last executing test programs:

1m50.563911721s ago: executing program 1 (id=563):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmsg$NL80211_CMD_SET_PMK(r1, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x200480c4}, 0x4)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000000300)=""/102392, 0x18ff8)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(0xffffffffffffffff, 0x10e, 0x1, 0x0, 0x0)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000600)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast6-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r4 = accept4(r3, 0x0, 0x0, 0x800)
sendmmsg$alg(r4, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{0x0}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11", 0xce}], 0x2}], 0x1, 0x40800)
recvmsg(r4, 0x0, 0x0)
r5 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r5, 0x1, &(0x7f0000000b40)='source', 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r5, 0x6, 0x0, 0x0, 0x0)

1m46.334253108s ago: executing program 1 (id=566):
r0 = socket$inet6(0xa, 0x802, 0x0)
setsockopt$inet6_buf(r0, 0x29, 0x39, 0x0, 0x0)
setsockopt$inet6_opts(r0, 0x29, 0x37, &(0x7f0000000000)=ANY=[], 0x18)
connect$inet6(r0, &(0x7f0000000240)={0xa, 0x6e23, 0xfffffdff, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x9}, 0x1c)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000006c0)=@newchain={0x24, 0x64, 0x200, 0x70bd2c, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0x8, 0x9}, {0x8, 0x7}, {0xe, 0xfff1}}}, 0x24}}, 0x24000040)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=@newtaction={0x64, 0x30, 0x9e54f29ff072a93b, 0x0, 0x25dfdbfc, {}, [{0x50, 0x1, [@m_csum={0x4c, 0x1, 0x0, 0x0, {{0x9}, {0x20, 0x2, 0x0, 0x1, [@TCA_CSUM_PARMS={0x1c, 0x1, {{0x4}, 0x2d}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x64}}, 0x0)
sendmmsg(r1, &(0x7f00000002c0), 0x40000000000009f, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = syz_open_procfs(0x0, &(0x7f0000000240)='clear_refs\x00')
writev(r3, &(0x7f0000000400)=[{&(0x7f0000000280)='3', 0x1}, {&(0x7f0000000340)="2009f5", 0x3}], 0x2)
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r3, 0x40182103, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000000000)={0x2000000000000308, &(0x7f00000000c0)=[{0x28, 0x7, 0x0, 0xa56e}, {0x40, 0x0, 0x20, 0xa1a}]}, 0x10)
r5 = openat$iommufd(0xffffffffffffff9c, &(0x7f00000002c0), 0xc0000, 0x0)
ioctl$IOMMU_TEST_OP_ACCESS_PAGES(r5, 0x3ba0, 0x0)
r6 = syz_open_dev$I2C(&(0x7f0000000000), 0x1, 0x402)
ioctl$I2C_RDWR(r6, 0x707, &(0x7f0000000300)={0x0})
r7 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)={0x2, 0x1, 0x0, 0x2, 0x2}, 0x10}}, 0x0)

1m38.319906355s ago: executing program 1 (id=579):
socket$can_raw(0x1d, 0x3, 0x1)
mkdir(0x0, 0xa)
mount$binder(0x0, &(0x7f0000001640)='./file0\x00', 0x0, 0x80, 0x0)
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000), 0x101402, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000100)=0x5)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x8000102)
socket$inet_sctp(0x2, 0x3, 0x84)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000007c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000100), 0x60001, 0x0)
syz_genetlink_get_family_id$l2tp(&(0x7f0000000080), r0)
sendmsg$L2TP_CMD_SESSION_MODIFY(r0, &(0x7f00000002c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x100000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x40004}, 0xc8d4)
setresgid(0x0, 0x0, 0x0)
write$binfmt_register(r0, &(0x7f0000000000)={0x3a, 'syz3', 0x3a, 'E', 0x3a, 0xa, 0x3a, '\'@^', 0x3a, '', 0x3a, './file0'}, 0x1e)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
openat$iommufd(0xffffffffffffff9c, 0x0, 0xec040, 0x0)

