40
[  127.838515][ T6120]  dump_stack_lvl+0xf8/0x160
[  127.839761][ T6120]  dump_stack+0x1c/0x5c
[  127.840916][ T6120]  should_fail+0x3c0/0x51c
[  127.842098][ T6120]  should_fail_usercopy+0x20/0x30
[  127.843265][ T6117] tipc: Enabling of bearer <eth:syzk> rejected, failed to enable media
[  127.843439][ T6120]  binder_ioctl_write_read+0x104/0xaad8
[  127.847090][ T6120]  binder_ioctl+0x38c/0x1c98
[  127.848323][ T6120]  __arm64_sys_ioctl+0x14c/0x1c8
[  127.849633][ T6120]  invoke_syscall+0x98/0x2b8
[  127.849736][ T6117] device syzkaller0 entered promiscuous mode
[  127.850864][ T6120]  el0_svc_common+0x138/0x258
[  127.853609][ T6120]  do_el0_svc+0x58/0x14c
[  127.854721][ T6120]  el0_svc+0x78/0x1e0
[  127.855842][ T6120]  el0t_64_sync_handler+0xcc/0xe4
[  127.857190][ T6120]  el0t_64_sync+0x1a0/0x1a4
[  127.983070][ T6117] udc-core: couldn't find an available UDC or it's busy
[  127.985269][ T6117] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  128.036560][ T6096] loop2: detected capacity change from 0 to 40427
[  128.058103][ T6120] binder: 6119:6120 ioctl c0306201 20000780 returned -14
[  128.094590][ T6125] binder: 6124:6125 got reply transaction with no transaction stack
[  128.099029][ T6125] binder: 6124:6125 transaction failed 29201/-71, size 0-0 line 2822
[  128.102143][ T4101] binder: undelivered TRANSACTION_ERROR: 29201
[  128.105713][ T6096] F2FS-fs (loop2): build fault injection attr: rate: 771, type: 0x1ffff
[  128.231068][ T6126] rdma_rxe: rxe_register_device failed with error -23
[  128.234800][ T6126] rdma_rxe: failed to add lo
[  128.844691][ T6096] F2FS-fs (loop2): invalid crc value
[  128.934428][ T6096] F2FS-fs (loop2): Found nat_bits in checkpoint
[  128.953057][ T6132] binder: 6131:6132 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  128.959407][ T6132] binder: 6132 RLIMIT_NICE not set
[  128.975884][ T6096] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  129.004320][ T6134] FAULT_INJECTION: forcing a failure.
[  129.004320][ T6134] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  129.009093][ T6096] sch_tbf: burst 32855 is lower than device lo mtu (65550) !
[  129.014029][ T6134] CPU: 0 PID: 6134 Comm: syz.4.581 Not tainted 5.15.189-syzkaller #0
[  129.016282][ T6134] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  129.019060][ T6134] Call trace:
[  129.019935][ T6134]  dump_backtrace+0x0/0x43c
[  129.021184][ T6134]  show_stack+0x2c/0x3c
[  129.022292][ T6134]  __dump_stack+0x30/0x40
[  129.023491][ T6134]  dump_stack_lvl+0xf8/0x160
[  129.024778][ T6134]  dump_stack+0x1c/0x5c
[  129.025929][ T6134]  should_fail+0x3c0/0x51c
[  129.027129][ T6134]  should_fail_usercopy+0x20/0x30
[  129.028557][ T6134]  binder_ioctl_write_read+0x104/0xaad8
[  129.029067][ T6136] loop0: detected capacity change from 0 to 128
[  129.030208][ T6134]  binder_ioctl+0x38c/0x1c98
[  129.033119][ T6134]  __arm64_sys_ioctl+0x14c/0x1c8
[  129.034495][ T6134]  invoke_syscall+0x98/0x2b8
[  129.035857][ T6134]  el0_svc_common+0x138/0x258
[  129.037148][ T6134]  do_el0_svc+0x58/0x14c
[  129.038353][ T6134]  el0_svc+0x78/0x1e0
[  129.039489][ T6134]  el0t_64_sync_handler+0xcc/0xe4
[  129.040794][ T6134]  el0t_64_sync+0x1a0/0x1a4
[  129.065136][ T6134] binder: 6131:6134 ioctl c0306201 20000540 returned -14
[  129.088517][ T6139] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  129.095720][ T6136] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  129.096646][ T6137] tipc: Disabling bearer <eth:syzkaller0>
[  129.118804][ T6136] binder: 6135:6136 tried to acquire reference to desc 0, got 1 instead
[  129.124129][ T6136] binder: 6135:6136 got transaction with invalid offsets ptr
[  129.129862][ T6136] binder: 6135:6136 transaction failed 29201/-22, size 104-24 line 3417
[  129.409317][ T6121] loop1: detected capacity change from 0 to 32768
[  130.381272][ T6149] rdma_rxe: rxe_register_device failed with error -23
[  130.383439][ T6149] rdma_rxe: failed to add lo
[  130.480618][ T6160] device syzkaller0 entered promiscuous mode
[  130.487769][ T6165] loop2: detected capacity change from 0 to 128
[  130.510634][ T6163] loop1: detected capacity change from 0 to 1024
[  130.533313][ T6165] ufs: You didn't specify the type of your ufs filesystem
[  130.533313][ T6165] 
[  130.533313][ T6165] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  130.533313][ T6165] 
[  130.533313][ T6165] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  130.558765][ T6165] ufs: ufs_fill_super(): fragment size 2066844866 is not a power of 2
[  130.571989][ T6163] EXT4-fs (loop1): mounted filesystem without journal. Opts: noblock_validity,,errors=continue. Quota mode: none.
[  130.579534][ T4148] binder: undelivered TRANSACTION_ERROR: 29201
[  130.745721][ T6173] tipc: Enabling of bearer <eth:syzk> rejected, failed to enable media
[  130.749756][ T6173] device syzkaller0 entered promiscuous mode
[  130.753415][ T6176] binder: 6175:6176 got reply transaction with no transaction stack
[  130.756472][ T6176] binder: 6175:6176 transaction failed 29201/-71, size 0-0 line 2822
[  130.785729][ T6176] binder: 6175:6176 ioctl c0306201 20000240 returned -14
[  130.886957][ T6173] udc-core: couldn't find an available UDC or it's busy
[  130.888902][ T6173] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  131.071288][ T6176] loop1: detected capacity change from 0 to 32768
[  131.679600][ T6183] loop0: detected capacity change from 0 to 32768
[  131.684298][ T2054] ieee802154 phy0 wpan0: encryption failed: -22
[  131.686186][ T2054] ieee802154 phy1 wpan1: encryption failed: -22
[  131.760370][ T6188] FAULT_INJECTION: forcing a failure.
[  131.760370][ T6188] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  131.764097][ T6188] CPU: 0 PID: 6188 Comm: syz.2.597 Not tainted 5.15.189-syzkaller #0
[  131.766270][ T6188] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  131.768970][ T6188] Call trace:
[  131.769856][ T6188]  dump_backtrace+0x0/0x43c
[  131.771178][ T6188]  show_stack+0x2c/0x3c
[  131.772220][ T6188]  __dump_stack+0x30/0x40
[  131.773394][ T6188]  dump_stack_lvl+0xf8/0x160
[  131.774620][ T6188]  dump_stack+0x1c/0x5c
[  131.775766][ T6188]  should_fail+0x3c0/0x51c
[  131.776946][ T6188]  should_fail_usercopy+0x20/0x30
[  131.778335][ T6188]  copy_page_from_iter_atomic+0x3b8/0x1214
[  131.779871][ T6188]  generic_perform_write+0x284/0x480
[  131.781284][ T6188]  __generic_file_write_iter+0x23c/0x454
[  131.782831][ T6188]  generic_file_write_iter+0xb0/0x1b4
[  131.784293][ T6188]  vfs_write+0x7c8/0xa2c
[  131.785430][ T6188]  ksys_write+0x120/0x210
[  131.786576][ T6188]  __arm64_sys_write+0x7c/0x90
[  131.787987][ T6188]  invoke_syscall+0x98/0x2b8
[  131.789249][ T6188]  el0_svc_common+0x138/0x258
[  131.790580][ T6188]  do_el0_svc+0x58/0x14c
[  131.791764][ T6188]  el0_svc+0x78/0x1e0
[  131.792921][ T6188]  el0t_64_sync_handler+0xcc/0xe4
[  131.794320][ T6188]  el0t_64_sync+0x1a0/0x1a4
[  131.805521][ T6188] loop2: detected capacity change from 0 to 1024
[  131.846541][ T6176] XFS: attr2 mount option is deprecated.
[  131.852089][ T6183] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop0 scanned by syz.0.595 (6183)
[  131.867582][ T6188] hfsplus: unable to parse mount options
[  131.878938][ T6176] XFS (loop1): Mounting V5 Filesystem
[  131.891400][ T6183] BTRFS error (device loop0): unsupported checksum algorithm: 256
[  131.897905][ T6183] BTRFS error (device loop0): open_ctree failed: -22
[  131.898446][ T6191] loop3: detected capacity change from 0 to 4096
[  131.928560][ T6180] ufs: You didn't specify the type of your ufs filesystem
[  131.928560][ T6180] 
[  131.928560][ T6180] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  131.928560][ T6180] 
[  131.928560][ T6180] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  131.937098][ T6180] ufs: ufstype=old is supported read-only
[  131.940440][  T149] block nbd0: Attempted send on invalid socket
[  131.942163][  T149] blk_update_request: I/O error, dev nbd0, sector 16 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  131.954847][ T6191] ntfs3: loop3: Different NTFS' sector size (2048) and media sector size (512)
[  131.960199][ T6176] XFS (loop1): Ending clean mount
[  131.977259][ T6176] XFS (loop1): Quotacheck needed: Please wait.
[  132.025839][ T6191] ntfs3: loop3: Failed to load $Extend.
[  132.027798][ T6176] XFS (loop1): Quotacheck: Done.
[  132.048466][ T6200] overlayfs: failed to resolve './file0': -2
[  132.088174][ T6191] ntfs3: loop3: ino=5, "/" directory corrupted
[  132.088861][ T6205] netlink: 20 bytes leftover after parsing attributes in process `syz.1.594'.
[  132.094914][ T6191] ntfs3: loop3: ino=5, "/" directory corrupted
[  132.125067][ T4028] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop0 scanned by udevd (4028)
[  132.313395][ T6209] rdma_rxe: rxe_register_device failed with error -23
[  132.315469][ T6209] rdma_rxe: failed to add lo
[  132.407457][ T4034] XFS (loop1): Unmounting Filesystem
[  132.460488][ T6222] device syzkaller0 entered promiscuous mode
[  132.758156][ T6231] loop3: detected capacity change from 0 to 1024
[  132.760959][ T6231] hfsplus: unable to parse mount options
[  133.496589][ T6234] tipc: Enabling of bearer <eth:syzk> rejected, failed to enable media
[  133.697026][ T6234] device syzkaller0 entered promiscuous mode
[  133.740205][ T6239] overlayfs: failed to resolve './file0': -2
[  133.863946][ T6243] rdma_rxe: rxe_register_device failed with error -23
[  133.867454][ T6243] rdma_rxe: failed to add lo
[  134.564017][ T6234] udc-core: couldn't find an available UDC or it's busy
[  134.581244][ T6234] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  134.651652][ T6247] FAULT_INJECTION: forcing a failure.
[  134.651652][ T6247] name failslab, interval 1, probability 0, space 0, times 0
[  134.682410][ T6247] CPU: 1 PID: 6247 Comm: syz.1.614 Not tainted 5.15.189-syzkaller #0
[  134.684676][ T6247] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  134.687422][ T6247] Call trace:
[  134.688333][ T6247]  dump_backtrace+0x0/0x43c
[  134.689565][ T6247]  show_stack+0x2c/0x3c
[  134.690698][ T6247]  __dump_stack+0x30/0x40
[  134.691901][ T6247]  dump_stack_lvl+0xf8/0x160
[  134.693151][ T6247]  dump_stack+0x1c/0x5c
[  134.694264][ T6247]  should_fail+0x3c0/0x51c
[  134.695676][ T6247]  __should_failslab+0xbc/0x10c
[  134.697017][ T6247]  should_failslab+0x10/0x28
[  134.698301][ T6247]  slab_pre_alloc_hook+0x64/0xec
[  134.699648][ T6247]  kmem_cache_alloc+0x94/0x3e4
[  134.700923][ T6247]  ptlock_alloc+0x28/0x78
[  134.702091][ T6247]  pte_alloc_one+0x70/0x248
[  134.703347][ T6247]  copy_huge_pmd+0x7c/0xb94
[  134.704613][ T6247]  copy_page_range+0x740/0x22b8
[  134.705962][ T6247]  copy_mm+0x9c8/0x1084
[  134.707073][ T6247]  copy_process+0x14d8/0x34ac
[  134.708351][ T6247]  kernel_clone+0x1d8/0x9d4
[  134.709569][ T6247]  __arm64_sys_clone+0x138/0x190
[  134.710935][ T6247]  invoke_syscall+0x98/0x2b8
[  134.712212][ T6247]  el0_svc_common+0x138/0x258
[  134.713498][ T6247]  do_el0_svc+0x58/0x14c
[  134.714628][ T6247]  el0_svc+0x78/0x1e0
[  134.715702][ T6247]  el0t_64_sync_handler+0xcc/0xe4
[  134.717084][ T6247]  el0t_64_sync+0x1a0/0x1a4
[  134.992052][ T6260] rdma_rxe: rxe_register_device failed with error -23
[  134.995895][ T6260] rdma_rxe: failed to add lo
[  135.050296][ T6263] netlink: 28 bytes leftover after parsing attributes in process `syz.1.618'.
[  135.156884][ T6253] loop3: detected capacity change from 0 to 8192
[  135.165970][ T6264] binder: 6262:6264 ioctl c0306201 20000080 returned -14
[  135.256205][ T6266] binder: 6265:6266 got transaction to invalid handle, 1
[  135.287322][ T6266] binder: 6265:6266 transaction failed 29201/-22, size 0-0 line 2917
[  135.314134][   T13] binder: undelivered TRANSACTION_ERROR: 29201
[  135.322610][ T6253] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal
[  135.339215][ T6253] REISERFS (device loop3): using ordered data mode
[  135.350886][ T6253] reiserfs: using flush barriers
[  135.380566][ T6253] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  135.386558][ T6269] device syzkaller0 entered promiscuous mode
[  135.430735][ T6253] REISERFS (device loop3): checking transaction log (loop3)
[  136.539111][ T6283] overlayfs: failed to resolve './file0': -2
[  136.719061][ T6286] binder: 6284:6286 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  136.764654][ T6286] binder: 6286 RLIMIT_NICE not set
[  136.918529][ T6295] rdma_rxe: rxe_register_device failed with error -23
[  136.922243][ T6295] rdma_rxe: failed to add lo
[  137.533835][ T6253] REISERFS (device loop3): Using tea hash to sort names
[  137.536098][ T6253] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage.
[  137.581116][ T6296] FAULT_INJECTION: forcing a failure.
[  137.581116][ T6296] name failslab, interval 1, probability 0, space 0, times 0
[  137.624351][ T6296] CPU: 1 PID: 6296 Comm: syz.0.626 Not tainted 5.15.189-syzkaller #0
[  137.626651][ T6296] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  137.629398][ T6296] Call trace:
[  137.630345][ T6296]  dump_backtrace+0x0/0x43c
[  137.631577][ T6296]  show_stack+0x2c/0x3c
[  137.632780][ T6296]  __dump_stack+0x30/0x40
[  137.633994][ T6296]  dump_stack_lvl+0xf8/0x160
[  137.635258][ T6296]  dump_stack+0x1c/0x5c
[  137.636396][ T6296]  should_fail+0x3c0/0x51c
[  137.637676][ T6296]  __should_failslab+0xbc/0x10c
[  137.638994][ T6296]  should_failslab+0x10/0x28
[  137.640201][ T6296]  slab_pre_alloc_hook+0x64/0xec
[  137.641537][ T6296]  kmem_cache_alloc_trace+0x98/0x3fc
[  137.642992][ T6296]  binder_ioctl_write_read+0x12e4/0xaad8
[  137.644498][ T6296]  binder_ioctl+0x38c/0x1c98
[  137.645754][ T6296]  __arm64_sys_ioctl+0x14c/0x1c8
[  137.647087][ T6296]  invoke_syscall+0x98/0x2b8
[  137.648340][ T6296]  el0_svc_common+0x138/0x258
[  137.649674][ T6296]  do_el0_svc+0x58/0x14c
[  137.650815][ T6296]  el0_svc+0x78/0x1e0
[  137.651882][ T6296]  el0t_64_sync_handler+0xcc/0xe4
[  137.653238][ T6296]  el0t_64_sync+0x1a0/0x1a4
[  137.758940][ T6301] netlink: 28 bytes leftover after parsing attributes in process `syz.4.631'.
[  137.811679][ T6296] binder: 6284:6296 BC_REQUEST_DEATH_NOTIFICATION failed
[  137.823126][ T4162] binder: undelivered TRANSACTION_ERROR: 2147774976
[  137.898712][ T6308] tipc: Enabling of bearer <eth:syzk> rejected, failed to enable media
[  137.923040][ T6308] device syzkaller0 entered promiscuous mode
[  138.677487][ T6318] rdma_rxe: rxe_register_device failed with error -23
[  138.679487][ T6318] rdma_rxe: failed to add lo
[  139.183535][ T6308] udc-core: couldn't find an available UDC or it's busy
[  139.185447][ T6308] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  139.349549][ T6320] device syzkaller0 entered promiscuous mode
[  139.568508][ T6323] device syzkaller0 entered promiscuous mode
[  139.662578][ T6329] device syzkaller0 entered promiscuous mode
[  140.619128][ T6335] overlayfs: failed to resolve './file0': -2
[  140.727550][ T6340] binder: 6339:6340 got reply transaction with no transaction stack
[  140.729726][ T6340] binder: 6339:6340 transaction failed 29201/-71, size 0-0 line 2822
[  140.771653][ T6340] binder: 6339:6340 ioctl c0306201 20000240 returned -14
[  140.806075][ T6342] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  140.811829][ T6344] binder: 6343:6344 got reply transaction with no transaction stack
[  140.827076][ T6344] binder: 6343:6344 transaction failed 29201/-71, size 0-0 line 2822
[  140.838009][ T4115] binder: undelivered TRANSACTION_ERROR: 29201
[  140.875045][ T6342] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  140.882965][ T4080] wlan1: authenticate with 08:02:11:00:00:00
[  140.885384][ T4080] wlan1: send auth to 08:02:11:00:00:00 (try 1/3)
[  140.967313][ T6354] binder: 6353:6354 got transaction to invalid handle, 1
[  140.982024][ T6354] binder: 6353:6354 transaction failed 29201/-22, size 0-0 line 2917
[  140.992317][ T1855] wlan1: send auth to 08:02:11:00:00:00 (try 2/3)
[  140.997577][ T6354] FAULT_INJECTION: forcing a failure.
[  140.997577][ T6354] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  141.016653][ T6354] CPU: 1 PID: 6354 Comm: syz.3.646 Not tainted 5.15.189-syzkaller #0
[  141.018872][ T6354] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  141.021551][ T6354] Call trace:
[  141.022425][ T6354]  dump_backtrace+0x0/0x43c
[  141.023592][ T6354]  show_stack+0x2c/0x3c
[  141.024732][ T6354]  __dump_stack+0x30/0x40
[  141.025893][ T6354]  dump_stack_lvl+0xf8/0x160
[  141.027093][ T6354]  dump_stack+0x1c/0x5c
[  141.028177][ T6354]  should_fail+0x3c0/0x51c
[  141.029338][ T6354]  should_fail_usercopy+0x20/0x30
[  141.030692][ T6354]  simple_read_from_buffer+0xd0/0x264
[  141.032114][ T6354]  proc_fail_nth_read+0x19c/0x244
[  141.033489][ T6354]  vfs_read+0x278/0xa10
[  141.034582][ T6354]  ksys_read+0x120/0x210
[  141.035755][ T6354]  __arm64_sys_read+0x7c/0x90
[  141.037062][ T6354]  invoke_syscall+0x98/0x2b8
[  141.038298][ T6354]  el0_svc_common+0x138/0x258
[  141.039580][ T6354]  do_el0_svc+0x58/0x14c
[  141.040708][ T6354]  el0_svc+0x78/0x1e0
[  141.041776][ T6354]  el0t_64_sync_handler+0xcc/0xe4
[  141.043137][ T6354]  el0t_64_sync+0x1a0/0x1a4
[  141.122243][ T5740] wlan1: send auth to 08:02:11:00:00:00 (try 3/3)
[  141.206499][ T4162] binder: undelivered TRANSACTION_ERROR: 29201
[  141.252286][ T4266] wlan1: authentication with 08:02:11:00:00:00 timed out
[  142.005762][ T6360] loop0: detected capacity change from 0 to 8192
[  142.099179][ T6367] loop4: detected capacity change from 0 to 1024
[  142.154107][ T6366] device syzkaller0 entered promiscuous mode
[  142.195100][ T6360] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal
[  142.197775][ T6360] REISERFS (device loop0): using ordered data mode
[  142.199440][ T6360] reiserfs: using flush barriers
[  142.201696][ T6360] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  142.218248][ T6360] REISERFS (device loop0): checking transaction log (loop0)
[  142.233560][ T6367] hfsplus: unable to parse mount options
[  142.280111][ T6372] rdma_rxe: rxe_register_device failed with error -23
[  142.282101][ T6372] rdma_rxe: failed to add lo
[  142.645563][ T6374] tipc: Enabling of bearer <eth:syzk> rejected, failed to enable media
[  142.654865][ T6360] REISERFS (device loop0): Using tea hash to sort names
[  142.667388][ T6360] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage.
[  142.674168][ T6374] device syzkaller0 entered promiscuous mode
[  142.800478][ T6379] device syzkaller0 entered promiscuous mode
[  142.863868][ T6374] udc-core: couldn't find an available UDC or it's busy
[  142.874099][ T6374] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  143.028969][ T6350] loop1: detected capacity change from 0 to 32768
[  143.113033][ T6350] JBD2: Ignoring recovery information on journal
[  143.214133][ T6397] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  143.272795][   T25] wlan1: authenticate with 08:02:11:00:00:00
[  143.275333][   T25] wlan1: send auth to 08:02:11:00:00:00 (try 1/3)
[  143.281318][ T6350] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  143.309019][ T6397] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  143.382321][ T4266] wlan1: send auth to 08:02:11:00:00:00 (try 2/3)
[  143.409926][ T6407] device syzkaller0 entered promiscuous mode
[  143.499518][ T4266] wlan1: send auth to 08:02:11:00:00:00 (try 3/3)
[  143.750912][ T1855] wlan1: authentication with 08:02:11:00:00:00 timed out
[  144.057453][ T6416] rdma_rxe: rxe_register_device failed with error -23
[  144.062514][ T6416] rdma_rxe: failed to add lo
[  144.550912][ T6420] binder: 6419:6420 unknown command 0
[  144.562301][ T6420] binder: 6419:6420 ioctl c0306201 20000780 returned -22
[  144.586277][ T6422] netlink: 12 bytes leftover after parsing attributes in process `syz.2.667'.
[  144.606311][ T4034] ocfs2: Unmounting device (7,1) on (node local)
[  144.640243][ T6425] device syzkaller0 entered promiscuous mode
[  144.659260][ T6422] netlink: 23932 bytes leftover after parsing attributes in process `syz.2.667'.
[  144.795236][ T6436] loop0: detected capacity change from 0 to 256
[  144.807233][ T6437] tipc: Enabling of bearer <eth:syzk> rejected, failed to enable media
[  144.815246][ T6437] device syzkaller0 entered promiscuous mode
[  144.869349][ T6441] FAULT_INJECTION: forcing a failure.
[  144.869349][ T6441] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  144.872923][ T6441] CPU: 1 PID: 6441 Comm: syz.1.672 Not tainted 5.15.189-syzkaller #0
[  144.875002][ T6441] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  144.877579][ T6441] Call trace:
[  144.878407][ T6441]  dump_backtrace+0x0/0x43c
[  144.879589][ T6441]  show_stack+0x2c/0x3c
[  144.880695][ T6441]  __dump_stack+0x30/0x40
[  144.881860][ T6441]  dump_stack_lvl+0xf8/0x160
[  144.883124][ T6441]  dump_stack+0x1c/0x5c
[  144.884247][ T6441]  should_fail+0x3c0/0x51c
[  144.885452][ T6441]  should_fail_usercopy+0x20/0x30
[  144.886822][ T6441]  copy_page_from_iter_atomic+0x3b8/0x1214
[  144.888397][ T6441]  generic_perform_write+0x284/0x480
[  144.889830][ T6441]  __generic_file_write_iter+0x23c/0x454
[  144.891344][ T6441]  generic_file_write_iter+0xb0/0x1b4
[  144.892795][ T6441]  vfs_write+0x7c8/0xa2c
[  144.893950][ T6441]  ksys_write+0x120/0x210
[  144.895105][ T6441]  __arm64_sys_write+0x7c/0x90
[  144.896388][ T6441]  invoke_syscall+0x98/0x2b8
[  144.897624][ T6441]  el0_svc_common+0x138/0x258
[  144.898891][ T6441]  do_el0_svc+0x58/0x14c
[  144.900033][ T6441]  el0_svc+0x78/0x1e0
[  144.901115][ T6441]  el0t_64_sync_handler+0xcc/0xe4
[  144.902469][ T6441]  el0t_64_sync+0x1a0/0x1a4
[  144.918376][ T6436] FAT-fs (loop0): error, corrupted directory (invalid entries)
[  144.925966][ T6436] FAT-fs (loop0): Filesystem has been set read-only
[  144.930984][ T6437] udc-core: couldn't find an available UDC or it's busy
[  144.934199][ T6437] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  144.935207][ T6436] FAT-fs (loop0): error, corrupted directory (invalid entries)
[  144.945530][ T6436] FAT-fs (loop0): error, corrupted directory (invalid entries)
[  144.953370][ T6436] FAT-fs (loop0): error, corrupted directory (invalid entries)
[  144.956546][ T6436] FAT-fs (loop0): error, corrupted directory (invalid entries)
[  144.989256][ T6441] loop1: detected capacity change from 0 to 1024
[  144.994874][ T6441] hfsplus: unable to parse mount options
[  145.193148][ T6445] rdma_rxe: rxe_register_device failed with error -23
[  145.195234][ T6445] rdma_rxe: failed to add lo
[  145.203449][ T6447] FAULT_INJECTION: forcing a failure.