1m31.420160548s ago: executing program 1 (id=588):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000240)={0x2, 0x4e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f0000ccb000)={0x2, 0x4e20, @local}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x3, &(0x7f0000001a00)=ANY=[@ANYBLOB="18000000030000000000000026d0000095002b000000000093adff012255f674412d02000000880b5f04596a5e99fce658be2f200c699223886d8be4b50000005ab527ee3697f98125f30e6326996a3cfee33025a30b45bdcf2c69d105e5e55a1d273683623f1a5dc6e3c7e20eb7a98ecf3bd2cf898e924abe26ac296f660e69ba982fd76e00dcff7f0000ca6b78ad833488cfe4109eaf009eddcf21f5c63cde2f00150200000001000000520a0000151d010000000100bf00000000cc587424363da52001a3cdf2000000db74596fd72c002a60c1bc7dc8c38b7d2e13c50424b9dd1145d03ff45f70685c6bd9ff41c69b7de406e89dcbb7677e65a88a8407a9e7f9c0e91028b0856eb1ed9474480737a55ebb0bd701f7fb21135c6172eba7eb8a341f07e5a2d1e88b3cfc22df01e4bac9d97328fa2a82b5e8741e02056d93a433f50479387467824262852c7939db5672d07cdbe8e14abf56497e5d56dbe37551b870b2851c3f0a1a9ebfcba105a6ccdd01b0f04edb256c0200000073f6db43661bd7f0e2536ffbfe5ca31b4083145531458b7d1e341c6b351ebc5223f54d6bec93f4ef088e5d1be2515226988d664709ff03f1aa3dc7f1580ace9bf2afd28d0700000000000000d6eb372713255012e028cb2654d493a0b43bf21375709f348f5eda2967199cc936859a538100070000000000dc10e13ef227f627a40000ad1fa253d33fa74f172d3407ae4e1e347c0c6ef9dd2b6bb700000000000000000c586272c3f4d79bc36315745cb149f3cb385e6add14652003c7cdd3324f07d134d3a6c718bbd1aafe1140cff0be4c6f8df084c5e9734ae30aa9af030025f01ab03a9b1074407136bc506031f0916a39d3057d55183612b39e73ae8e6dc30356886a831836469e2051d937eb85f3f2d5ae2c1dca476b97419a3b76ed62409d004d7fbe362145d19605d760df4c5124ca325d374b371867a79b35c6617fc3327191fbf514573f0e30d1d60be2168fffc2f3dccd599a2cb77f124e22f87673675805494db821f39b50d938d5fd8c6b2a3a324c257bc9110971b749ccd74089ed6b86f81ca3ba47d8f71d290ed1b1a11f7a67125170c88c3b6a50692cc0064fc6bbd312536ac15016c85c6332226401b110da9c786eeca22debc99335587b54c13c3107008fa069af8223b38ced735c2d906551004d8dc10d88738488da01ffa4add56474573c964a270000f2f16625c0c10200000000c7a5ca60fdad159f2e44171f39638410020000004825d081f2d987f05c534187738655d7dc958f2046fa0c1619a6554b82d9c162eb61ca74f1ffdaccf0ea5f06e0fca8b27ff3983ab74fd3d560700a1fab44e77e312b3b129e000302d613916c9bcf9f0000fac73a5b6bfb27f88dba816020be760f7b45e001efada8000000000000fdaf4660402f7b3b79a433e08074ea2462974a00040000eb01352638f56dae0249d15ba8767259658878b7492cfbacde9b57cf4de00788adce638190f3570e0b4c80ef682df22201270955afb6008846557ee3bc09fda6dbb6550d597300eb82a184c96ffde5a30e5433e866665b98ca2002c804c22ff2634b7bfbf5c0d586cda5b45fd00dede1e88a4d41dee7cc76d7a23d06acb1d2d4c58faea84158bb440df2a694f4cdcaa4f65c22efffffffffffdd00000000d503d79986958115ae07b70f991430b7fb475d77b869ee02000000000000000000001ffff0ef89b2a68d2b05c995445d8a7700bcdfbec74fb2dd163e863315e84498dfb52bb93f6c9084659ce777ddac563c8596c2b1d8180289a61faa95a82bf1cfb7f2fd7252e9322abe282c33445d443a67467893b9bf0d1c8130ae6b226900000635376413c29f7c6f7b7e29b9a0c64e68328661f0c06e21f7d7dc22174ea4447a6f60edef3a4168d40200fbc71104512efe8e5d7d934aa289b4bd2b870000000000000000000007000000002000000000009b777883a02f0593dfc4cb4114b9f9cf4ad155110cc6ace2b322ac31bfa27847c799c8009a1ea5b98e525e6383ad7fd9795170e7b11e247603c2ff49a11459c7f606d729d3979676bffb3049166bb84a0f061991bd57c2566c10c282352aba05b6164ef876915a3f2491e4793e590dcc71de10da96366c1e992c0068c940dd4422c9882d3aa0f8a797b8fea6efcfb5276b7679f15559edaa977504cc0b2f777acb907ebf5fc14add71d0bca37405ded69b77ab4a3d7487fd04000000de17e1e13b93669b79556abb722d9c085b189b5fd1f30e8dc813f608830b110001732135e8e7262f290000923bfb6b41ff3792cee2fc37eee739c3e36a4bc80112968ec0d8902eced1fe552018014a463abbbf7ccd6a92a5734e3ebfca9b6e88e031f31de2183652e77c164c646a1cfd3710aa4205d8d4d4f974133ccb1e49feb42664eccd809c0ba8917eda87489e8946d5c8156197bcb66fd5606c63e3389ee9e8552381646365066ef9a36a449c96485c22ad1aa423b7b89efbc6cd54000bb0ea5f4f1e8773144fb6ac9a44d43593d77e66aa7ed7f3d4e7b211590c738888d02b2dbb0b2ba73ec72e1d8d7360a128499dd19e1e7b9b0671f4f58515b45ecb9964f3c4ddb8234391d514f8d996d8d6dd7f8fadfee2d7a0035638ce27c2936cb04b30a0eb0cde0000000000000040000000ec3c12ecee8fc3a40000000000000000e215b00ce2570b930723cbadb4033d1b8aaa2cfb3fb89e4a6e89737fd6232218a9e0c099d1eb59d60b3cca089785642f327139bc4394fb6d547a9b3c22599e780c1da7433fb47615d372e3fffe9703e37d5c87d513165278650738efcc04d27b766cf7f60066edd292f6c8a2174f391ed164bb1816819ceb3e378e776d422bc946cd9501accebeac3a5b31d8abc68ae537cd44a04e6bc21c35a7beab2610c51e593676bf635a20f597f4631b91454d182f826071f5210bd6d93173589929b23801e63c2266fde13b5a04b8d48be057c752bc415a756ea9b4d34156c4f73dd5e5924ef101a5fcdaf37c7ba2c4a9de9b000000000000000000000000000000a73b862e4b63c245616b522345587d0ee65a6902bdd0abd941e8aba37510b222ae544f395edd1b92ad53fc68f08ea00edc5e10d768836169dd296d56b306e8b75778c37571792a6c3d8b02ef378ebd59422cdd008bef6f80a80a68641ea5ed4f1126bb676098c10bf663eb3fb8c839364d28fd046dc64b35f9c3397ce6f4ad357b0000000000090000000088c7a8e2638f650a6f04a6f33a090f59414d6ebcbc687e66d600000000bd0a58ea6d36fc2cf9b9a71c137a2a22adb1006f371d4faf47285fd66fe0389afb96854bb360edcdf11b4ff6dd578bba93e949d240cde9b5836cb46032484dc19c93db7b6e5afa10547c78e76a3111557346e52566df196fd630561bb908fff4d2e19562aabd43742a26a43799f8636fa04ceb40c9e4ca1cfbbc7b949cd245a3ee118fd0d4f639444539af8766028d4ac4d4c548e290199e0dacbb4f6796b39bf32934d941ba2f88e3ebd0cf8e24f99eca86e4ca9b2cd2b54044a7fc4631572a6378a32df288785f146275c1f548e2a0c1016744e05f9de5044373d7650125027547eefe7b2d8c8871bb65395fae99d8456883705bfdfb00001854b2e5efa8aaf25827d659f592b1575281ec125de7fb91cd81d91dcb19f5cdf1e1e2b4a8a1389753a09110538689e38e07fb2dc72bd4fd11d7bc16aac5d85c6101bb722895248e463a5fb45ce0e564e90cb19d5993b471687ae4165e29cf2f58082115f5f8569896eedfd798733223e6d6584997510c374912ab798bd4af4654c01bb2c411bc36468ddd62b4eba5cfc8953526e0e5b1359797956152d0098ce47c62c3fe5a23219389622b7f65bf03527d25c3941b9cf1ffeedf6d99082bb57ea871c12213cc40900f83033bc18c529171fae324c315bc6ce358831d0230412212acfd5fc8d5cb0d028cf568e8bb40e27befe2ff01f7c6674a4d86d900633ea36641e0a781ea0ea7f2d928b8b22e2f97dd13348927375baea6863bef4acf4299096ada5cdd2a0eaafaa760a79d102d1e0c0000000000000000007926653b8d79ce16a432f124786a0bc3c5b7d196822492ae1ccf91aeac16406ad6f9cd3d96d57fceba8360ae49f73351814c9c2972f11064aaf3739d9100f9c0e4d0cb17d50c82e305ba7d62cf1cc6da26e34982a8c74dd8122cf5b5e7c34fd2712a0cef05e4d8ec7dd363219676bd9b19943185b132eb35a695e208dfa5cecdb1d6425c8879063c0f11bd64291a4209ee6dc1d9e9010013f6148c603e6a335e298efd6ab5cccc47a2c568c6afec54f8251bd840752addf200371361c9eedf05ed98585cf6d99e9e56055064bda2d373369761238c278147cd0eb7799f6b9c9fcaa3fd282154994f5b25420c86db9b6401e885de1c615a719a1c83e8fbbb181282dbaf3313a4e4a4877e9f37607e2cd6da0cf6371ec06a75f5a4206b2418ad8897ae149085d63f01f22eca44033234b3930b4d5da756669a1d59d69e7de54abf439988ed7ec33c2d0a901bb0985a24878984d8a4340fa9a356d100926fb5f2ef9976366a61b8cc2bcb1c072b0e9c564852388e1edff10d75b3832792e471cc15b40380f94d834243080158603fbc9134d6983c540525447478984611c0d9666941bfc0a30db47a8828b6e5c51aee2094599b4ce52795750e1764f1657ca8c5633c71287239dddf5c651496f7bbd148c937f083d2e4e0197dbc6ff0649c749707b17399b1d7efad23abb8b40b38704737e15662ae4913a4a001cd3b71c7af75b5ffad9780650c800a40ca80ddc41987919142fd28dbf22db5f4c435415a03455e1d55d1783ccef97d7e4655cf839d06f06e137bbe462a03b3100231914b19739dd57b4f12d026ad0c7fd3"], &(0x7f00002bf000)='GPL\x00', 0x4, 0x436, &(0x7f0000000040)=""/183, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffffffffffc95}, 0x48)
r2 = socket$kcm(0x29, 0x2, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000180)={r0, r1})
sendmmsg$inet(r2, &(0x7f00000012c0)=[{{0x0, 0x0, &(0x7f0000000b00)=[{&(0x7f00000002c0)="89", 0x1}], 0x1, &(0x7f00000001c0)=ANY=[], 0xd0}}, {{0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000300)="40e3", 0x2}], 0x1}}], 0x2, 0x40)

1m31.054794589s ago: executing program 1 (id=589):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x110b, 0x8000000000002})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x800, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x10000000000)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
mmap$fb(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x0, 0x13, r2, 0xd8000)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x1000}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000b00)={0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000a40)='d'})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x50, 0x0, &(0x7f0000000580)="97713b46fbaa2b1044f2d408ffca802db4d770eb9874f493e0ef367e4bde497c403b450c72ff2417d079bb892435a1e107fa5c0ecd207d9e6f2a209bf148e6bc56955cb53347d1499097488fcad724a1"})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f00000002c0)={0x44, 0x0, &(0x7f0000000740)=[@reply={0x40406301, {0x2, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})

1m30.625975204s ago: executing program 1 (id=590):
r0 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r0, 0x0, 0x0)
socket(0x2, 0x80805, 0x0)
socket$inet6(0x10, 0x3, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_clone(0x5120900, 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000003c0)="192d2dac0462f843e87b4c0e051362de0f7bc9b318ad857fe57082b32b5df6cbd8349525f6cb8cb76c636eb4a7baea9b19a63cd81835cbe8936633d73adbc7f883f59e6c61517703909b023a2c47c005609250baa659804be6dc00652c05ab4b4c9fb31489c768c6156f0aff60e96672fcfa98b32a1edf8e5a14bc6ff5")
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x4002)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r3, 0x0, 0x0)
r4 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
readv(r4, &(0x7f0000001040)=[{&(0x7f00000021c0)=""/4090, 0xffa}], 0x1)
preadv(r4, &(0x7f0000002180), 0x0, 0x61, 0xdde74e3a)

1m14.426406109s ago: executing program 32 (id=590):
r0 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r0, 0x0, 0x0)
socket(0x2, 0x80805, 0x0)
socket$inet6(0x10, 0x3, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_clone(0x5120900, 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000003c0)="192d2dac0462f843e87b4c0e051362de0f7bc9b318ad857fe57082b32b5df6cbd8349525f6cb8cb76c636eb4a7baea9b19a63cd81835cbe8936633d73adbc7f883f59e6c61517703909b023a2c47c005609250baa659804be6dc00652c05ab4b4c9fb31489c768c6156f0aff60e96672fcfa98b32a1edf8e5a14bc6ff5")
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x4002)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r3, 0x0, 0x0)
r4 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
readv(r4, &(0x7f0000001040)=[{&(0x7f00000021c0)=""/4090, 0xffa}], 0x1)
preadv(r4, &(0x7f0000002180), 0x0, 0x61, 0xdde74e3a)

21.659327747s ago: executing program 3 (id=709):
truncate(&(0x7f0000000000)='./file0\x00', 0x96f)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x1, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000003c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f0000000340), 0x0, &(0x7f00000004c0), 0x200000, &(0x7f0000000c00)=ANY=[])
chdir(0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0xb, 0x3, &(0x7f00000001c0)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x94)
mknodat$loop(0xffffffffffffff9c, 0x0, 0x6000, 0x1)
write$UHID_INPUT(0xffffffffffffffff, 0x0, 0x0)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f00000000c0))
r3 = add_key$user(&(0x7f0000000380), &(0x7f0000000000)={'syz', 0x0}, &(0x7f0000000140)='_', 0x1, 0xfffffffffffffffe)
r4 = add_key$user(&(0x7f0000000200), &(0x7f00000005c0), &(0x7f00000000c0), 0x390, 0xfffffffffffffffd)
r5 = add_key$user(&(0x7f0000006400), &(0x7f0000006c00)={'syz', 0x3}, &(0x7f0000000840)="3e12d23d346cfdeb1716f738274bc1c03bee4423fa20837e6e86b86592e9be8351aabbd6e24f37d5095f839fa4a3507df4f7526f2440e7988da94ccd868dd8741d1e43eba0b67b516be14a8b51a75bfd611b2d7ae6a21d056c2c5116a416a76b1a03dc55ea62d43c809e0ed6e56163fdab317afd5c34d614367e4425bb9a97e38b8beb84ef6d549eed5aaa86dbe646fc95b4b88e2afb55ae6f1229bcf13ecff7a597f452bed6b6fb4c812df9be8e35d8d15086609c033a5d2a42d5dcb0d103098fa302c5b1d48f913f8b22a30a47d9ae02000000e2b855845f39806305f56d918cc5b4023fdbe9cae4147c84583ec9dd375031ba5ae65e31f00e641832d29ed658b91f349b801b8b0d2de59d006ce210a0351b6bbd06c77c9aa67b5d7287fc1bfa1d0bf035ccdd4b20d7f95b5c77afde046b146ce8b395126fceb6cca68972ac02bc7d3cbca85e30a02db8", 0x14b, 0xfffffffffffffffe)
keyctl$dh_compute(0x17, &(0x7f0000000100)={r3, r4, r5}, 0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)={'sha256\x00'}})
r6 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
bind$bt_sco(r6, &(0x7f0000000000), 0x8)
listen(r6, 0x6227)

18.965640064s ago: executing program 3 (id=713):
sched_setscheduler(0x0, 0x7, &(0x7f0000000080)=0x2)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x4)
socket$inet6_mptcp(0xa, 0x1, 0x106)
socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
mount$tmpfs(0x0, 0x0, &(0x7f0000000400), 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB='hu'])
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000000c0)='tracefs\x00', 0x1214040, 0x0)
mount$overlay(0x0, 0x0, &(0x7f0000000180), 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000003c0)={[{@xino_auto}, {@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0)
getdents64(r1, &(0x7f0000000580)=""/174, 0xff56)
syz_io_uring_submit(0x0, 0x0, 0x0)
setresuid(0xffffffffffffffff, 0xee00, 0xffffffffffffffff)

11.946327373s ago: executing program 3 (id=726):
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x13, 0x4, 0x0, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0258ff000000000000000058000b4824ca945f64009400ffc094010ebc000000000000008000f0fffeff0300000000fff5dd00000010000100090810000c0000000204", 0x56}], 0x1)
bpf$MAP_CREATE(0x100000000000000, 0x0, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000740)=ANY=[@ANYBLOB], &(0x7f0000000000)='GPL\x00', 0x2}, 0x94)
mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0xfffffffffcffffff, 0x20031, 0xffffffffffffffff, 0xbe9f5000)
r1 = userfaultfd(0x80001)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x80242, 0x0)
ftruncate(r2, 0x2007ffc)
r3 = open(&(0x7f0000000400)='./bus\x00', 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0xe, 0x0, &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8}, 0x94)
syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x3)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_open_pts(0xffffffffffffffff, 0x141601)
read(r3, &(0x7f0000000180)=""/19, 0xfffffe47)
ioctl$USBDEVFS_GETDRIVER(0xffffffffffffffff, 0x41045508, &(0x7f0000000580)={0x1, "3d6688e329343ce3a83f185872dbeddb5003ce172d596e90e4aec0a227982ce525d6ded781f23c087183676027015580366a911fc4eb8aeb098d69a3a1bb1df2cdaaf4e8c611960653a3d9e2603fc656a14be867291734656512ae9b61fb8be59f07fd1563c0778cb102a56a10cf882917b9d666996139b0a662b72349f30881f9d3bc588a87e06fb0522b20c4a8a6ef7a6a3a6958f8b5ce900f87712148fcbacc7110f83d840a3d18e33e82893083ef087d491b446fbb63dbd78b0f1001554e3eed406d57c0afabfc969a87f682a8c87d6c246e93ec8de668389e6f788af3ed0e63943edc36625e10dcdf40e212136c5444b5fb1edf75fe920464bdc506d8e3"})
pidfd_send_signal(0xffffffffffffffff, 0xc, 0x0, 0x0)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000040)={0xaa, 0x2e8})
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000140)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x4})
syz_usb_connect$uac1(0x2, 0xa4, &(0x7f0000000300)=ANY=[@ANYBLOB="12010003000000106b1d01014000010203010902928444eaf10566670b000000010100000a240181001002011a092405020998ba757408240804000205af092405030a4487c04e07240503052bca0924080107000bbca5092408020500570fc8090401000001020000090401016ecff24e00090501090002380b07072501030ac8040904"], &(0x7f00000002c0)={0x0, 0x0, 0x3f, 0x0})
ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000080)={&(0x7f00006c6000/0x400000)=nil, &(0x7f000018b000/0x3000)=nil, 0x400000, 0x0, 0x18100})
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xe, 0x4, &(0x7f0000000a80)=ANY=[], 0x0}, 0x94)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000001080)=ANY=[@ANYBLOB="0900000018000000080000004000000042000000", @ANYRES32=0x1, @ANYBLOB="000000000041a47d6d65b09eec3b000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100), &(0x7f0000000580), 0x1000, r4}, 0x38)
r5 = socket$inet6(0xa, 0x800000000000002, 0x0)
setsockopt$sock_linger(r5, 0x1, 0x3c, 0x0, 0x0)
sendto$inet6(r5, 0x0, 0x0, 0x4c881, &(0x7f0000000540)={0xa, 0x4e24, 0x10, @mcast2}, 0x1c)
sendmmsg$inet6(r5, &(0x7f0000000880)=[{{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000580)='B', 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f00000006c0)}}, {{0x0, 0x0, &(0x7f0000000a40)=[{0x0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000e40)=[{&(0x7f0000000bc0)}], 0x1}}, {{0x0, 0x0, &(0x7f0000001100)=[{&(0x7f0000000f00)="e8", 0x1}], 0x1}}, {{0x0, 0x0, 0x0}}], 0x6, 0x400c404)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000001600)={r4, &(0x7f0000000580), &(0x7f0000001580)=""/92}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x12, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000010000000000000000000000711823000000000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock_addr=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

10.654030599s ago: executing program 4 (id=730):
socket$packet(0x11, 0x2, 0x300)
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000380)=ANY=[@ANYRES32=r0, @ANYRES16], 0x0, 0x26}, 0x28)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000340)={{0x1}, &(0x7f0000000300), &(0x7f0000000100)=r1}, 0x1c)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
io_uring_setup(0x6b73, &(0x7f0000000000)={0x0, 0x3da5, 0x10, 0x0, 0x2e7})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x18, 0x3, &(0x7f0000000540)=ANY=[], &(0x7f0000000280)='GPL\x00', 0xa, 0xb9, &(0x7f0000000140)=""/185, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x6004, 0x1)
openat(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', 0x414902, 0x80)
mount(&(0x7f0000000240), &(0x7f0000000200)='./file0\x00', &(0x7f0000000140)='ufs\x00', 0x0, 0x0)

8.763819879s ago: executing program 0 (id=732):
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
fcntl$lock(0xffffffffffffffff, 0x6, 0x0)
r3 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000002100), 0x48)
close(r3)
r4 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x8, &(0x7f0000000000)=@framed={{0x18, 0x6}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r4}}]}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x8, &(0x7f0000000540)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r3}}]}, &(0x7f0000000640)='syzkaller\x00', 0x7, 0xf9, &(0x7f0000000080)=""/249}, 0x24)
syz_open_procfs(0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000180)={0x0, 0x0})
socket$inet6_udp(0xa, 0x2, 0x0)
syz_emit_ethernet(0x2a, &(0x7f0000000540)=ANY=[@ANYBLOB], 0x0)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r5, 0x89f3, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=ANY=[@ANYBLOB="1c0000001d00010a000000000000000004010000080001"], 0x1c}}, 0x20000080)

7.850409872s ago: executing program 0 (id=734):
r0 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/comedi3\x00', 0x181001, 0x0)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000080)={0x60000006})

7.72766233s ago: executing program 2 (id=735):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="22000000040000001000000012"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000380)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
socket$inet_sctp(0x2, 0x1, 0x84)
socket(0x2, 0x3, 0x67)
r3 = syz_open_dev$vim2m(&(0x7f0000000000), 0x800, 0x2)
ioctl$vim2m_VIDIOC_S_CTRL(r3, 0xc008561c, &(0x7f0000000040)={0xf0f024})
ioctl$vim2m_VIDIOC_S_FMT(r3, 0xc0d05605, &(0x7f0000000540)={0x2, @pix={0x3, 0x401, 0x3132564e, 0x1, 0x3, 0x3, 0xc, 0x7, 0x0, 0x0, 0x0, 0x3}})
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1e000000000000003a0000000300000000000000", @ANYRES32=0x1, @ANYBLOB="000200"/15, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000000000000300"], 0x50)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000001740)={r4, 0x0, &(0x7f0000001700)=""/50}, 0x20)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x20004000)