[  145.203449][ T6447] name failslab, interval 1, probability 0, space 0, times 0
[  145.214970][ T6447] CPU: 0 PID: 6447 Comm: syz.1.678 Not tainted 5.15.189-syzkaller #0
[  145.217140][ T6447] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  145.219803][ T6447] Call trace:
[  145.220654][ T6447]  dump_backtrace+0x0/0x43c
[  145.221864][ T6447]  show_stack+0x2c/0x3c
[  145.222955][ T6447]  __dump_stack+0x30/0x40
[  145.224104][ T6447]  dump_stack_lvl+0xf8/0x160
[  145.225310][ T6447]  dump_stack+0x1c/0x5c
[  145.226397][ T6447]  should_fail+0x3c0/0x51c
[  145.227554][ T6447]  __should_failslab+0xbc/0x10c
[  145.228837][ T6447]  should_failslab+0x10/0x28
[  145.230043][ T6447]  slab_pre_alloc_hook+0x64/0xec
[  145.231329][ T6447]  kmem_cache_alloc+0x94/0x3e4
[  145.232579][ T6447]  ptlock_alloc+0x28/0x78
[  145.233720][ T6447]  pte_alloc_one+0x70/0x248
[  145.234914][ T6447]  copy_huge_pmd+0x7c/0xb94
[  145.236096][ T6447]  copy_page_range+0x740/0x22b8
[  145.237388][ T6447]  copy_mm+0x9c8/0x1084
[  145.238485][ T6447]  copy_process+0x14d8/0x34ac
[  145.239714][ T6447]  kernel_clone+0x1d8/0x9d4
[  145.240932][ T6447]  __arm64_sys_clone+0x138/0x190
[  145.242239][ T6447]  invoke_syscall+0x98/0x2b8
[  145.243450][ T6447]  el0_svc_common+0x138/0x258
[  145.244681][ T6447]  do_el0_svc+0x58/0x14c
[  145.245785][ T6447]  el0_svc+0x78/0x1e0
[  145.246846][ T6447]  el0t_64_sync_handler+0xcc/0xe4
[  145.248169][ T6447]  el0t_64_sync+0x1a0/0x1a4
[  145.300310][ T6453] netlink: 28 bytes leftover after parsing attributes in process `syz.1.680'.
[  145.314134][ T6453] netlink: 32 bytes leftover after parsing attributes in process `syz.1.680'.
[  145.317141][ T6453] netlink: 28 bytes leftover after parsing attributes in process `syz.1.680'.
[  145.320878][ T6453] binder: 6450:6453 got transaction to invalid handle, 1
[  145.326133][ T6453] binder: 6450:6453 transaction failed 29201/-22, size 0-0 line 2917
[  145.329190][ T4148] binder: undelivered TRANSACTION_ERROR: 29201
[  145.377037][ T6455] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  145.381641][ T6452] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  145.386164][ T6452] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  145.450273][ T6455] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  145.490985][ T6422] loop2: detected capacity change from 0 to 40427
[  145.540001][ T6422] F2FS-fs (loop2): Unrecognized mount option "18446744073709551615" or missing value
[  145.565918][ T6459] loop3: detected capacity change from 0 to 1024
[  145.575669][ T6459] hfsplus: unable to parse mount options
[  145.654054][ T6461] netlink: 28 bytes leftover after parsing attributes in process `syz.3.684'.
[  145.720175][ T6466] netlink: 12 bytes leftover after parsing attributes in process `syz.4.686'.
[  145.793369][ T6469] device syzkaller0 entered promiscuous mode
[  146.070403][ T6478] rdma_rxe: rxe_register_device failed with error -23
[  146.072587][ T6478] rdma_rxe: failed to add lo
[  146.177011][ T6487] tipc: Enabling of bearer <eth:syzk> rejected, failed to enable media
[  146.201322][ T6487] device syzkaller0 entered promiscuous mode
[  146.338952][ T6487] udc-core: couldn't find an available UDC or it's busy
[  146.340862][ T6487] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  146.369297][ T6488] udc-core: couldn't find an available UDC or it's busy
[  146.371167][ T6488] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  146.388025][ T6488] loop2: detected capacity change from 0 to 8
[  146.394274][ T6498] vhci_hcd: invalid port number 96
[  146.395636][ T6498] vhci_hcd: default hub control req: 2000 vfffc i0060 l7
[  146.452472][ T6500] netlink: 8 bytes leftover after parsing attributes in process `syz.0.698'.
[  146.454902][ T6500] netlink: 4 bytes leftover after parsing attributes in process `syz.0.698'.
[  146.511349][ T6503] netlink: 12 bytes leftover after parsing attributes in process `syz.4.699'.
[  146.688937][ T6480] loop3: detected capacity change from 0 to 40427
[  146.852524][ T6513] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  147.587690][ T6513] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  147.847309][ T6522] rdma_rxe: rxe_register_device failed with error -23
[  147.849384][ T6522] rdma_rxe: failed to add lo
[  149.478183][ T6552] tipc: Enabling of bearer <eth:syzk> rejected, failed to enable media
[  149.509677][ T6552] device syzkaller0 entered promiscuous mode
[  149.605806][ T6550] udc-core: couldn't find an available UDC or it's busy
[  149.607734][ T6550] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  149.626733][ T6550] loop2: detected capacity change from 0 to 8
[  150.511904][ T6571] binder: 6570:6571 got reply transaction with no transaction stack
[  150.530392][ T6571] binder: 6570:6571 transaction failed 29201/-71, size 0-0 line 2822
[  150.552070][ T4148] binder: undelivered TRANSACTION_ERROR: 29201
[  150.606657][ T6540] loop1: detected capacity change from 0 to 32768
[  150.811137][ T5188] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  151.570430][ T6588] FAULT_INJECTION: forcing a failure.
[  151.570430][ T6588] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  151.587100][ T6588] CPU: 0 PID: 6588 Comm: syz.3.719 Not tainted 5.15.189-syzkaller #0
[  151.589238][ T6588] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  151.591856][ T6588] Call trace:
[  151.592702][ T6588]  dump_backtrace+0x0/0x43c
[  151.593908][ T6588]  show_stack+0x2c/0x3c
[  151.595006][ T6588]  __dump_stack+0x30/0x40
[  151.596151][ T6588]  dump_stack_lvl+0xf8/0x160
[  151.597379][ T6588]  dump_stack+0x1c/0x5c
[  151.598467][ T6588]  should_fail+0x3c0/0x51c
[  151.599637][ T6588]  should_fail_alloc_page+0x74/0xa8
[  151.601041][ T6588]  prepare_alloc_pages+0x160/0x460
[  151.602371][ T6588]  __alloc_pages+0x108/0x470
[  151.603580][ T6588]  alloc_pages_vma+0x284/0x7a8
[  151.604856][ T6588]  shmem_alloc_and_acct_page+0x38c/0xac4
[  151.606359][ T6588]  shmem_getpage_gfp+0x1028/0x1ef0
[  151.607725][ T6588]  shmem_write_begin+0xe0/0x29c
[  151.609019][ T6588]  generic_perform_write+0x204/0x480
[  151.610450][ T6588]  __generic_file_write_iter+0x23c/0x454
[  151.611997][ T6588]  generic_file_write_iter+0xb0/0x1b4
[  151.613456][ T6588]  vfs_write+0x7c8/0xa2c
[  151.614603][ T6588]  ksys_write+0x120/0x210
[  151.615802][ T6588]  __arm64_sys_write+0x7c/0x90
[  151.617080][ T6588]  invoke_syscall+0x98/0x2b8
[  151.618325][ T6588]  el0_svc_common+0x138/0x258
[  151.619576][ T6588]  do_el0_svc+0x58/0x14c
[  151.620730][ T6588]  el0_svc+0x78/0x1e0
[  151.621822][ T6588]  el0t_64_sync_handler+0xcc/0xe4
[  151.623180][ T6588]  el0t_64_sync+0x1a0/0x1a4
[  151.653022][ T5188] usb 1-1: Using ep0 maxpacket: 8
[  151.772790][ T5188] usb 1-1: config 0 has an invalid interface number: 148 but max is 0
[  151.777080][ T5188] usb 1-1: config 0 has no interface number 0
[  151.828035][ T6604] device syzkaller0 entered promiscuous mode
[  151.932632][ T5188] usb 1-1: New USB device found, idVendor=0d46, idProduct=2012, bcdDevice=4d.36
[  151.932677][ T5188] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  151.932695][ T5188] usb 1-1: Product: syz
[  151.932709][ T5188] usb 1-1: Manufacturer: syz
[  151.932724][ T5188] usb 1-1: SerialNumber: syz
[  151.953835][ T5188] usb 1-1: config 0 descriptor??
[  151.955645][ T6602] __nla_validate_parse: 1 callbacks suppressed
[  151.955657][ T6602] netlink: 12 bytes leftover after parsing attributes in process `syz.3.724'.
[  151.994933][ T6609] rdma_rxe: rxe_register_device failed with error -23
[  151.995011][ T5188] kobil_sct 1-1:0.148: KOBIL USB smart card terminal converter detected
[  151.995131][ T6609] rdma_rxe: failed to add lo
[  151.998190][ T5188] usb 1-1: KOBIL USB smart card terminal converter now attached to ttyUSB0
[  152.222666][ T5188] usb 1-1: USB disconnect, device number 6
[  152.227838][ T5188] kobil ttyUSB0: KOBIL USB smart card terminal converter now disconnected from ttyUSB0
[  152.230801][ T5188] kobil_sct 1-1:0.148: device disconnected
[  152.977410][ T6631] overlayfs: failed to create directory ./file0/work (errno: 13); mounting read-only
[  153.002730][ T6631] overlayfs: fs on '.' does not support file handles, falling back to index=off,nfs_export=off.
[  153.220092][ T6637] udc-core: couldn't find an available UDC or it's busy
[  153.222143][ T6637] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  153.233435][ T6637] loop3: detected capacity change from 0 to 8
[  155.921404][ T6663] device syzkaller0 entered promiscuous mode
[  157.353024][ T6704] rdma_rxe: rxe_register_device failed with error -23
[  157.355022][ T6704] rdma_rxe: failed to add lo
[  157.531186][ T6706] tipc: Enabling of bearer <eth:syzk> rejected, failed to enable media
[  157.552896][ T6706] device syzkaller0 entered promiscuous mode
[  158.361001][ T6718] loop1: detected capacity change from 0 to 128
[  158.433516][ T6706] udc-core: couldn't find an available UDC or it's busy
[  158.435625][ T6706] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  159.626563][ T6734] rdma_rxe: rxe_register_device failed with error -23
[  159.628649][ T6734] rdma_rxe: failed to add lo
[  159.790975][ T6740] binder: 6739:6740 got reply transaction with no transaction stack
[  159.863782][ T6744] binder: 6739:6744 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  159.865541][ T6740] binder: 6739:6740 transaction failed 29201/-71, size 0-0 line 2822
[  159.867234][ T6744] binder: 6744 RLIMIT_NICE not set
[  159.872372][   T25] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  159.941844][ T6745] tipc: Enabling of bearer <eth:syzkall> rejected, failed to enable media
[  159.983293][ T6745] device syzkaller0 entered promiscuous mode
[  160.046731][ T4115] binder: undelivered TRANSACTION_ERROR: 29201
[  160.817072][ T6751] binder: 6749:6751 unknown command 1077961491
[  160.818890][ T6751] binder: 6749:6751 ioctl c0306201 20000780 returned -22
[  160.832690][   T25] usb 1-1: unable to get BOS descriptor or descriptor too short
[  160.873521][ T6754] device syzkaller0 entered promiscuous mode
[  160.912537][   T25] usb 1-1: config 6 has an invalid interface number: 70 but max is 0
[  160.915027][   T25] usb 1-1: config 6 has no interface number 0
[  160.916630][   T25] usb 1-1: config 6 interface 70 has no altsetting 0
[  161.072613][   T25] usb 1-1: New USB device found, idVendor=0ace, idProduct=2011, bcdDevice= 1.01
[  161.075177][   T25] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  161.077434][   T25] usb 1-1: Product: syz
[  161.078557][   T25] usb 1-1: Manufacturer: syz
[  161.090095][   T25] usb 1-1: SerialNumber: syz
[  162.463228][   T25] usb-storage 1-1:6.70: USB Mass Storage device detected
[  162.477765][ T6771] netlink: 12 bytes leftover after parsing attributes in process `syz.0.765'.
[  162.500537][   T25] usb-storage 1-1:6.70: device ignored
[  162.669473][ T6779] device syzkaller0 entered promiscuous mode
[  163.602072][   T25] usb 1-1: USB disconnect, device number 7
[  163.679081][ T6781] tipc: Enabling of bearer <eth:syzk> rejected, failed to enable media
[  163.682144][ T6781] device syzkaller0 entered promiscuous mode
[  163.710918][ T6788] rdma_rxe: rxe_register_device failed with error -23
[  163.713037][ T6788] rdma_rxe: failed to add lo
[  164.817484][ T6796] tipc: Enabling of bearer <eth:syzkaller> rejected, failed to enable media
[  164.820480][ T6796] device syzkaller0 entered promiscuous mode
[  166.600809][ T6806] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  166.728658][ T6819] device syzkaller0 entered promiscuous mode
[  166.751924][ T6806] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  167.012569][   T25] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  167.453872][ T6839] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  167.455902][ T6839] IPv6: NLM_F_CREATE should be set when creating new route
[  167.542481][   T25] usb 1-1: unable to get BOS descriptor or descriptor too short
[  167.568916][ T6843] device syzkaller0 entered promiscuous mode
[  167.622717][   T25] usb 1-1: config 6 has an invalid interface number: 70 but max is 0
[  167.625006][   T25] usb 1-1: config 6 has no interface number 0
[  167.626588][   T25] usb 1-1: config 6 interface 70 has no altsetting 0
[  167.629365][ T6838] loop3: detected capacity change from 0 to 8192
[  167.674411][ T6838] REISERFS (device loop3): found reiserfs format "3.5" with non-standard journal
[  167.676948][ T6838] REISERFS (device loop3): using ordered data mode
[  167.700923][ T6838] reiserfs: using flush barriers
[  167.717375][ T6838] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  167.762688][ T6838] REISERFS (device loop3): checking transaction log (loop3)
[  167.782551][   T25] usb 1-1: New USB device found, idVendor=0ace, idProduct=2011, bcdDevice= 1.01
[  167.785048][   T25] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  167.787116][   T25] usb 1-1: Product: syz
[  167.787513][ T6838] REISERFS (device loop3): Using r5 hash to sort names
[  167.788176][   T25] usb 1-1: Manufacturer: syz
[  167.791247][   T25] usb 1-1: SerialNumber: syz
[  167.811644][ T6838] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage.
[  168.053917][ T6814] loop0: detected capacity change from 0 to 8
[  168.074288][ T6850] tipc: Enabling of bearer <eth:syzk> rejected, failed to enable media
[  168.085036][ T6850] device syzkaller0 entered promiscuous mode
[  168.814650][ T6852] netlink: 8 bytes leftover after parsing attributes in process `syz.4.785'.
[  168.890932][ T6850] udc-core: couldn't find an available UDC or it's busy
[  168.894267][ T6850] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  169.002411][ T4115] Bluetooth: hci1: command 0x0406 tx timeout
[  169.004500][ T4115] Bluetooth: hci0: command 0x0406 tx timeout
[  169.006141][ T4115] Bluetooth: hci2: command 0x0406 tx timeout
[  169.008553][ T4115] Bluetooth: hci3: command 0x0406 tx timeout
[  169.023163][   T25] usb-storage 1-1:6.70: USB Mass Storage device detected
[  169.040807][   T25] usb-storage 1-1:6.70: device ignored
[  169.063336][ T6857] tipc: Enabling of bearer <eth:syzkaller> rejected, failed to enable media
[  169.077609][ T6857] device syzkaller0 entered promiscuous mode
[  169.096463][   T25] usb 1-1: USB disconnect, device number 8
[  169.624371][ T6872] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  169.662590][ T6870] mkiss: ax0: crc mode is auto.
[  169.683799][ T6870] binder: 6869:6870 got transaction to invalid handle, 1
[  169.688349][ T6877] device syzkaller0 entered promiscuous mode
[  169.690111][ T6870] binder: 6869:6870 transaction failed 29201/-22, size 0-0 line 2917
[  169.705824][ T4115] binder: undelivered TRANSACTION_ERROR: 29201
[  169.719997][ T6872] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  170.803668][ T6889] loop3: detected capacity change from 0 to 8
[  170.963996][ T6897] netlink: 'syz.0.801': attribute type 12 has an invalid length.
[  170.968568][ T6897] binder: 6890:6897 got transaction to invalid handle, 1
[  170.970449][ T6897] binder: 6890:6897 transaction failed 29201/-22, size 0-0 line 2917
[  171.134347][ T6889] SQUASHFS error: xz decompression failed, data probably corrupt
[  171.137489][ T6889] SQUASHFS error: Failed to read block 0x108: -5
[  171.163595][ T6889] SQUASHFS error: Unable to read metadata cache entry [106]
[  171.177084][ T6889] SQUASHFS error: Unable to read inode 0x11f
[  171.192644][ T4115] binder: undelivered TRANSACTION_ERROR: 29201
[  171.291229][ T6903] tipc: Enabling of bearer <eth:syzk> rejected, failed to enable media
[  171.335047][ T6905] tipc: Enabling of bearer <eth:syzkaller> rejected, failed to enable media
[  171.359124][ T6889] loop3: detected capacity change from 0 to 256
[  171.365215][ T6905] device syzkaller0 entered promiscuous mode
[  171.426947][ T6903] udc-core: couldn't find an available UDC or it's busy
[  171.428920][ T6903] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  171.898925][ T6913] udc-core: couldn't find an available UDC or it's busy
[  171.900838][ T6913] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  171.905216][ T6923] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  171.915671][ T6913] loop2: detected capacity change from 0 to 8
[  172.003507][   T25] wlan1: authenticate with 08:02:11:00:00:00
[  172.010545][   T25] wlan1: send auth to 08:02:11:00:00:00 (try 1/3)
[  172.136837][ T5742] wlan1: send auth to 08:02:11:00:00:00 (try 2/3)
[  172.329704][ T5742] wlan1: send auth to 08:02:11:00:00:00 (try 3/3)
[  173.115487][ T6929] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  173.132444][    T9] wlan1: authentication with 08:02:11:00:00:00 timed out
[  173.176064][ T6936] loop3: detected capacity change from 0 to 256
[  174.248888][ T6952] device syzkaller0 entered promiscuous mode
[  174.680687][ T6947] loop0: detected capacity change from 0 to 32768
[  175.619183][ T6947] JBD2: Ignoring recovery information on journal
[  175.788239][ T6947] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  175.824877][ T6977] binder: 6975:6977 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  175.828296][ T6977] binder: 6977 RLIMIT_NICE not set
[  175.875415][ T6978] device macvtap0 entered promiscuous mode
[  175.881588][ T6978] device macvtap0 left promiscuous mode
[  175.923793][ T4035] ocfs2: Unmounting device (7,0) on (node local)
[  175.945658][ T6977] binder: 6975:6977 ioctl c0306201 20000240 returned -14
[  176.417683][ T7002] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  177.158883][ T6998] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  177.211083][ T4080] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  177.343324][ T7010] device syzkaller0 entered promiscuous mode
[  177.662598][ T4080] usb 1-1: unable to get BOS descriptor or descriptor too short
[  177.754051][ T4080] usb 1-1: config 6 has an invalid interface number: 70 but max is 0
[  177.756268][ T4080] usb 1-1: config 6 has no interface number 0
[  177.757869][ T4080] usb 1-1: config 6 interface 70 has no altsetting 0
[  178.784236][ T7023] device syzkaller0 entered promiscuous mode
[  178.912605][ T4080] usb 1-1: New USB device found, idVendor=0ace, idProduct=2011, bcdDevice= 1.01
[  178.915100][ T4080] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  178.917184][ T4080] usb 1-1: Product: syz
[  178.918265][ T4080] usb 1-1: Manufacturer: syz
[  178.919880][ T4080] usb 1-1: SerialNumber: syz
[  178.937687][ T7025] binder: 7024:7025 got reply transaction with no transaction stack
[  178.939867][ T7025] binder: 7024:7025 transaction failed 29201/-71, size 0-0 line 2822
[  178.976310][ T4162] binder: undelivered TRANSACTION_ERROR: 29201
[  179.012471][ T4080] usb 1-1: can't set config #6, error -71
[  179.016159][ T4080] usb 1-1: USB disconnect, device number 9
[  179.999218][ T7043] FAULT_INJECTION: forcing a failure.
[  179.999218][ T7043] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  180.002928][ T7043] CPU: 1 PID: 7043 Comm: syz.2.845 Not tainted 5.15.189-syzkaller #0
[  180.005033][ T7043] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  180.007720][ T7043] Call trace:
[  180.008614][ T7043]  dump_backtrace+0x0/0x43c
[  180.009846][ T7043]  show_stack+0x2c/0x3c
[  180.010960][ T7043]  __dump_stack+0x30/0x40
[  180.012144][ T7043]  dump_stack_lvl+0xf8/0x160
[  180.013366][ T7043]  dump_stack+0x1c/0x5c
[  180.014476][ T7043]  should_fail+0x3c0/0x51c
[  180.015673][ T7043]  should_fail_usercopy+0x20/0x30
[  180.017044][ T7043]  copy_page_from_iter_atomic+0x3b8/0x1214
[  180.018607][ T7043]  generic_perform_write+0x284/0x480
[  180.020027][ T7043]  __generic_file_write_iter+0x23c/0x454
[  180.021542][ T7043]  generic_file_write_iter+0xb0/0x1b4
[  180.023031][ T7043]  vfs_write+0x7c8/0xa2c
[  180.024166][ T7043]  ksys_write+0x120/0x210
[  180.025327][ T7043]  __arm64_sys_write+0x7c/0x90
[  180.026606][ T7043]  invoke_syscall+0x98/0x2b8
[  180.027878][ T7043]  el0_svc_common+0x138/0x258
[  180.029133][ T7043]  do_el0_svc+0x58/0x14c
[  180.030281][ T7043]  el0_svc+0x78/0x1e0
[  180.031365][ T7043]  el0t_64_sync_handler+0xcc/0xe4
[  180.032714][ T7043]  el0t_64_sync+0x1a0/0x1a4
[  180.075436][ T7043] loop2: detected capacity change from 0 to 1024
[  180.123276][ T7043] hfsplus: unable to parse mount options
[  181.147343][ T7064] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  181.453865][ T7072] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  182.372253][ T4148] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  182.580590][ T7079] udc-core: couldn't find an available UDC or it's busy
[  182.582676][ T7079] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  182.589041][ T7079] loop1: detected capacity change from 0 to 8
[  182.772596][ T4148] usb 1-1: unable to get BOS descriptor or descriptor too short
[  182.852473][ T4148] usb 1-1: config 6 has an invalid interface number: 70 but max is 0
[  182.854650][ T4148] usb 1-1: config 6 has no interface number 0
[  182.856294][ T4148] usb 1-1: config 6 interface 70 has no altsetting 0
[  182.940416][ T7075] loop4: detected capacity change from 0 to 32768
[  183.820200][ T7075] JBD2: Ignoring recovery information on journal
[  183.822556][ T4148] usb 1-1: New USB device found, idVendor=0ace, idProduct=2011, bcdDevice= 1.01
[  183.825015][ T4148] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  183.827084][ T4148] usb 1-1: Product: syz
[  183.828153][ T4148] usb 1-1: Manufacturer: syz
[  183.829321][ T4148] usb 1-1: SerialNumber: syz
[  183.964657][ T7101] loop3: detected capacity change from 0 to 1024
[  183.967740][ T7075] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  183.995332][ T7074] 
[  183.995986][ T7074] ======================================================
[  183.997793][ T7074] WARNING: possible circular locking dependency detected
[  183.999625][ T7074] 5.15.189-syzkaller #0 Not tainted
[  184.000996][ T7074] ------------------------------------------------------
[  184.002868][ T7074] syz.4.854/7074 is trying to acquire lock:
[  184.004410][ T7074] ffff0000de5d8660 (&ocfs2_file_ip_alloc_sem_key){++++}-{3:3}, at: ocfs2_page_mkwrite+0x39c/0xce4
[  184.007285][ T7074] 
[  184.007285][ T7074] but task is already holding lock:
[  184.009247][ T7074] ffff0000d52b0558 (sb_pagefaults#2){.+.+}-{0:0}, at: do_page_mkwrite+0x13c/0x358
[  184.011712][ T7074] 
[  184.011712][ T7074] which lock already depends on the new lock.