7.516905882s ago: executing program 4 (id=736):
sched_setscheduler(0x0, 0x7, &(0x7f0000000080)=0x2)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x4)
socket$inet6_mptcp(0xa, 0x1, 0x106)
socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
mount$tmpfs(0x0, 0x0, &(0x7f0000000400), 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB='hu'])
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000000c0)='tracefs\x00', 0x1214040, 0x0)
mount$overlay(0x0, 0x0, &(0x7f0000000180), 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000003c0)={[{@xino_auto}, {@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0)
getdents64(r1, &(0x7f0000000580)=""/174, 0xff56)
syz_io_uring_submit(0x0, 0x0, 0x0)
setresuid(0xffffffffffffffff, 0xee00, 0xffffffffffffffff)

6.974406664s ago: executing program 3 (id=737):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_open_dev$dri(&(0x7f0000003700), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r3, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r3, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[<r4=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANE(r3, 0xc02064b6, &(0x7f00000001c0)={r4, <r5=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_GET_LEASE(r3, 0xc01064c8, &(0x7f0000000280)={0x1, 0x0, &(0x7f0000000200)=[0x0]})
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r3, 0xc02064b9, &(0x7f0000000040)={&(0x7f0000000300)=[0x0, 0x0, <r6=>0x0], &(0x7f00000003c0), 0x3, r5, 0xcccccccc})
ioctl$DRM_IOCTL_MODE_ATOMIC(r3, 0xc03864bc, &(0x7f0000000380)={0x0, 0x1, &(0x7f0000000240)=[r5], &(0x7f0000000200), &(0x7f00000000c0)=[r6], &(0x7f0000000040), 0x0, 0x300})

6.783484744s ago: executing program 0 (id=738):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x2000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f0000000080)={0x0, 0xf03e, 0x30}, 0xc)
r3 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_mreq(r3, 0x29, 0x1b, &(0x7f0000000100)={@remote}, 0x14)
setsockopt$inet6_mreq(r3, 0x29, 0x1b, &(0x7f0000000280)={@remote}, 0x14)
r4 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
r5 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r5, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-aesni\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r5, 0x117, 0x1, &(0x7f0000000f40)="ad5bb6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r6 = accept4(r5, 0x0, 0x0, 0x800)
sendmmsg$alg(r6, &(0x7f0000000d00)=[{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000005580)="b9c973acad96fc274d605b6ea5083e90f7854520a3d82c106c2af8caf9b5e405cc034349655ac1b02043573da783b7abbfb914c18faaa9f22793be794e48473a883838d23d387aa105d1935058122b84e197b38365433fb37bb8749ee0d3f510c764131b4218a46cd7c2d3c99ef99d5442a6472f74c677c431784c317607750b0f88b7575faf59a9f3d0cc346d0b5a7dd8949753cf51cb7b70eb86bd53a19b0661b0ec33ad3b24e8bd3ddfe2546ebd4ea346", 0xb2}, {0x0}], 0x2, 0x0, 0x0, 0x8011}], 0x1, 0x40800)
ioctl$sock_netrom_SIOCADDRT(r4, 0x890b, &(0x7f0000000000)={0x1, @default, @bpq0, 0x4, 'syz1\x00', @default, 0x1, 0x0, [@null, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @default, @default]})
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000000))
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x0)

6.782669244s ago: executing program 2 (id=739):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
timer_create(0x0, 0x0, 0x0)
timer_settime(0x0, 0x0, 0x0, 0x0)
futex(&(0x7f0000000180)=0x1, 0x86, 0x2, 0x0, 0x0, 0xfffffffc)
r1 = creat(&(0x7f0000000080)='./file0\x00', 0x248)
close(r1)
r2 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000000), 0x80042, 0x0)
ioctl$PTP_PEROUT_REQUEST2(r2, 0x40043d0d, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$inet6_sctp(0xa, 0x5, 0x84)
mount$9p_fd(0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYBLOB])
r3 = socket$inet6_sctp(0xa, 0x801, 0x84)
getsockopt$bt_hci(r3, 0x84, 0x80, &(0x7f00000010c0)=""/4111, &(0x7f0000000000)=0x100f)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
syz_io_uring_setup(0x49a, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0)
r4 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r4, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000002c0)="2e00000010008188040f80ec59acbc0413010048100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)

5.362497988s ago: executing program 3 (id=740):
syz_mount_image$xfs(&(0x7f0000009600), &(0x7f0000009640)='./file0\x00', 0x200800, &(0x7f0000000380)={[{@gqnoenforce}, {@nodiscard}, {@pquota}, {@gqnoenforce}, {@prjquota}]}, 0x4, 0x9647, &(0x7f0000012cc0)="$eJzs3Qm4pnPh+P/nDGNfxlBJqalGtMiaJaqZwQyFZIl2ZElZChXatEhpo0R79i1bWULZWkn2FkoIlSyRFtsw/+uYM4zxJn37/v6+9X6/r+uc53nu577v83k+r3s5R3NdbTZ5o0mDwVyD6Y0bzNrZV02ZOuaK9W89fMuFjlrupDv3e/iK4yeMPE4ceZw0GAxGjbw9NH3Z2MHJp4wazP7A8oead+55huYfDJYfeTmyn8HK0x/mv3TGetNmadaBDj30bZ/pXw+04PCPGH5yyH57HToYDMbMtP3QYDC05yM+qLTNJk6Z/JDVg27DVqNHns/8Ncf0r/kvGAzmP23Ax8fM6w49AR9p+Gfu+fyzRq//BPzs/7g2mzhlnVn8h8/F2UaWrTx8js96Dhqb9Ti/eYnNVx2ZwgeOt8Fg+BL3sHPlP6LNJk5ed/Do1/nB4audt8+06dfNOQfTbxRzDwaDeUaur/M90S717zVx0goP3LNnvB5hn3Es70nHxbFvOuH+4Zv0YDBYeDAYu/aMe0FVVVX9ZzRx0gprwP1/rse6/5944mKndf+vqqr6z22diZNWGL7Xz3L/n++x7v87L3b+h6f/t/8JK0/f6v4n9kNUVVXVv9TkdfD+P+ax7v8rr3Hxut3/q6qq/nPbcL0H7v/zzXL/X+Sx7v+vP2G1xUfWm/F7w30z7XJopv894d6Zls820/J7Zlo+eqb9zLz+HDMtv2um5XMOvwfrjxsMxs7494JTH1o8dtzweyPL755p+YSH/p3O+DVnWj5xpuWTZ1o+aWSsw8unzLR8ykzrr/0YU11VVfV/pg1XmLzGYKZ/Zz+yeNEZ79P9/9zTr176iRpvVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV/Wd2/61nnDUYDIYGg8GowWDqYOT5zI+DadOmTRt+feI5l1zyhA30/0ZDZ181ZeqYK9a/9fAtFzpquZPu3O+hWfqP7T//E9S/07D/XMeMGwx23OSJHko9AXX+u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7j7bz3jrJFjYNRgMHUw8nzPGY+n7/u6N4ysuuqmJ91+wENbjp+w3cizs6+aMnW7J2DsT0BDw591zBXr33r4lgsdtdxJd+73X3D2/Od/gvp3esB/u6HBYOT8HjN8Lq8/ccONlxoMBgfcftKmKw0efG+V4fdWGzvbYLYHNl3qge9rjecd77n29McJw98WeXAfJz6w/3WmHTzb0CyDmKmXnn3d4W/d7M4VZ31c8tE/x6gZTw695tQ7pk2bNu1hC0ea61E2nrH/GZ9l1vN8ZOxLDY99mV13eMcyu+y+x9Lb7bDFtltvu/WOy62wyoorLb/cSqu+eJltttt+62Wnf3+UORv3wPc1Hs+czTfrnN06ceY5m/WzPdqcjXvsOXtgj1P3GNp4xpzN/i/O2RqPPWfjthv5QeMnjB5s/sDUDA0G49ccPdht+MVycw4G49caWXfR4XVXHztqMNj3oQ86/GzOB4/BoT2H19ls8kaTHhrZIz/hI67TD1tx/ISRx4kjj5OmD3Hc4KFDcezg5FNGDc/Fw6Z53rnnGZp/MFh+5OXIfgarjrx70Iz1ps3SrAMdeujbPtO/HmjB4Z0MP3nbsmdcOXwuzrL9/4v+R9f/R3itMvTgRA2NfI2sM91r4pR1HvpZD0zD8NzNNrJs5WGTWefsf7NHjHfc7IMxjzHeyetMWmF48SzzP2MTPL5uW+K8904/tiasPH2r+//HKDTe+R5jvOtMxPHO91jjPeZ9F50yfVf/a+Od5Vq37gPfJzyea93gsa91s9EOtr5w8Vmvda989CE+7DyeMUdzzrLSo13rdjtw+T2H9z/hsa916w6PffTDrnWjBoPxa8y41g1f+CaPHuw7/GL54RdTRg+OGn6xwgMv5h6cM/ziRW/ZafuthhesPWNOlh3e74SxQw+4n7fyTUtO+/y0aWuOjGXC2IePdeT4GDfz/Xzi2OmTOWPbGfsdXnXGfm98yvT3Jo/sd+K/sN8Z29J4b19w+ntTRvY7aZb9jn6M/c7Y9hHnw1JDD164HuV6M3mW683I3zgzftzDvuaY/jX/BYPB/KeR7yzr/tNrJp2/cz3GeCdOWmGN4fHNcv4+eDjS+XvRlCuG7xXzDwaDhQeDsWvPGPu/2NCjjXf2xx7vJBjv7I813suO3mG9/4XxDmYa78OOs802nH6srD1ynE35F47fGdvOeh0b/cC70y/7az+e69i4R1zHPjTbqFkme6Ye7Xe2rWD96c8Xfej33KuOP3LG3I+eZb//7He2mT7LEFzHxszy9/yota8dDNGc73nM6hcP7f/Ycz568PC/LWbM+YxtH2vOpzyeOX/6Y8/54/09eannTH9/9Czjn3nON/jU0z45Y87nmGW//2zOpzz2veORcz5hMJrmfNl7ps/bY11PH23OZ2w7Y86HP+JqY2cfrDV8zxqZ88mPZ84X/d85zueB9ac/3/rBRWceftJrZsz5rHP8z+Z88r865+MePM7HP/Des0cN5phjsNsWu+6683LTv894ufz073wtuuuq6fP8WPfSRzOase1jnRdrPh6jMY/LaOifGS02+6MZPXRqHbbTzk/+n16L1vxXjQZ8LbriyOnz9li/Fz3anM/Ylu6Di8y0/ax/h2643gO/d883y31wxiZ4Hzzz9HX3nrHLkc3um2WYM+6r9860fLaZlt8z0/LRM+1n5vXnmGn5XTMtH/4Ic8y0/gzWccN/844sn/rQ6mOHf3kaN7L87pmWT3ho2/FrzrR84kzLJ8+0fNJDh8b4KTMtnzLT+msP/sVm/Dfp7Wa9yNfjrf/+6y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvLX9z9t55x1sgxMGowmDqY/nxo5HGw59AGt7x8+HEwGIxe+bhpGzzR432CGzr7qilTx1yx/q2Hb7nQUcuddOd+/wVnz3/+J6h/pwf8txsaDEbO7zHbDQaD9SduuPFSg8Fgg2nHrTxq8OB7iw6/t/rYUYPBvkMP28GcD64ztOfwOptN3mjSYDDXyBrjHvFDH3EePWzF8RNGHieOPE6afn0aN3joeB07OPmUUYPZH1j+UPPOPc/Q/IPB8iMvR/YzWHn6w/yXzlhv2izNOtChh77tM/3rgRYc/hHDT3bbdsozhudqlu3/zzTjWr3dqH+6aue/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL392/5t/R8t9Wou7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+6oam/7+7lrXOf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vf3f/cf5fZ/1cHUk9Inf/u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y1/c/beecdbIMTBqMJg6mP58aM+Rx8HQCSc/b+QQGb375Ucc/ESP9wlu6Oyrpkwdc8X6tx6+5UJHLXfSnfv9F5w9//mfoP6dHvDfbmgwGDm/x2w3GAzWn7jhxksNBoODj7h891GDB99bdPi91ceOGgz2HXrYDuZ8cJ2hPYfX2WzyRpMGg7lG1hj3iB/6iPPoYSuOnzDyOHHkcdL069O4wUPH69jByaeMGsz+wPKHmnfueYbmHwyWH3k5sp/BytMf5r90xnrTZmnWgQ499G2f6V8PtODwjxh+std8V50wPFezbP9/phnX6u1G/dNVO//d5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8tf3P23nnHWyDEwajCYOpj+fNTI49CeN1z/gY2HH4dfL7T23lc90eN9ghs6+6opU8dcsf6th2+50FHLnXTnfv8FZ89//ieof6dh/7mOGTcY7LjJEz2UegLq/HeXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn9x9996xlkjT0c9tHTUnh0X2NDZV02ZOuaK9W89fMuFjlrupDv3e6IH9O/2KP4fyh+z+H84f8zi/5H8MYv/R/PHLP575Y9Z/D+WP2bx3zt/zOL/8fwxi