[  184.011712][ T7074] 
[  184.014153][ T7103] binder: 7100:7103 ioctl 6609 0 returned -22
[  184.014506][ T7074] 
[  184.014506][ T7074] the existing dependency chain (in reverse order) is:
[  184.014512][ T7074] 
[  184.014512][ T7074] -> #2 (sb_pagefaults#2){.+.+}-{0:0}:
[  184.018979][ T7103] binder: 7100:7103 got transaction to invalid handle, 1
[  184.020529][ T7074]        ocfs2_page_mkwrite+0x208/0xce4
[  184.022385][ T7103] binder: 7100:7103 transaction failed 29201/-22, size 0-0 line 2917
[  184.023807][ T7074]        do_page_mkwrite+0x13c/0x358
[  184.027251][ T7074]        handle_mm_fault+0x1618/0x2950
[  184.028714][ T7074]        do_page_fault+0x694/0xad4
[  184.029012][   T13] binder: undelivered TRANSACTION_ERROR: 29201
[  184.030087][ T7074]        do_translation_fault+0xe0/0x130
[  184.033171][ T7074]        do_mem_abort+0x6c/0x1ac
[  184.034504][ T7074]        el0_da+0x90/0x1fc
[  184.035674][ T7074]        el0t_64_sync_handler+0xd8/0xe4
[  184.037175][ T7074]        el0t_64_sync+0x1a0/0x1a4
[  184.038525][ T7074] 
[  184.038525][ T7074] -> #1 (&mm->mmap_lock){++++}-{3:3}:
[  184.040560][ T7074]        __might_fault+0xc8/0x128
[  184.041926][ T7074]        fiemap_fill_next_extent+0x15c/0x3e0
[  184.043536][ T7074]        ocfs2_fiemap+0x73c/0x98c
[  184.044896][ T7074]        do_vfs_ioctl+0x18d8/0x2370
[  184.046279][ T7074]        __arm64_sys_ioctl+0xe4/0x1c8
[  184.047724][ T7074]        invoke_syscall+0x98/0x2b8
[  184.049089][ T7074]        el0_svc_common+0x138/0x258
[  184.050520][ T7074]        do_el0_svc+0x58/0x14c
[  184.051800][ T7074]        el0_svc+0x78/0x1e0
[  184.052998][ T7074]        el0t_64_sync_handler+0xcc/0xe4
[  184.054483][ T7074]        el0t_64_sync+0x1a0/0x1a4
[  184.055813][ T7074] 
[  184.055813][ T7074] -> #0 (&ocfs2_file_ip_alloc_sem_key){++++}-{3:3}:
[  184.058147][ T7074]        __lock_acquire+0x2928/0x651c
[  184.059577][ T7074]        lock_acquire+0x1f4/0x620
[  184.060929][ T7074]        down_write+0xbc/0x12c
[  184.062210][ T7074]        ocfs2_page_mkwrite+0x39c/0xce4
[  184.063690][ T7074]        do_page_mkwrite+0x13c/0x358
[  184.065129][ T7074]        handle_mm_fault+0x1618/0x2950
[  184.066600][ T7074]        do_page_fault+0x694/0xad4
[  184.067969][ T7074]        do_translation_fault+0xe0/0x130
[  184.069466][ T7074]        do_mem_abort+0x6c/0x1ac
[  184.070803][ T7074]        el0_da+0x90/0x1fc
[  184.071741][ T7105] tipc: Enabling of bearer <eth:syzk> rejected, failed to enable media
[  184.071978][ T7074]        el0t_64_sync_handler+0xd8/0xe4
[  184.075521][ T7105] device syzkaller0 entered promiscuous mode
[  184.075716][ T7074]        el0t_64_sync+0x1a0/0x1a4
[  184.075732][ T7074] 
[  184.075732][ T7074] other info that might help us debug this:
[  184.075732][ T7074] 
[  184.075736][ T7074] Chain exists of:
[  184.075736][ T7074]   &ocfs2_file_ip_alloc_sem_key --> &mm->mmap_lock --> sb_pagefaults#2
[  184.075736][ T7074] 
[  184.085137][ T7074]  Possible unsafe locking scenario:
[  184.085137][ T7074] 
[  184.087145][ T7074]        CPU0                    CPU1
[  184.088591][ T7074]        ----                    ----
[  184.090030][ T7074]   lock(sb_pagefaults#2);
[  184.091222][ T7074]                                lock(&mm->mmap_lock);
[  184.093080][ T7074]                                lock(sb_pagefaults#2);
[  184.094953][ T7074]   lock(&ocfs2_file_ip_alloc_sem_key);
[  184.096501][ T7074] 
[  184.096501][ T7074]  *** DEADLOCK ***
[  184.096501][ T7074] 
[  184.098684][ T7074] 2 locks held by syz.4.854/7074:
[  184.100048][ T7074]  #0: ffff0000dd159818 (&mm->mmap_lock){++++}-{3:3}, at: do_page_fault+0x364/0xad4
[  184.102606][ T7074]  #1: ffff0000d52b0558 (sb_pagefaults#2){.+.+}-{0:0}, at: do_page_mkwrite+0x13c/0x358
[  184.105245][ T7074] 
[  184.105245][ T7074] stack backtrace:
[  184.106837][ T7074] CPU: 1 PID: 7074 Comm: syz.4.854 Not tainted 5.15.189-syzkaller #0
[  184.109022][ T7074] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  184.111739][ T7074] Call trace:
[  184.112624][ T7074]  dump_backtrace+0x0/0x43c
[  184.113846][ T7074]  show_stack+0x2c/0x3c
[  184.114964][ T7074]  __dump_stack+0x30/0x40
[  184.116133][ T7074]  dump_stack_lvl+0xf8/0x160
[  184.117383][ T7074]  dump_stack+0x1c/0x5c
[  184.118518][ T7074]  print_circular_bug+0x148/0x1b0
[  184.119940][ T7074]  check_noncircular+0x240/0x2d4
[  184.121290][ T7074]  __lock_acquire+0x2928/0x651c
[  184.122582][ T7074]  lock_acquire+0x1f4/0x620
[  184.123850][ T7074]  down_write+0xbc/0x12c
[  184.124981][ T7074]  ocfs2_page_mkwrite+0x39c/0xce4
[  184.126333][ T7074]  do_page_mkwrite+0x13c/0x358
[  184.127621][ T7074]  handle_mm_fault+0x1618/0x2950
[  184.128959][ T7074]  do_page_fault+0x694/0xad4
[  184.130188][ T7074]  do_translation_fault+0xe0/0x130
[  184.131582][ T7074]  do_mem_abort+0x6c/0x1ac
[  184.132772][ T7074]  el0_da+0x90/0x1fc
[  184.133824][ T7074]  el0t_64_sync_handler+0xd8/0xe4
[  184.135170][ T7074]  el0t_64_sync+0x1a0/0x1a4
[  184.152675][ T7074] OCFS2: ERROR (device loop4): int ocfs2_claim_suballoc_bits(struct ocfs2_alloc_context *, handle_t *, u32, u32, struct ocfs2_suballoc_result *): Chain allocator dinode 23 has 4294967295 used bits but only 16777215 total
[  184.165238][ T7074] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted.
[  184.167792][ T7074] OCFS2: Returning error to the calling process.
[  184.169409][ T7074] (syz.4.854,7074,1):ocfs2_claim_suballoc_bits:1983 ERROR: status = -5
[  184.182511][ T7074] (syz.4.854,7074,0):__ocfs2_claim_clusters:2355 ERROR: status = -5
[  184.184718][ T7074] (syz.4.854,7074,0):__ocfs2_claim_clusters:2363 ERROR: status = -5
[  184.186814][ T7074] (syz.4.854,7074,0):ocfs2_local_alloc_new_window:1203 ERROR: status = -5
[  184.188991][ T7074] (syz.4.854,7074,0):ocfs2_local_alloc_new_window:1228 ERROR: status = -5
[  184.191150][ T7074] (syz.4.854,7074,0):ocfs2_local_alloc_slide_window:1302 ERROR: status = -5
[  184.548573][ T4148] usb-storage 1-1:6.70: USB Mass Storage device detected
[  184.610221][ T7074] (syz.4.854,7074,0):ocfs2_local_alloc_slide_window:1321 ERROR: status = -5
[  184.612891][ T7074] (syz.4.854,7074,0):ocfs2_reserve_local_alloc_bits:671 ERROR: status = -5
[  184.615120][ T7074] (syz.4.854,7074,0):ocfs2_reserve_local_alloc_bits:709 ERROR: status = -5
[  184.616994][ T4148] usb-storage 1-1:6.70: device ignored
[  184.617362][ T7074] (syz.4.854,7074,0):ocfs2_reserve_clusters_with_limit:1166 ERROR: status = -5
[  184.621381][ T7074] (syz.4.854,7074,0):ocfs2_reserve_clusters_with_limit:1215 ERROR: status = -5
[  184.624920][ T7074] (syz.4.854,7074,0):ocfs2_convert_inline_data_to_extents:7074 ERROR: status = -5
[  184.627320][ T7074] (syz.4.854,7074,0):ocfs2_try_to_write_inline_data:1566 ERROR: status = -5
[  184.629782][ T7074] (syz.4.854,7074,0):ocfs2_write_begin_nolock:1678 ERROR: status = -5
[  184.632948][ T7074] (syz.4.854,7074,0):__ocfs2_page_mkwrite:97 ERROR: status = -5
[  184.635348][ T7075] OCFS2: ERROR (device loop4): int ocfs2_claim_suballoc_bits(struct ocfs2_alloc_context *, handle_t *, u32, u32, struct ocfs2_suballoc_result *): Chain allocator dinode 23 has 4294967295 used bits but only 16777215 total
[  184.640907][ T7075] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted.
[  184.643739][ T7075] OCFS2: Returning error to the calling process.
[  184.645392][ T7075] (syz.4.854,7075,0):ocfs2_claim_suballoc_bits:1983 ERROR: status = -5
[  184.647546][ T7075] (syz.4.854,7075,0):__ocfs2_claim_clusters:2355 ERROR: status = -5
[  184.649677][ T7075] (syz.4.854,7075,0):__ocfs2_claim_clusters:2363 ERROR: status = -5
[  184.651781][ T7075] (syz.4.854,7075,0):ocfs2_local_alloc_new_window:1203 ERROR: status = -5
[  184.657035][ T4148] usb 1-1: USB disconnect, device number 10
[  184.659285][ T7075] (syz.4.854,7075,0):ocfs2_local_alloc_new_window:1228 ERROR: status = -5
[  184.661485][ T7075] (syz.4.854,7075,0):ocfs2_local_alloc_slide_window:1302 ERROR: status = -5
[  184.664143][ T7075] (syz.4.854,7075,0):ocfs2_local_alloc_slide_window:1321 ERROR: status = -5
[  184.666384][ T7075] (syz.4.854,7075,0):ocfs2_reserve_local_alloc_bits:671 ERROR: status = -5
[  184.668599][ T7075] (syz.4.854,7075,0):ocfs2_reserve_local_alloc_bits:709 ERROR: status = -5
[  184.671158][ T7075] (syz.4.854,7075,0):ocfs2_reserve_clusters_with_limit:1166 ERROR: status = -5
[  184.674056][ T7075] (syz.4.854,7075,0):ocfs2_reserve_clusters_with_limit:1215 ERROR: status = -5
[  184.676402][ T7075] (syz.4.854,7075,0):ocfs2_convert_inline_data_to_extents:7074 ERROR: status = -5
[  184.678836][ T7075] (syz.4.854,7075,0):ocfs2_try_to_write_inline_data:1566 ERROR: status = -5
[  184.681105][ T7075] (syz.4.854,7075,0):ocfs2_write_begin_nolock:1678 ERROR: status = -5
[  184.686993][ T7075] (syz.4.854,7075,0):__ocfs2_page_mkwrite:97 ERROR: status = -5
[  184.703721][ T7074] OCFS2: ERROR (device loop4): int ocfs2_claim_suballoc_bits(struct ocfs2_alloc_context *, handle_t *, u32, u32, struct ocfs2_suballoc_result *): Chain allocator dinode 23 has 4294967295 used bits but only 16777215 total
[  184.709720][ T7074] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted.
[  184.714233][ T7074] OCFS2: Returning error to the calling process.