/8n8scs/vvkj1n8P5k/ZvH/VP6Yxf/T+WMW/8/kj1n8P5s/ZvHfN3/M4r9f/pjF/3P5Yxb/z+ePWfz3zx+z+H8hf8zif0D+mMX/wPwxi/8X88cs/l/KH7P4fzl/zOL/lfwxi/9X88cs/l/LH7P4fz1/zOL/jfwxi/9B+WMW/4Pzxyz+h+SPWfwPzR+z+B+WP2bxPzx/zOJ/RP6Yxf/I/DGL/1H5Yxb/o/PHLP7H5I9Z/L+ZP2bxPzZ/zOJ/XP6Yxf/4/DGL/wn5Yxb/E/PHLP7fyh+z+H87f8zif1L+mMX/5Pwxi/8p+WMW/1Pzxyz+38kfs/iflj9m8T89f8zif0b+mMX/u/ljFv/v5Y9Z/M/MH7P4n5U/ZvE/O3/M4n9O/pjF/9z8MYv/9/PHLP4/yB+z+P8wf8zi/6P8MYv/j/PHLP4/yR+z+J+XP2bxPz9/zOL/0/wxi/8F+WMW/5/lj1n8L8wfs/hflD9m8b84f8zif0n+mMX/0vwxi/9l+WMW/8vzxyz+P88fs/j/In/M4v/L/DGL/6/yxyz+V+SPWfyvzB+z+P86f8zi/5v8MYv/VfljFv/f5o9Z/K/OH7P4X5M/ZvG/Nn/M4v+7/DGL/3X5Yxb/6/PHLP435I9Z/H+fP2bx/0P+mMX/j/ljFv8b88cs/n/KH7P435Q/ZvG/OX/M4n9L/pjF/9b8MYv/n/PHLP635Y9Z/G/PH7P4/yV/zOJ/R/6Yxf+v+WMW/7/lj1n8/54/ZvH/R/6Yxf/O/DGL/135Yxb/u/PHLP735I9Z/O/NH7P4T80fs/jflz9m8b8/f8ziPy1/TOI/2yB/zOI/lD9m8R+VP2bxny1/zOI/e/6YxX90/pjFf478MYv/nPljFv+58scs/nPnj1n858kfs/jPmz9m8Z8vf8ziP3/+mMV/gfwxi/+C+WMW/zH5Yxb/hfLHLP5j88cs/gvnj1n8F8kfs/g/KX/M4v/k/DGL/1Pyxyz+i+aPWfyfmj9m8V8sf8zi/7T8MYv/0/PHLP6L549Z/J+RP2bxf2b+mMV/XP6Yxf9Z+WMW/2fn/4hmH3k0+D8nf8xy/o/PH7P4L5E/ZvF/bv6YxX/J/DGL/1L5Yxb/5+WPWfyfnz9m8X9B/pjF/4X5Yxb/pfPHLP4vyh+z+C+TP2bxXzZ/zOK/XP6YxX/5/DGL/wr5Yxb/FfPHLP4vzh+z+K+UP2bxXzl/zOK/Sv6YxX/V/DGL/0vyxyz+q+WPWfxXzx+z+L80f8zi/7L8MYv/y/PHLP4T8scs/hPzxyz+k/LHLP5r5I9Z/NfMH7P4r5U/ZvGfnD9m8Z+i8p/tca9p8V9b5f/4s/ivkz9m8X9F/pjF/5X5Yxb/dfPHLP7r5Y9Z/NfPH7P4vyp/zOK/Qf6Yxf/V+WMW/w3zxyz+G+WPWfw3zh+z+G+SP2bxf03+mMV/0/wxi/9m+WMW/9fmj1n8X5c/ZvF/ff6Yxf8N+WMW/zfmj1n835Q/ZvF/c/6YxX/z/DGL/xb5Yxb/LfPHLP5vyR+z+G+VP2bx3zp/zOK/Tf6YxX/b/DGL/1vzxyz+2+WPWfzflj9m8X97/pjFf/v8MYv/DvljFv8d88cs/jvlj1n835E/ZvF/Z/6YxX/n/DGL/y75Yxb/XfPHLP7vyh+z+L87f8zi/578MYv/bvljFv/d88cs/nvkj1n835s/ZvF/X/6Yxf/9+WMW/w/kj1n8P5g/ZvHfM3/M4v+h/DGL/4fzxyz+H8kfs/h/NH/M4r9X/pjF/2P5Yxb/vfPHLP4fzx+z+H8if8ziv0/+mMX/k/ljFv9P5Y9Z/D+dP2bx/0z+mMX/s/ljFv9988cs/vvlj1n8P5c/ZvH/fP6YxX///DGL/xfyxyz+B+SPWfwPzB+z+H8xf8zi/6X8MYv/l/PHLP5fyR+z+H81f8zi/7X8MYv/1/PHLP7fyB+z+B+UP2bxPzh/zOJ/SP6Yxf/Q/DGL/2H5Yxb/w/PHLP5H5I9Z/I/MH7P4H5U/ZvE/On/M4n9M/pjF/5v5Yxb/Y/PHLP7H5Y9Z/I/PH7P4n5A/ZvE/MX/M4v+t/DGL/7fzxyz+J+WPWfxPzh+z+J+SP2bxPzV/zOL/nfwxi/9p+WMW/9Pzxyz+Z+SPWfy/mz9m8f9e/pjF/8z8MYv/WfljFv+z88cs/ufkj1n8z80fs/h/P3/M4v+D/DGL/w/zxyz+P8ofs/j/OH/M4v+T/DGL/3n5Yxb/8/PHLP4/zR+z+F+QP2bx/1n+mMX/wvwxi/9F+WMW/4vzxyz+l+SPWfwvzR+z+F+WP2bxvzx/zOL/8/wxi/8v8scs/r/MH7P4/yp/zOJ/Rf6Yxf/K/DGL/6/zxyz+v8kfs/hflT9m8f9t/pjF/+r8MYv/NfljFv9r88cs/r/LH7P4X5c/ZvG/Pn/M4n9D/pjF//f5Yxb/P+SPWfz/mD9m8b8xf8zi/6f8MYv/TfljFv+b88cs/rfkj1n8b80fs/j/OX/M4n9b/pjF//b8MYv/X/LHLP535I9Z/P+aP2bx/1v+mMX/7/ljFv9/5I9Z/O/MH7P435U/ZvG/O3/M4n9P/pjF/978MYv/1Pwxi/99+WMW//vzxyz+0/LHJP6zD/LHLP5D+WMW/1H5Yxb/2fLHLP6z549Z/Efnj1n858gfs/jPmT9m8Z8rf8ziP3f+mMV/nvwxi/+8+WMW//nyxyz+8+ePWfwXyB+z+C+YP2bxH5M/ZvFfKH/M4j82f8ziv3D+mMV/kfwxi/+T8scs/k/OH7P4PyV/zOK/aP6Yxf+p+WMW/8Xyxyz+T8sfs/g/PX/M4r94/pjF/xn5Yxb/Z+aPWfzH5Y9Z/J+VP2bxf3b+mMX/OfljFv/x+WMW/yXyxyz+z80fs/gvmT9m8V8qf8zi/7z8MYv/8/PHLP4vyB+z+L8wf8ziv3T+mMX/RfljFv9l8scs/svmj1n8l8sfs/gvnz9m8V8hf8ziv2L+mMX/xfljFv+V8scs/ivnj1n8V8kfs/ivmj9m8X9J/pjFf7X8MYv/6vljFv+X5o9Z/F+WP2bxf3n+mMV/Qv6YxX9i/pjFf1L+mMV/jfwxi/+a+WMW/7Xyxyz+k/PHLP5T8scs/mvnj1n818kfs/i/In/M4v/K/DGL/7r5Yxb/9fLHLP7r549Z/F+VP2bx3yB/zOL/6sEl+UMW/w07/zGL/0b5Yxb/jfPHLP6b5I9Z/F+TP2bx3zR/zOK/Wf6Yxf+1+WMW/9flj1n8X58/ZvF/Q/6Yxf+N+WMW/zflj1n835w/ZvHfPH/M4r9F/pjFf8v8MYv/W/LHLP5b5Y9Z/LfOH7P4b5M/ZvHfNn/M4v/W/DGL/3b5Yxb/t+WPWfzfnj9m8d8+f8ziv0P+mMV/x/wxi/9O+WMW/3fkj1n835k/ZvHfOX/M4r9L/pjFf9f8MYv/u/LHLP7vzh+z+L8nf8ziv1v+mMV/9/wxi/8e+WMW//fmj1n835c/ZvF/f/6Yxf8D+WMW/w/mj1n898wfs/h/KH/M4v/h/DGL/0fyxyz+H80fs/jvlT9m8f9Y/pjFf+/8MYv/x/PHLP6fyB+z+O+TP2bx/2T+mMX/U/ljFv9P549Z/D+TP2bx/2z+mMV/3/wxi/9++WMW/8/lj1n8P58/ZvHfP3/M4v+F/DGL/wH5Yxb/A/PHLP5fzB+z+H8pf8zi/+X8MYv/V/LHLP5fzR+z+H8tf8zi//X8MYv/N/LHLP4H5Y9Z/A/OH7P4H5I/ZvE/NH/M4n9Y/pjF//D8MYv/EfljFv8j88cs/kflj1n8j84fs/gfkz9m8f9m/pjF/9j8MYv/cfljFv/j88cs/ifkj1n8T8wfs/h/K3/M4v/t/DGL/0n5Yxb/k/PHLP6n5I9Z/E/NH7P4fyd/zOJ/Wv6Yxf/0/DGL/xn5Yxb/7+aPWfy/lz9m8T8zf8zif1b+mMX/7Pwxi/85+WMW/3Pzxyz+388fs/j/IH/M4v/D/DGL/4/yxyz+P84fs/j/JH/M4n9e/pjF//z8MYv/T/PHLP4X5I9Z/H+WP2bxvzB/zOJ/Uf6Yxf/i/DGL/yX5Yxb/S/PHLP6X5Y9Z/C/PH7P4/zx/zOL/i/wxi/8v88cs/r/KH7P4X5E/ZvG/Mn/M4v/r/DGL/2/yxyz+V+U/3LTZZllg8f9t/pjF/+r8MYv/NfljFv9r88cs/r/LH7P4X5c/ZvG/Pn/M4n9D/pjF//f5Yxb/P+SPWfz/mD9m8b8xf8zi/6f8MYv/TfljFv+b88cs/rfkj1n8b80fs/j/OX/M4n9b/pjF//b8MYv/X/LHLP535I9Z/P+aP2bx/1v+mMX/7/ljFv9/5I9Z/O/MH7P435U/ZvG/O3/M4n9P/pjF/978MYv/1Pwxi/99+WMW//vzxyz+0/LHJP6jB/ljFv+h/DGL/6j8MYv/bPljFv/Z88cs/qPzxyz+c+SPWfznzB+z+M+VP2bxnzt/zOI/T/6YxX/e/DGL/3z5Yxb/+fPHLP4L5I9Z/BfMH7P4j8kfs/gvlD9m8R+bP2bxXzh/zOK/SP6Yxf9J+WMW/yfnj1n8n5I/ZvFfNH/M4v/U/DGL/2L5Yxb/p+WPWfyfnj9m8V88f8zi/4z8MYv/M/PHLP7j8scs/s/KH7P4Pzt/zOL/nPwxi//4/DGL/xL5Yxb/5+aPWfyXzB+z+C+VP2bxf17+mMX/+fljFv8X5I9Z/F+YP2bxXzp/zOL/ovwxi/8y+WMW/2Xzxyz+y+WPWfyXzx+z+K+QP2bxXzF/zOL/4vwxi/9K+WMW/5Xzxyz+q+SPWfxXzR+z+L8kf8ziv1r+mMV/9fwxi/9L88cs/i/LH7P4vzx/zOI/IX/M4j8xf8ziPyl/zOK/Rv6YxX/N/DGL/1r5Yxb/yfljFv8p+WMW/7Xzxyz+6+SPWfxfkT9m8X9l/pjFf938MYv/evljFv/188cs/q/KH7P4b5A/ZvF/df6YxX/D/DGL/0b5Yxb/jfPHLP6b5I9Z/F+TP2bx3zR/zOK/Wf6Yxf+1+WMW/9flj1n8X58/ZvF/Q/6Yxf+N+WMW/zflj1n835w/ZvHfPH/M4r9F/pjFf8v8MYv/W/LHLP5b5Y9Z/LfOH7P4b5M/ZvHfNn/M4v/W/DGL/3b5Yxb/t+WPWfzfnj9m8d8+f8ziv0P+mMV/x/wxi/9O+WMW/3fkj1n835k/ZvHfOX/M4r9L/pjFf9f8MYv/u/LHLP7vzh+z+L8nf8ziv1v+mMV/9/wxi/8e+WMW//fmj1n835c/ZvF/f/6Yxf8D+WMW/w/mj1n898wfs/h/KH/M4v/h/DGL/0fyxyz+H80fs/jvlT9m8f9Y/pjFf+/8MYv/x/PHLP6fyB+z+O+TP2bx/2T+mMX/U/ljFv9P549Z/D+TP2bx/2z+mMV/3/wxi/9++WMW/8/lj1n8P58/ZvHfP3/M4v+F/DGL/wH5Yxb/A/PHLP5fzB+z+H8pf8zi/+X8MYv/V/LHLP5fzR+z+H8tf8zi//X8MYv/N/LHLP4H5Y9Z/A/OH7P4H5I/ZvE/NH/M4n9Y/pjF//D8MYv/EfljFv8j88cs/kflj1n8j84fs/gfkz9m8f9m/pjF/9j8MYv/cfljFv/j88cs/ifkj1n8T8wfs/h/K3/M4v/t/DGL/0n5Yxb/k/PHLP6n5I9Z/E/NH7P4fyd/zOJ/Wv6Yxf/0/DGL/xn5Yxb/7+aPWfy/lz9m8T8zf8zif1b+mMX/7Pwxi/85+WMW/3Pzxyz+388fs/j/IH/M4v/D/DGL/4/yxyz+P84fs/j/JH/M4n9e/pjF//z8MYv/T/PHLP4X5I9Z/H+WP2bxvzB/zOJ/Uf6Yxf/i/DGL/yX5Yxb/S/PHLP6X5Y9Z/C/PH7P4/zx/zOL/i/wxi/8v88cs/r/KH7P4X5E/ZvG/Mn/M4v/r/DGL/2/yxyz+V+WPWfx/mz9m8b86f8zif03+mMX/2vwxi//v8scs/tflj1n8r88fs/jfkD9m8f99/pjF/w/5Yxb/P+aPWfxvzB+z+P8pf8zif1P+mMX/5vwxi/8t+WMW/1vzxyz+f84fs/jflj9m8b89f8zi/5f8MYv/HfljFv+/5o9Z/P+WP2bx/3v+mMX/H/ljFv8788cs/nflj1n8784fs/jfkz9m8b83f8ziPzV/zOJ/X/6Yxf/+/DGL/7T8MYn/HIP8MYv/UP6YxX9U/pjFf7b8MYv/7PljFv/R+WMW/znyxyz+c+aPWfznyh+z+M+dP2bxnyd/zOI/b/6YxX++/DGL//z5Yxb/BfLHLP4L5o9Z/Mfkj1n8F8ofs/iPzR+z+C+cP2bxXyR/zOL/pPwxi/+T88cs/k/JH7P4L5o/ZvF/av6YxX+x/DGL/9Pyxyz+T88fs/gvnj9m8X9G/pjF/5n5Yxb/cfljFv9n5Y9Z/J+dP2bxf07+mMV/fP6YxX+J/DGL/3Pzxyz+S+aPWfyXyh+z+D8vf8zi//z8MYv/C/LHLP4vzB+z+C+dP2bxf1H+mMV/mfwxi/+y+WMW/+Xyxyz+y+ePWfxXyB+z+K+YP2bxf3H+mMV/pfwxi//K+WMW/1Xyxyz+q+aPWfxfkj9m8V8tf8ziv3r+mMX/pfljFv+X5Y9Z/F+eP2bxn5A/ZvGfmD9m8Z+UP2bxXyN/zOK/Zv6YxX+t/DGL/+T8MYv/lPwxi//a+WMW/3Xyxyz+r8gfs/i/Mn/M4r9u/pjFf738MYv/+vljFv9X5Y9Z/DfIH7P4vzp/zOK/Yf6YxX+j/DGL/8b5Yxb/TfLHLP6vyR+z+G+aP2bx3yx/zOL/2vwxi//r8scs/q/PH7P4vyF/zOL/xvwxi/+b8scs/m/OH7P4b54/ZvHfIn/M4r9l/pjF/y35Yxb/rfLHLP5b549Z/LfJH7P4b5s/ZvF/a/6YxX+7/DGL/9vyxyz+b88fs/hvnz9m8d8hf8ziv2P+mMV/p/wxi/878scs/u/MH7P475w/ZvHfJX/M4r9r/pjF/135Yxb/d+ePWfzfkz9m8d8tf8ziv3v+mMV/j/wxi/9788cs/u/LH7P4vz9/zOL/gfwxi/8H88cs/nvmj1n8P5Q/ZvH/cP6Yxf8j+WMW/4/mj1n898ofs/h/LH/M4r93/pjF/+P5Yxb/T+SPWfz3yR+z+H8yf8zi/6n8MYv/p/PHLP6fyR+z+H82f8ziv2/+mMV/v/wxi//n8scs/p/PH7P4758/ZvH/Qv6Yxf+A/DGL/4H5Yxb/L+aPWfy/lD9m8f9y/pjF/yv5Yxb/r+aPWfy/lj9m8f96/pjF/xv5Yxb/g/LHLP4H549Z/A/JH7P4H5o/ZvE/LH/M4n94/pjF/4j8MYv/kfljFv+j8scs/kfnj1n8j8kfs/h/M3/M4n9s/pjF/7j8MYv/8fljFv8T8scs/ifmj1n8v5U/ZvH/dv6Yxf+k/DGL/8n5Yxb/U/LHLP6n5o9Z/L+TP2bxPy1/zOJ/ev6Yxf+M/DGL/3fzxyz+38sfs/ifmT9m8T8rf8zif3b+mMX/nPwxi/+5+WMW/+/nj1n8f5A/ZvH/Yf6Yxf9H+WMW/x/nj1n8f5I/ZvE/L3/M4n9+/pjF/6f5Yxb/C/LHLP4/yx+z+F+YP2bxvyh/zOJ/cf6Yxf+S/DGL/6X5Yxb/y/LHLP6X549Z/H+eP2bx/0X+mMX/l/ljFv9f5Y9Z/K/IH7P4X5k/ZvH/df6Yxf83+WMW/6vyxyz+v80fs/hfnT9m8b8mf8zif23+mMX/d/ljFv/r8scs/tfnj1n8b8gfs/j/XuU/+nGvafH/g8r/8Wfx/2P+mMX/xvwxi/+f8scs/jflj1n8b84fs/jfkj9m8b81f8zi/+f8MYv/bfljFv/b88cs/n/JH7P435E/ZvH/a/6Yxf9v+WMW/7/nj1n8/5E/ZvG/M3/M4n9X/pjF/+78MYv/PfljFv9788cs/lPzxyz+9+WPWfzvzx+z+E/LH5P4zznIH7P4D+WPWfxH5Y9Z/GfLH7P4z54/ZvEfnT9m8Z8jf8ziP2f+mMV/rvwxi//c+WMW/3nyxyz+8+aPWfznyx+z+M+fP2bxXyB/zOK/YP6YxX9M/pjFf6H8MYv/2Pwxi//C+WMW/0Xyxyz+T8ofs/g/OX/M4v+U/DGL/6L5Yxb/p+aPWfwXyx+z+D8tf8zi//T8MYv/4vljFv9n5I9Z/J+ZP2bxH5c/ZvF/Vv6Yxf/Z+WMW/+fkj1n8x+ePWfyXyB+z+D83f8ziv2T+mMV/qfwxi//z8scs/s/PH7P4vyB/zOL/wvwxhf/4wZxL548p/AeDOV+UP2bxXyZ/zOK/bP6YxX+5/DGL//L5Yxb/FfLHLP4r5o9Z/F+cP2bxXyl/zOK/cv6YxX+V/DGL/6r5Yxb/l+SPWfxXyx+z+K+eP2bxf2n+mMX/ZfljFv+X549Z/Cfkj1n8J+aPWfwn5Y9Z/NfIH7P4r5k/ZvFfK3/M4j85f8ziPyV/zOK/dv6YxX+d/DGL/yvyxyz+r8wfs/ivmz9m8V8vf8ziv37+mMX/VfljFv8N8scs/q/OH7P4b5g/ZvHfKH/M4r9x/pjFf5P8MYv/a/LHLP6b5o9Z/DfLH7P4vzZ/zOL/uvwxi//r88cs/m/IH7P4vzF/zOL/pvwxi/+b88cs/pvnj1n8t8gfs/hvmT9m8X9L/pjFf6v8MYv/1vljFv9t8scs/tvmj1n835o/ZvHfLn/M4v+2/DGL/9vzxyz+2+ePWfx3yB+z+O+YP2bx3yl/zOL/jvwxi/8788cs/jvnj1n8d8kfs/jvmj9m8X9X/pjF/935Yxb/9+SPWfx3yx+z+O+eP2bx3yN/zOL/3vwxi//78scs/u/PH7P4fyB/zOL/wfwxi/+e+WMW/w/lj1n8P5w/ZvH/SP6Yxf+j+WMW/73yxyz+H8sfs/jvnT9m8f94