[  184.716036][ T7074] (syz.4.854,7074,1):ocfs2_claim_suballoc_bits:1983 ERROR: status = -5
[  184.718358][ T7074] (syz.4.854,7074,1):__ocfs2_claim_clusters:2355 ERROR: status = -5
[  184.720618][ T7074] (syz.4.854,7074,1):__ocfs2_claim_clusters:2363 ERROR: status = -5
[  184.722869][ T7074] (syz.4.854,7074,1):ocfs2_local_alloc_new_window:1203 ERROR: status = -5
[  184.725228][ T7074] (syz.4.854,7074,1):ocfs2_local_alloc_new_window:1228 ERROR: status = -5
[  184.727591][ T7074] (syz.4.854,7074,1):ocfs2_local_alloc_slide_window:1302 ERROR: status = -5
[  184.730023][ T7074] (syz.4.854,7074,1):ocfs2_local_alloc_slide_window:1321 ERROR: status = -5
[  184.732537][ T7074] (syz.4.854,7074,1):ocfs2_reserve_local_alloc_bits:671 ERROR: status = -5
[  184.735324][ T7074] (syz.4.854,7074,1):ocfs2_reserve_local_alloc_bits:709 ERROR: status = -5
[  184.740864][ T7074] (syz.4.854,7074,1):ocfs2_reserve_clusters_with_limit:1166 ERROR: status = -5
[  184.747217][ T7074] (syz.4.854,7074,1):ocfs2_reserve_clusters_with_limit:1215 ERROR: status = -5
[  184.752109][ T7074] (syz.4.854,7074,1):ocfs2_convert_inline_data_to_extents:7074 ERROR: status = -5
[  184.757244][ T7074] (syz.4.854,7074,1):ocfs2_try_to_write_inline_data:1566 ERROR: status = -5
[  184.761586][ T7074] (syz.4.854,7074,1):ocfs2_write_begin_nolock:1678 ERROR: status = -5
[  184.765691][ T7074] (syz.4.854,7074,1):__ocfs2_page_mkwrite:97 ERROR: status = -5
[  184.768023][ T7074] OCFS2: ERROR (device loop4): int ocfs2_claim_suballoc_bits(struct ocfs2_alloc_context *, handle_t *, u32, u32, struct ocfs2_suballoc_result *): Chain allocator dinode 23 has 4294967295 used bits but only 16777215 total
[  184.774425][ T7074] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted.
[  184.777167][ T7074] OCFS2: Returning error to the calling process.
[  184.778935][ T7074] (syz.4.854,7074,1):ocfs2_claim_suballoc_bits:1983 ERROR: status = -5
[  184.781257][ T7074] (syz.4.854,7074,1):__ocfs2_claim_clusters:2355 ERROR: status = -5
[  184.783710][ T7074] (syz.4.854,7074,1):__ocfs2_claim_clusters:2363 ERROR: status = -5
[  184.785945][ T7074] (syz.4.854,7074,1):ocfs2_local_alloc_new_window:1203 ERROR: status = -5
[  184.788349][ T7074] (syz.4.854,7074,1):ocfs2_local_alloc_new_window:1228 ERROR: status = -5
[  184.790716][ T7074] (syz.4.854,7074,1):ocfs2_local_alloc_slide_window:1302 ERROR: status = -5
[  184.793247][ T7074] (syz.4.854,7074,1):ocfs2_local_alloc_slide_window:1321 ERROR: status = -5
[  184.795668][ T7074] (syz.4.854,7074,1):ocfs2_reserve_local_alloc_bits:671 ERROR: status = -5
[  184.798089][ T7074] (syz.4.854,7074,1):ocfs2_reserve_local_alloc_bits:709 ERROR: status = -5
[  184.800482][ T7074] (syz.4.854,7074,1):ocfs2_reserve_clusters_with_limit:1166 ERROR: status = -5
[  184.803337][ T7074] (syz.4.854,7074,1):ocfs2_reserve_clusters_with_limit:1215 ERROR: status = -5
[  184.805860][ T7074] (syz.4.854,7074,1):ocfs2_convert_inline_data_to_extents:7074 ERROR: status = -5
[  184.808381][ T7074] (syz.4.854,7074,1):ocfs2_try_to_write_inline_data:1566 ERROR: status = -5
[  184.810792][ T7074] (syz.4.854,7074,1):ocfs2_write_begin_nolock:1678 ERROR: status = -5
[  184.813298][ T7074] (syz.4.854,7074,1):__ocfs2_page_mkwrite:97 ERROR: status = -5
[  184.815584][ T7074] OCFS2: ERROR (device loop4): int ocfs2_claim_suballoc_bits(struct ocfs2_alloc_context *, handle_t *, u32, u32, struct ocfs2_suballoc_result *): Chain allocator dinode 23 has 4294967295 used bits but only 16777215 total
[  184.821498][ T7074] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted.
[  184.825878][ T7074] OCFS2: Returning error to the calling process.
[  184.827681][ T7074] (syz.4.854,7074,1):ocfs2_claim_suballoc_bits:1983 ERROR: status = -5
[  184.829990][ T7074] (syz.4.854,7074,1):__ocfs2_claim_clusters:2355 ERROR: status = -5
[  184.832304][ T7074] (syz.4.854,7074,1):__ocfs2_claim_clusters:2363 ERROR: status = -5
[  184.834488][ T7074] (syz.4.854,7074,1):ocfs2_local_alloc_new_window:1203 ERROR: status = -5
[  184.836706][ T7074] (syz.4.854,7074,1):ocfs2_local_alloc_new_window:1228 ERROR: status = -5
[  184.838910][ T7074] (syz.4.854,7074,1):ocfs2_local_alloc_slide_window:1302 ERROR: status = -5
[  184.841271][ T7074] (syz.4.854,7074,1):ocfs2_local_alloc_slide_window:1321 ERROR: status = -5
[  184.843700][ T7074] (syz.4.854,7074,1):ocfs2_reserve_local_alloc_bits:671 ERROR: status = -5
[  184.845968][ T7074] (syz.4.854,7074,1):ocfs2_reserve_local_alloc_bits:709 ERROR: status = -5
[  184.848241][ T7074] (syz.4.854,7074,1):ocfs2_reserve_clusters_with_limit:1166 ERROR: status = -5
[  184.850602][ T7074] (syz.4.854,7074,1):ocfs2_reserve_clusters_with_limit:1215 ERROR: status = -5
[  184.853031][ T7074] (syz.4.854,7074,1):ocfs2_convert_inline_data_to_extents:7074 ERROR: status = -5
[  184.855467][ T7074] (syz.4.854,7074,1):ocfs2_try_to_write_inline_data:1566 ERROR: status = -5
[  184.857807][ T7074] (syz.4.854,7074,1):ocfs2_write_begin_nolock:1678 ERROR: status = -5
[  184.859954][ T7074] (syz.4.854,7074,1):__ocfs2_page_mkwrite:97 ERROR: status = -5
[  184.862094][ T7074] OCFS2: ERROR (device loop4): int ocfs2_claim_suballoc_bits(struct ocfs2_alloc_context *, handle_t *, u32, u32, struct ocfs2_suballoc_result *): Chain allocator dinode 23 has 4294967295 used bits but only 16777215 total
[  184.868347][ T7074] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted.
[  184.870893][ T7074] OCFS2: Returning error to the calling process.
[  184.872659][ T7074] (syz.4.854,7074,1):ocfs2_claim_suballoc_bits:1983 ERROR: status = -5
[  184.875073][ T7074] (syz.4.854,7074,1):__ocfs2_claim_clusters:2355 ERROR: status = -5
[  184.877163][ T7074] (syz.4.854,7074,1):__ocfs2_claim_clusters:2363 ERROR: status = -5
[  184.879244][ T7074] (syz.4.854,7074,1):ocfs2_local_alloc_new_window:1203 ERROR: status = -5
[  184.881482][ T7074] (syz.4.854,7074,1):ocfs2_local_alloc_new_window:1228 ERROR: status = -5
[  184.883879][ T7074] (syz.4.854,7074,1):ocfs2_local_alloc_slide_window:1302 ERROR: status = -5
[  184.886204][ T7074] (syz.4.854,7074,1):ocfs2_local_alloc_slide_window:1321 ERROR: status = -5
[  184.888422][ T7074] (syz.4.854,7074,1):ocfs2_reserve_local_alloc_bits:671 ERROR: status = -5
[  184.890718][ T7074] (syz.4.854,7074,1):ocfs2_reserve_local_alloc_bits:709 ERROR: status = -5
[  184.893083][ T7074] (syz.4.854,7074,1):ocfs2_reserve_clusters_with_limit:1166 ERROR: status = -5
[  184.895491][ T7074] (syz.4.854,7074,1):ocfs2_reserve_clusters_with_limit:1215 ERROR: status = -5
[  184.897813][ T7074] (syz.4.854,7074,1):ocfs2_convert_inline_data_to_extents:7074 ERROR: status = -5
[  184.900225][ T7074] (syz.4.854,7074,1):ocfs2_try_to_write_inline_data:1566 ERROR: status = -5
[  184.902589][ T7074] (syz.4.854,7074,1):ocfs2_write_begin_nolock:1678 ERROR: status = -5
[  184.904714][ T7074] (syz.4.854,7074,1):__ocfs2_page_mkwrite:97 ERROR: status = -5
[  184.906841][ T7074] OCFS2: ERROR (device loop4): int ocfs2_claim_suballoc_bits(struct ocfs2_alloc_context *, handle_t *, u32, u32, struct ocfs2_suballoc_result *): Chain allocator dinode 23 has 4294967295 used bits but only 16777215 total
[  184.912433][ T7074] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted.
[  184.915003][ T7074] OCFS2: Returning error to the calling process.
[  184.916636][ T7074] (syz.4.854,7074,1):ocfs2_claim_suballoc_bits:1983 ERROR: status = -5
[  184.918828][ T7074] (syz.4.854,7074,1):__ocfs2_claim_clusters:2355 ERROR: status = -5
[  184.920940][ T7074] (syz.4.854,7074,1):__ocfs2_claim_clusters:2363 ERROR: status = -5
[  184.923146][ T7074] (syz.4.854,7074,1):ocfs2_local_alloc_new_window:1203 ERROR: status = -5
[  184.925366][ T7074] (syz.4.854,7074,1):ocfs2_local_alloc_new_window:1228 ERROR: status = -5
[  184.927583][ T7074] (syz.4.854,7074,1):ocfs2_local_alloc_slide_window:1302 ERROR: status = -5
[  184.929909][ T7074] (syz.4.854,7074,1):ocfs2_local_alloc_slide_window:1321 ERROR: status = -5
[  184.933863][ T7074] (syz.4.854,7074,1):ocfs2_reserve_local_alloc_bits:671 ERROR: status = -5
[  184.936143][ T7074] (syz.4.854,7074,1):ocfs2_reserve_local_alloc_bits:709 ERROR: status = -5
[  184.938375][ T7074] (syz.4.854,7074,1):ocfs2_reserve_clusters_with_limit:1166 ERROR: status = -5
[  184.940759][ T7074] (syz.4.854,7074,1):ocfs2_reserve_clusters_with_limit:1215 ERROR: status = -5
[  184.943227][ T7074] (syz.4.854,7074,1):ocfs2_convert_inline_data_to_extents:7074 ERROR: status = -5
[  184.945625][ T7074] (syz.4.854,7074,1):ocfs2_try_to_write_inline_data:1566 ERROR: status = -5
[  184.947923][ T7074] (syz.4.854,7074,1):ocfs2_write_begin_nolock:1678 ERROR: status = -5
[  184.950078][ T7074] (syz.4.854,7074,1):__ocfs2_page_mkwrite:97 ERROR: status = -5
[  184.952319][ T7074] OCFS2: ERROR (device loop4): int ocfs2_claim_suballoc_bits(struct ocfs2_alloc_context *, handle_t *, u32, u32, struct ocfs2_suballoc_result *): Chain allocator dinode 23 has 4294967295 used bits but only 16777215 total
[  184.957925][ T7074] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted.
[  184.960572][ T7074] OCFS2: Returning error to the calling process.
[  184.962303][ T7074] (syz.4.854,7074,1):ocfs2_claim_suballoc_bits:1983 ERROR: status = -5
[  184.964451][ T7074] (syz.4.854,7074,1):__ocfs2_claim_clusters:2355 ERROR: status = -5
[  184.966522][ T7074] (syz.4.854,7074,1):__ocfs2_claim_clusters:2363 ERROR: status = -5
[  184.968585][ T7074] (syz.4.854,7074,1):ocfs2_local_alloc_new_window:1203 ERROR: status = -5
[  184.970835][ T7074] (syz.4.854,7074,1):ocfs2_local_alloc_new_window:1228 ERROR: status = -5
[  184.973156][ T7074] (syz.4.854,7074,1):ocfs2_local_alloc_slide_window:1302 ERROR: status = -5
[  184.975461][ T7074] (syz.4.854,7074,1):ocfs2_local_alloc_slide_window:1321 ERROR: status = -5
[  184.977986][ T7074] (syz.4.854,7074,1):ocfs2_reserve_local_alloc_bits:671 ERROR: status = -5
[  184.980253][ T7074] (syz.4.854,7074,1):ocfs2_reserve_local_alloc_bits:709 ERROR: status = -5
[  184.982578][ T7074] (syz.4.854,7074,1):ocfs2_reserve_clusters_with_limit:1166 ERROR: status = -5
[  184.984942][ T7074] (syz.4.854,7074,1):ocfs2_reserve_clusters_with_limit:1215 ERROR: status = -5
[  184.987267][ T7074] (syz.4.854,7074,1):ocfs2_convert_inline_data_to_extents:7074 ERROR: status = -5
[  184.989655][ T7074] (syz.4.854,7074,1):ocfs2_try_to_write_inline_data:1566 ERROR: status = -5
[  184.991893][ T7074] (syz.4.854,7074,1):ocfs2_write_begin_nolock:1678 ERROR: status = -5
[  184.994170][ T7074] (syz.4.854,7074,1):__ocfs2_page_mkwrite:97 ERROR: status = -5
[  184.996373][ T7074] OCFS2: ERROR (device loop4): int ocfs2_claim_suballoc_bits(struct ocfs2_alloc_context *, handle_t *, u32, u32, struct ocfs2_suballoc_result *): Chain allocator dinode 23 has 4294967295 used bits but only 16777215 total
[  185.001886][ T7074] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted.
[  185.004642][ T7074] OCFS2: Returning error to the calling process.
[  185.006299][ T7074] (syz.4.854,7074,1):ocfs2_claim_suballoc_bits:1983 ERROR: status = -5
[  185.008463][ T7074] (syz.4.854,7074,1):__ocfs2_claim_clusters:2355 ERROR: status = -5
[  185.010540][ T7074] (syz.4.854,7074,1):__ocfs2_claim_clusters:2363 ERROR: status = -5
[  185.012735][ T7074] (syz.4.854,7074,1):ocfs2_local_alloc_new_window:1203 ERROR: status = -5
[  185.014953][ T7074] (syz.4.854,7074,1):ocfs2_local_alloc_new_window:1228 ERROR: status = -5
[  185.017204][ T7074] (syz.4.854,7074,1):ocfs2_local_alloc_slide_window:1302 ERROR: status = -5
[  185.019574][ T7074] (syz.4.854,7074,1):ocfs2_local_alloc_slide_window:1321 ERROR: status = -5
[  185.021845][ T7074] (syz.4.854,7074,1):ocfs2_reserve_local_alloc_bits:671 ERROR: status = -5
[  185.024251][ T7074] (syz.4.854,7074,1):ocfs2_reserve_local_alloc_bits:709 ERROR: status = -5
[  185.026468][ T7074] (syz.4.854,7074,1):ocfs2_reserve_clusters_with_limit:1166 ERROR: status = -5
[  185.028781][ T7074] (syz.4.854,7074,1):ocfs2_reserve_clusters_with_limit:1215 ERROR: status = -5
[  185.031100][ T7074] (syz.4.854,7074,1):ocfs2_convert_inline_data_to_extents:7074 ERROR: status = -5
[  185.033622][ T7074] (syz.4.854,7074,1):ocfs2_try_to_write_inline_data:1566 ERROR: status = -5
[  185.035897][ T7074] (syz.4.854,7074,1):ocfs2_write_begin_nolock:1678 ERROR: status = -5
[  185.038044][ T7074] (syz.4.854,7074,1):__ocfs2_page_mkwrite:97 ERROR: status = -5
[  185.040202][ T7074] OCFS2: ERROR (device loop4): int ocfs2_claim_suballoc_bits(struct ocfs2_alloc_context *, handle_t *, u32, u32, struct ocfs2_suballoc_result *): Chain allocator dinode 23 has 4294967295 used bits but only 16777215 total
[  185.047513][ T7074] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted.
[  185.050113][ T7074] OCFS2: Returning error to the calling process.
[  185.051819][ T7074] (syz.4.854,7074,1):ocfs2_claim_suballoc_bits:1983 ERROR: status = -5
[  185.054067][ T7074] (syz.4.854,7074,1):__ocfs2_claim_clusters:2355 ERROR: status = -5
[  185.056161][ T7074] (syz.4.854,7074,1):__ocfs2_claim_clusters:2363 ERROR: status = -5
[  185.058240][ T7074] (syz.4.854,7074,1):ocfs2_local_alloc_new_window:1203 ERROR: status = -5
[  185.060460][ T7074] (syz.4.854,7074,1):ocfs2_local_alloc_new_window:1228 ERROR: status = -5
[  185.062772][ T7074] (syz.4.854,7074,1):ocfs2_local_alloc_slide_window:1302 ERROR: status = -5
[  185.065090][ T7074] (syz.4.854,7074,1):ocfs2_local_alloc_slide_window:1321 ERROR: status = -5
[  185.067355][ T7074] (syz.4.854,7074,1):ocfs2_reserve_local_alloc_bits:671 ERROR: status = -5
[  185.069617][ T7074] (syz.4.854,7074,1):ocfs2_reserve_local_alloc_bits:709 ERROR: status = -5
[  185.071866][ T7074] (syz.4.854,7074,1):ocfs2_reserve_clusters_with_limit:1166 ERROR: status = -5
[  185.074379][ T7074] (syz.4.854,7074,1):ocfs2_reserve_clusters_with_limit:1215 ERROR: status = -5
[  185.076733][ T7074] (syz.4.854,7074,1):ocfs2_convert_inline_data_to_extents:7074 ERROR: status = -5
[  185.079330][ T7074] (syz.4.854,7074,1):ocfs2_try_to_write_inline_data:1566 ERROR: status = -5
[  185.081620][ T7074] (syz.4.854,7074,1):ocfs2_write_begin_nolock:1678 ERROR: status = -5
[  185.083990][ T7074] (syz.4.854,7074,1):__ocfs2_page_mkwrite:97 ERROR: status = -5
[  185.086141][ T7074] OCFS2: ERROR (device loop4): int ocfs2_claim_suballoc_bits(struct ocfs2_alloc_context *, handle_t *, u32, u32, struct ocfs2_suballoc_result *): Chain allocator dinode 23 has 4294967295 used bits but only 16777215 total
[  185.091650][ T7074] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted.
[  185.094364][ T7074] OCFS2: Returning error to the calling process.
[  185.096002][ T7074] (syz.4.854,7074,1):ocfs2_claim_suballoc_bits:1983 ERROR: status = -5
[  185.098152][ T7074] (syz.4.854,7074,1):__ocfs2_claim_clusters:2355 ERROR: status = -5
[  185.100236][ T7074] (syz.4.854,7074,1):__ocfs2_claim_clusters:2363 ERROR: status = -5
[  185.102406][ T7074] (syz.4.854,7074,1):ocfs2_local_alloc_new_window:1203 ERROR: status = -5
[  185.104648][ T7074] (syz.4.854,7074,1):ocfs2_local_alloc_new_window:1228 ERROR: status = -5
[  185.106869][ T7074] (syz.4.854,7074,1):ocfs2_local_alloc_slide_window:1302 ERROR: status = -5
[  185.109183][ T7074] (syz.4.854,7074,1):ocfs2_local_alloc_slide_window:1321 ERROR: status = -5
[  185.111484][ T7074] (syz.4.854,7074,1):ocfs2_reserve_local_alloc_bits:671 ERROR: status = -5
[  185.113875][ T7074] (syz.4.854,7074,1):ocfs2_reserve_local_alloc_bits:709 ERROR: status = -5
[  185.116154][ T7074] (syz.4.854,7074,1):ocfs2_reserve_clusters_with_limit:1166 ERROR: status = -5
[  185.118498][ T7074] (syz.4.854,7074,1):ocfs2_reserve_clusters_with_limit:1215 ERROR: status = -5
[  185.120851][ T7074] (syz.4.854,7074,1):ocfs2_convert_inline_data_to_extents:7074 ERROR: status = -5
[  185.123388][ T7074] (syz.4.854,7074,1):ocfs2_try_to_write_inline_data:1566 ERROR: status = -5
[  185.125642][ T7074] (syz.4.854,7074,1):ocfs2_write_begin_nolock:1678 ERROR: status = -5
[  185.127802][ T7074] (syz.4.854,7074,1):__ocfs2_page_mkwrite:97 ERROR: status = -5
[  185.129991][ T7074] OCFS2: ERROR (device loop4): int ocfs2_claim_suballoc_bits(struct ocfs2_alloc_context *, handle_t *, u32, u32, struct ocfs2_suballoc_result *): Chain allocator dinode 23 has 4294967295 used bits but only 16777215 total
[  185.135722][ T7074] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted.
[  185.138293][ T7074] OCFS2: Returning error to the calling process.
[  185.139935][ T7074] (syz.4.854,7074,1):ocfs2_claim_suballoc_bits:1983 ERROR: status = -5
[  185.142087][ T7074] (syz.4.854,7074,1):__ocfs2_claim_clusters:2355 ERROR: status = -5
[  185.144306][ T7074] (syz.4.854,7074,1):__ocfs2_claim_clusters:2363 ERROR: status = -5
[  185.146455][ T7074] (syz.4.854,7074,1):ocfs2_local_alloc_new_window:1203 ERROR: status = -5
[  185.148692][ T7074] (syz.4.854,7074,1):ocfs2_local_alloc_new_window:1228 ERROR: status = -5
[  185.150922][ T7074] (syz.4.854,7074,1):ocfs2_local_alloc_slide_window:1302 ERROR: status = -5
[  185.154927][ T7074] (syz.4.854,7074,1):ocfs2_local_alloc_slide_window:1321 ERROR: status = -5
[  185.157263][ T7074] (syz.4.854,7074,1):ocfs2_reserve_local_alloc_bits:671 ERROR: status = -5
[  185.159534][ T7074] (syz.4.854,7074,1):ocfs2_reserve_local_alloc_bits:709 ERROR: status = -5
[  185.161795][ T7074] (syz.4.854,7074,1):ocfs2_reserve_clusters_with_limit:1166 ERROR: status = -5
[  185.164367][ T7074] (syz.4.854,7074,1):ocfs2_reserve_clusters_with_limit:1215 ERROR: status = -5
[  185.166741][ T7074] (syz.4.854,7074,1):ocfs2_convert_inline_data_to_extents:7074 ERROR: status = -5
[  185.169217][ T7074] (syz.4.854,7074,1):ocfs2_try_to_write_inline_data:1566 ERROR: status = -5
[  185.171521][ T7074] (syz.4.854,7074,1):ocfs2_write_begin_nolock:1678 ERROR: status = -5
[  185.173889][ T7074] (syz.4.854,7074,1):__ocfs2_page_mkwrite:97 ERROR: status = -5
[  185.176626][ T7074] OCFS2: ERROR (device loop4): int ocfs2_claim_suballoc_bits(struct ocfs2_alloc_context *, handle_t *, u32, u32, struct ocfs2_suballoc_result *): Chain allocator dinode 23 has 4294967295 used bits but only 16777215 total
[  185.182502][ T7074] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted.
[  185.185184][ T7074] OCFS2: Returning error to the calling process.
[  185.186919][ T7074] (syz.4.854,7074,1):ocfs2_claim_suballoc_bits:1983 ERROR: status = -5
[  185.189083][ T7074] (syz.4.854,7074,1):__ocfs2_claim_clusters:2355 ERROR: status = -5
[  185.191173][ T7074] (syz.4.854,7074,1):__ocfs2_claim_clusters:2363 ERROR: status = -5
[  185.193381][ T7074] (syz.4.854,7074,1):ocfs2_local_alloc_new_window:1203 ERROR: status = -5
[  185.195626][ T7074] (syz.4.854,7074,1):ocfs2_local_alloc_new_window:1228 ERROR: status = -5
[  185.197939][ T7074] (syz.4.854,7074,1):ocfs2_local_alloc_slide_window:1302 ERROR: status = -5
[  185.200264][ T7074] (syz.4.854,7074,1):ocfs2_local_alloc_slide_window:1321 ERROR: status = -5
[  185.202628][ T7074] (syz.4.854,7074,1):ocfs2_reserve_local_alloc_bits:671 ERROR: status = -5
[  185.204895][ T7074] (syz.4.854,7074,1):ocfs2_reserve_local_alloc_bits:709 ERROR: status = -5
[  185.207185][ T7074] (syz.4.854,7074,1):ocfs2_reserve_clusters_with_limit:1166 ERROR: status = -5
[  185.209579][ T7074] (syz.4.854,7074,1):ocfs2_reserve_clusters_with_limit:1215 ERROR: status = -5
[  185.211923][ T7074] (syz.4.854,7074,1):ocfs2_convert_inline_data_to_extents:7074 ERROR: status = -5
[  185.214498][ T7074] (syz.4.854,7074,1):ocfs2_try_to_write_inline_data:1566 ERROR: status = -5
[  185.216802][ T7074] (syz.4.854,7074,1):ocfs2_write_begin_nolock:1678 ERROR: status = -5
[  185.218959][ T7074] (syz.4.854,7074,1):__ocfs2_page_mkwrite:97 ERROR: status = -5
[  185.221412][ T7074] OCFS2: ERROR (device loop4): int ocfs2_claim_suballoc_bits(struct ocfs2_alloc_context *, handle_t *, u32, u32, struct ocfs2_suballoc_result *): Chain allocator dinode 23 has 4294967295 used bits but only 16777215 total
[  185.227317][ T7074] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted.
[  185.229908][ T7074] OCFS2: Returning error to the calling process.
[  185.231604][ T7074] (syz.4.854,7074,1):ocfs2_claim_suballoc_bits:1983 ERROR: status = -5
[  185.233872][ T7074] (syz.4.854,7074,1):__ocfs2_claim_clusters:2355 ERROR: status = -5
[  185.235949][ T7074] (syz.4.854,7074,1):__ocfs2_claim_clusters:2363 ERROR: status = -5
[  185.238035][ T7074] (syz.4.854,7074,1):ocfs2_local_alloc_new_window:1203 ERROR: status = -5
[  185.240265][ T7074] (syz.4.854,7074,1):ocfs2_local_alloc_new_window:1228 ERROR: status = -5
[  185.242536][ T7074] (syz.4.854,7074,1):ocfs2_local_alloc_slide_window:1302 ERROR: status = -5
[  185.244873][ T7074] (syz.4.854,7074,1):ocfs2_local_alloc_slide_window:1321 ERROR: status = -5
[  185.247180][ T7074] (syz.4.854,7074,1):ocfs2_reserve_local_alloc_bits:671 ERROR: status = -5
[  185.249425][ T7074] (syz.4.854,7074,1):ocfs2_reserve_local_alloc_bits:709 ERROR: status = -5
[  185.251691][ T7074] (syz.4.854,7074,1):ocfs2_reserve_clusters_with_limit:1166 ERROR: status = -5
[  185.254204][ T7074] (syz.4.854,7074,1):ocfs2_reserve_clusters_with_limit:1215 ERROR: status = -5
[  185.256585][ T7074] (syz.4.854,7074,1):ocfs2_convert_inline_data_to_extents:7074 ERROR: status = -5
[  185.258994][ T7074] (syz.4.854,7074,1):ocfs2_try_to_write_inline_data:1566 ERROR: status = -5
[  185.261326][ T7074] (syz.4.854,7074,1):ocfs2_write_begin_nolock:1678 ERROR: status = -5
[  185.265189][ T7074] (syz.4.854,7074,1):__ocfs2_page_mkwrite:97 ERROR: status = -5
[  185.267985][ T7074] OCFS2: ERROR (device loop4): int ocfs2_claim_suballoc_bits(struct ocfs2_alloc_context *, handle_t *, u32, u32, struct ocfs2_suballoc_result *): Chain allocator dinode 23 has 4294967295 used bits but only 16777215 total
[  185.273670][ T7074] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted.
[  185.276304][ T7074] OCFS2: Returning error to the calling process.
[  185.277945][ T7074] (syz.4.854,7074,1):ocfs2_claim_suballoc_bits:1983 ERROR: status = -5
[  185.280092][ T7074] (syz.4.854,7074,1):__ocfs2_claim_clusters:2355 ERROR: status = -5
[  185.282372][ T7074] (syz.4.854,7074,1):__ocfs2_claim_clusters:2363 ERROR: status = -5
[  185.284670][ T7074] (syz.4.854,7074,1):ocfs2_local_alloc_new_window:1203 ERROR: status = -5
[  185.286912][ T7074] (syz.4.854,7074,1):ocfs2_local_alloc_new_window:1228 ERROR: status = -5
[  185.289162][ T7074] (syz.4.854,7074,1):ocfs2_local_alloc_slide_window:1302 ERROR: status = -5
[  185.291461][ T7074] (syz.4.854,7074,1):ocfs2_local_alloc_slide_window:1321 ERROR: status = -5
[  185.293870][ T7074] (syz.4.854,7074,1):ocfs2_reserve_local_alloc_bits:671 ERROR: status = -5
[  185.296130][ T7074] (syz.4.854,7074,1):ocfs2_reserve_local_alloc_bits:709 ERROR: status = -5
[  185.298356][ T7074] (syz.4.854,7074,1):ocfs2_reserve_clusters_with_limit:1166 ERROR: status = -5
[  185.300678][ T7074] (syz.4.854,7074,1):ocfs2_reserve_clusters_with_limit:1215 ERROR: status = -5
[  185.303094][ T7074] (syz.4.854,7074,1):ocfs2_convert_inline_data_to_extents:7074 ERROR: status = -5
[  185.305524][ T7074] (syz.4.854,7074,1):ocfs2_try_to_write_inline_data:1566 ERROR: status = -5
[  185.307827][ T7074] (syz.4.854,7074,1):ocfs2_write_begin_nolock:1678 ERROR: status = -5
[  185.309957][ T7074] (syz.4.854,7074,1):__ocfs2_page_mkwrite:97 ERROR: status = -5
[  185.312139][ T7074] OCFS2: ERROR (device loop4): int ocfs2_claim_suballoc_bits(struct ocfs2_alloc_context *, handle_t *, u32, u32, struct ocfs2_suballoc_result *): Chain allocator dinode 23 has 4294967295 used bits but only 16777215 total
[  185.317790][ T7074] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted.
[  185.320392][ T7074] OCFS2: Returning error to the calling process.
[  185.322065][ T7074] (syz.4.854,7074,1):ocfs2_claim_suballoc_bits:1983 ERROR: status = -5
[  185.324396][ T7074] (syz.4.854,7074,1):__ocfs2_claim_clusters:2355 ERROR: status = -5
[  185.326476][ T7074] (syz.4.854,7074,1):__ocfs2_claim_clusters:2363 ERROR: status = -5
[  185.328570][ T7074] (syz.4.854,7074,1):ocfs2_local_alloc_new_window:1203 ERROR: status = -5
[  185.330806][ T7074] (syz.4.854,7074,1):ocfs2_local_alloc_new_window:1228 ERROR: status = -5
[  185.333136][ T7074] (syz.4.854,7074,1):ocfs2_local_alloc_slide_window:1302 ERROR: status = -5
[  185.335452][ T7074] (syz.4.854,7074,1):ocfs2_local_alloc_slide_window:1321 ERROR: status = -5
[  185.337724][ T7074] (syz.4.854,7074,1):ocfs2_reserve_local_alloc_bits:671 ERROR: status = -5
[  185.340013][ T7074] (syz.4.854,7074,1):ocfs2_reserve_local_alloc_bits:709 ERROR: status = -5
[  185.342371][ T7074] (syz.4.854,7074,1):ocfs2_reserve_clusters_with_limit:1166 ERROR: status = -5
[  185.344698][ T7074] (syz.4.854,7074,1):ocfs2_reserve_clusters_with_limit:1215 ERROR: status = -5
[  185.347101][ T7074] (syz.4.854,7074,1):ocfs2_convert_inline_data_to_extents:7074 ERROR: status = -5
[  185.349503][ T7074] (syz.4.854,7074,1):ocfs2_try_to_write_inline_data:1566 ERROR: status = -5
[  185.351768][ T7074] (syz.4.854,7074,1):ocfs2_write_begin_nolock:1678 ERROR: status = -5
[  185.354026][ T7074] (syz.4.854,7074,1):__ocfs2_page_mkwrite:97 ERROR: status = -5
[  185.356204][ T7074] OCFS2: ERROR (device loop4): int ocfs2_claim_suballoc_bits(struct ocfs2_alloc_context *, handle_t *, u32, u32, struct ocfs2_suballoc_result *): Chain allocator dinode 23 has 4294967295 used bits but only 16777215 total
[  185.361805][ T7074] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted.
[  185.364558][ T7074] OCFS2: Returning error to the calling process.
[  185.366227][ T7074] (syz.4.854,7074,1):ocfs2_claim_suballoc_bits:1983 ERROR: status = -5
[  185.368401][ T7074] (syz.4.854,7074,1):__ocfs2_claim_clusters:2355 ERROR: status = -5
[  185.370498][ T7074] (syz.4.854,7074,1):__ocfs2_claim_clusters:2363 ERROR: status = -5
[  185.374316][ T7074] (syz.4.854,7074,1):ocfs2_local_alloc_new_window:1203 ERROR: status = -5
[  185.376575][ T7074] (syz.4.854,7074,1):ocfs2_local_alloc_new_window:1228 ERROR: status = -5
[  185.378828][ T7074] (syz.4.854,7074,1):ocfs2_local_alloc_slide_window:1302 ERROR: status = -5
[  185.381147][ T7074] (syz.4.854,7074,1):ocfs2_local_alloc_slide_window:1321 ERROR: status = -5
[  185.383562][ T7074] (syz.4.854,7074,1):ocfs2_reserve_local_alloc_bits:671 ERROR: status = -5
[  185.385860][ T7074] (syz.4.854,7074,1):ocfs2_reserve_local_alloc_bits:709 ERROR: status = -5
[  185.388411][ T7074] (syz.4.854,7074,1):ocfs2_reserve_clusters_with_limit:1166 ERROR: status = -5
[  185.390776][ T7074] (syz.4.854,7074,1):ocfs2_reserve_clusters_with_limit:1215 ERROR: status = -5
[  185.393215][ T7074] (syz.4.854,7074,1):ocfs2_convert_inline_data_to_extents:7074 ERROR: status = -5
[  185.395670][ T7074] (syz.4.854,7074,1):ocfs2_try_to_write_inline_data:1566 ERROR: status = -5
[  185.397955][ T7074] (syz.4.854,7074,1):ocfs2_write_begin_nolock:1678 ERROR: status = -5
[  185.400129][ T7074] (syz.4.854,7074,1):__ocfs2_page_mkwrite:97 ERROR: status = -5
[  185.402485][ T7074] OCFS2: ERROR (device loop4): int ocfs2_claim_suballoc_bits(struct ocfs2_alloc_context *, handle_t *, u32, u32, struct ocfs2_suballoc_result *): Chain allocator dinode 23 has 4294967295 used bits but only 16777215 total
[  185.408352][ T7074] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted.
[  185.410919][ T7074] OCFS2: Returning error to the calling process.
[  185.412679][ T7074] (syz.4.854,7074,1):ocfs2_claim_suballoc_bits:1983 ERROR: status = -5
[  185.414877][ T7074] (syz.4.854,7074,1):__ocfs2_claim_clusters:2355 ERROR: status = -5
[  185.416979][ T7074] (syz.4.854,7074,1):__ocfs2_claim_clusters:2363 ERROR: status = -5
[  185.419079][ T7074] (syz.4.854,7074,1):ocfs2_local_alloc_new_window:1203 ERROR: status = -5
[  185.421312][ T7074] (syz.4.854,7074,1):ocfs2_local_alloc_new_window:1228 ERROR: status = -5
[  185.423700][ T7074] (syz.4.854,7074,1):ocfs2_local_alloc_slide_window:1302 ERROR: status = -5
[  185.426070][ T7074] (syz.4.854,7074,1):ocfs2_local_alloc_slide_window:1321 ERROR: status = -5
[  185.428375][ T7074] (syz.4.854,7074,1):ocfs2_reserve_local_alloc_bits:671 ERROR: status = -5
[  185.430598][ T7074] (syz.4.854,7074,1):ocfs2_reserve_local_alloc_bits:709 ERROR: status = -5
[  185.432992][ T7074] (syz.4.854,7074,1):ocfs2_reserve_clusters_with_limit:1166 ERROR: status = -5
[  185.435408][ T7074] (syz.4.854,7074,1):ocfs2_reserve_clusters_with_limit:1215 ERROR: status = -5
[  185.437769][ T7074] (syz.4.854,7074,1):ocfs2_convert_inline_data_to_extents:7074 ERROR: status = -5
[  185.440195][ T7074] (syz.4.854,7074,1):ocfs2_try_to_write_inline_data:1566 ERROR: status = -5
[  185.442551][ T7074] (syz.4.854,7074,1):ocfs2_write_begin_nolock:1678 ERROR: status = -5
[  185.444716][ T7074] (syz.4.854,7074,1):__ocfs2_page_mkwrite:97 ERROR: status = -5
[  185.446907][ T7074] OCFS2: ERROR (device loop4): int ocfs2_claim_suballoc_bits(struct ocfs2_alloc_context *, handle_t *, u32, u32, struct ocfs2_suballoc_result *): Chain allocator dinode 23 has 4294967295 used bits but only 16777215 total
[  185.452567][ T7074] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted.
[  185.455198][ T7074] OCFS2: Returning error to the calling process.
[  185.456887][ T7074] (syz.4.854,7074,1):ocfs2_claim_suballoc_bits:1983 ERROR: status = -5
[  185.459037][ T7074] (syz.4.854,7074,1):__ocfs2_claim_clusters:2355 ERROR: status = -5
[  185.461145][ T7074] (syz.4.854,7074,1):__ocfs2_claim_clusters:2363 ERROR: status = -5
[  185.463371][ T7074] (syz.4.854,7074,1):ocfs2_local_alloc_new_window:1203 ERROR: status = -5
[  185.465623][ T7074] (syz.4.854,7074,1):ocfs2_local_alloc_new_window:1228 ERROR: status = -5
[  185.467849][ T7074] (syz.4.854,7074,1):ocfs2_local_alloc_slide_window:1302 ERROR: status = -5
[  185.470193][ T7074] (syz.4.854,7074,1):ocfs2_local_alloc_slide_window:1321 ERROR: status = -5
[  185.472530][ T7074] (syz.4.854,7074,1):ocfs2_reserve_local_alloc_bits:671 ERROR: status = -5
[  185.474734][ T7074] (syz.4.854,7074,1):ocfs2_reserve_local_alloc_bits:709 ERROR: status = -5