/pjF/xP5Yxb/ffLHLP6fzB+z+H8qf8zi/+n8MYv/Z/LHLP6fzR+z+O+bP2bx3y9/zOL/ufwxi//n88cs/vvnj1n8v5A/ZvE/IH/M4n9g/pjF/4v5Yxb/L+WPWfy/nD9m8f9K/pjF/6v5Yxb/r+WPWfy/nj9m8f9G/pjF/6D8MYv/wfljFv9D8scs/ofmj1n8D8sfs/gfnj9m8T8if8zif2T+mMX/qPwxi//R+WMW/2Pyxyz+38wfs/gfmz9m8T8uf8zif3z+mMX/hPwxi/+J+WMW/2/lj1n8v50/ZvE/KX/M4n9y/pjF/5T8MYv/qfljFv/v5I9Z/E/LH7P4n54/ZvE/I3/M4v/d/DGL//fyxyz+Z+aPWfzPyh+z+J+dP2bxPyd/zOJ/bv6Yxf/7+WMW/x/kj1n8f5g/ZvH/Uf6Yxf/H+WMW/5/kj1n8z8sfs/ifnz9m8f9p/pjF/4L8MYv/z/LHLP4X5o9Z/C/KH7P4X5w/ZvG/JH/M4n9p/pjF/7L8MYv/5fljFv+f549Z/H+RP2bx/2X+mMX/V/ljFv8r8scs/lfmj1n8f50/ZvH/Tf6Yxf+q/DGL/2/zxyz+V+ePWfyvyR+z+F+bP2bx/13+mMX/uvwxi//1+WMW/xvyxyz+v88fs/j/IX/M4v/H/DGL/435Yxb/P+WPWfxvyh+z+N+cP2bxvyV/zOJ/a/6Yxf/P+WMW/9vyxyz+t+ePWfz/kj9m8b8jf8zi/9f8MYv/3/LHLP5/zx+z+P8jf8zif2f+mMX/rvwxi//d+WMW/3vyxyz+9+aPWfyn5o9Z/O/LH7P4358/ZvGflj8m8Z9rkD9m8R/KH7P4j8ofs/jPlj9m8Z89f8ziPzp/zOI/R/6YxX/O/DGL/1z5Yxb/ufPHLP7z5I9Z/OfNH7P4z5c/ZvGfP3/M4r9A/pjFf8H8MYv/mPwxi/9C+WMW/7H5Yxb/hfPHLP6L5I9Z/J+UP2bxf3L+mMX/KfljFv9F88cs/k/NH7P4L5Y/ZvF/Wv6Yxf/p+WMW/8Xzxyz+z8gfs/g/M3/M4j8uf8zi/6z8MYv/s/PHLP7PyR+z+I/PH7P4L5E/ZvF/bv6YxX/J/DGL/1L5Yxb/5+WPWfyfnz9m8X9B/pjF/4X5Yxb/pfPHLP4vyh+z+C+TP2bxXzZ/zOK/XP6YxX/5/DGL/wr5Yxb/FfPHLP4vzh+z+K+UP2bxXzl/zOK/Sv6YxX/V/DGL/0vyxyz+q+WPWfxXzx+z+L80f8zi/7L8MYv/y/PHLP4T8scs/hPzxyz+k/LHLP5r5I9Z/NfMH7P4r5U/ZvGfnD9m8Z+SP2bxXzt/zOK/Tv6Yxf8V+WMW/1fmj1n8180fs/ivlz9m8V8/f8zi/6r8MYv/BvljFv9X549Z/DfMH7P4b5Q/ZvHfOH/M4r9J/pjF/zX5Yxb/TfPHLP6b5Y9Z/F+bP2bxf13+mMX/9fljFv835I9Z/N+YP2bxf1P+mMX/zfljFv/N88cs/lvkj1n8t8wfs/i/JX/M4r9V/pjFf+v8MYv/NvljFv9t88cs/m/NH7P4b5c/ZvF/W/6Yxf/t+WMW/+3zxyz+O+SPWfx3zB+z+O+UP2bxf0f+mMX/nfljFv+d88cs/rvkj1n8d80fs/i/K3/M4v/u/DGL/3vyxyz+u+WPWfx3zx+z+O+RP2bxf2/+mMX/ffljFv/3549Z/D+QP2bx/2D+mMV/z/wxi/+H8scs/h/OH7P4fyR/zOL/0fwxi/9e+WMW/4/lj1n8984fs/h/PH/M4v+J/DGL/z75Yxb/T+aPWfw/lT9m8f90/pjF/zP5Yxb/z+aPWfz3zR+z+O+XP2bx/1z+mMX/8/ljFv/988cs/l/IH7P4H5A/ZvE/MH/M4v/F/DGL/5fyxyz+X84fs/h/JX/M4v/V/DGL/9fyxyz+X88fs/h/I3/M4n9Q/pjF/+D8MYv/IfljFv9D88cs/oflj1n8D88fs/gfkT9m8T8yf8zif1T+mMX/6Pwxi/8x+WMW/2/mj1n8j80fs/gflz9m8T8+f8zif0L+mMX/xPwxi/+38scs/t/OH7P4n5Q/ZvE/OX/M4n9K/pjF/9T8MYv/d/LHLP6n5Y9Z/E/PH7P4n5E/ZvH/bv6Yxf97+WMW/zPzxyz+Z+WPWfzPzh+z+J+TP2bxPzd/zOL//fwxi/8P8scs/j/MH7P4/yh/zOL/4/wxi/9P8scs/uflj1n8z38c/lcs8P9yYP83s/j/tPMfs/hfkD9m8f9Z/pjF/8L8MYv/RfljFv+L88cs/pfkj1n8L80fs/hflj9m8b88f8zi//P8MYv/L/LHLP6/zB+z+P8qf8zif0X+mMX/yvwxi/+v88cs/r/JH7P4X5U/ZvH/bf6Yxf/q/DGL/zX5Yxb/a/PHLP6/yx+z+F+XP2bxvz5/zOJ/Q/6Yxf/3+WMW/z/kj1n8/5g/ZvG/MX/M4v+n/DGL/035Yxb/m/PHLP635I9Z/G/NH7P4/zl/zOJ/W/6Yxf/2/DGL/1/yxyz+d+SPWfz/mj9m8f9b/pjF/+/5Yxb/f+SPWfzvzB+z+N+VP2bxvzt/zOJ/T/6Yxf/e/DGL/9T8MYv/ffljFv/788cs/tPyxyT+cw/yxyz+Q/ljFv9R+WMW/9nyxyz+s+ePWfxH549Z/OfIH7P4z5k/ZvGfK3/M4j93/pjFf578MYv/vPljFv/58scs/vPnj1n8F8gfs/gvmD9m8R+TP2bxXyh/zOI/Nn/M4r9w/pjFf5H8MYv/k/LHLP5Pzh+z+D8lf8ziv2j+mMX/qfljFv/F8scs/k/LH7P4Pz1/zOK/eP6Yxf8Z+WMW/2fmj1n8x+WPWfyflT9m8X92/pjF/zn5Yxb/8fljFv8l8scs/s/NH7P4L5k/ZvFfKn/M4v+8/DGL//Pzxyz+L8gfs/i/MH/M4r90/pjF/0X5Yxb/ZfLHLP7L5o9Z/JfLH7P4L58/ZvFfIX/M4r9i/pjF/8X5Yxb/lfLHLP4r549Z/FfJH7P4r5o/ZvF/Sf6YxX+1/DGL/+r5Yxb/l+aPWfxflj9m8X95/pjFf0L+mMV/Yv6YxX9S/pjFf438MYv/mvljFv+18scs/pPzxyz+U/LHLP5r549Z/NfJH7P4vyJ/zOL/yvwxi/+6+WMW//Xyxyz+6+ePWfxflT9m8d8gf8zi/+r8MYv/hvljFv+N8scs/hvnj1n8N8kfs/i/Jn/M4r9p/pjFf7P8MYv/a/PHLP6vyx+z+L8+f8zi/4b8MYv/G/PHLP5vyh+z+L85f8ziv3n+mMV/i/wxi/+W+WMW/7fkj1n8t8ofs/hvnT9m8d8mf8ziv23+mMX/rfljFv/t8scs/m/LH7P4vz1/zOK/ff6YxX+H/DGL/475Yxb/nfLHLP7vyB+z+L8zf8ziv3P+mMV/l/wxi/+u+WMW/3flj1n8350/ZvF/T/6YxX+3/DGL/+75Yxb/PfLHLP7vzR+z+L8vf8zi//78MYv/B/LHLP4fzB+z+O+ZP2bx/1D+mMX/w/ljFv+P5I9Z/D+aP2bx3yt/zOL/sfwxi//e+WMW/4/nj1n8P5E/ZvHfJ3/M4v/J/DGL/6fyxyz+n84fs/h/Jn/M4v/Z/DGL/775Yxb//fLHLP6fyx+z+H8+f8ziv3/+mMX/C/ljFv8D8scs/gfmj1n8v5g/ZvH/Uv6Yxf/L+WMW/6/kj1n8v5o/ZvH/Wv6Yxf/r+WMW/2/kj1n8D8ofs/gfnD9m8T8kf8zif2j+mMX/sPwxi//h+WMW/yPyxyz+R+aPWfyPyh+z+B+dP2bxPyZ/zOL/zfwxi/+x+WMW/+Pyxyz+x+ePWfxPyB+z+J+YP2bx/1b+mMX/2/ljFv+T8scs/ifnj1n8T8kfs/ifmj9m8f9O/pjF/7T8MYv/6fljFv8z8scs/t/NH7P4fy9/zOJ/Zv6Yxf+s/DGL/9n5Yxb/c/LHLP7n5o9Z/L+fP2bx/0H+mMX/h/ljFv8f5Y9Z/H+cP2bx/0n+mMX/vPwxi//5+WMW/5/mj1n8L8gfs/j/LH/M4n9h/pjF/6L8MYv/xfljFv9L8scs/pfmj1n8L8sfs/hfnj9m8f95/pjF/xf5Yxb/X+aPWfx/lT9m8b8if8zif2X+mMX/1/ljFv/f5I9Z/K/KH7P4/zZ/7OH+o5/o4fz7PYr/1fljlvP/mvwxi/+1+WMW/9/lj1n8r8sfs/hfnz9m8b8hf8zi//v8MYv/H/LHLP5/zB+z+N+YP2bx/1P+mMX/pvwxi//N+WMW/1vyxyz+t+aPWfz/nD9m8b8tf8zif3v+mMX/L/ljFv878scs/n/NH7P4/y1/zOL/9/wxi/8/8scs/nfmj1n878ofs/jfnT9m8b8nf8zif2/+mMV/av6Yxf++/DGL//35Yxb/afljEv95BvljFv+h/DGL/6j8MYv/bPljFv/Z88cs/qPzxyz+c+SPWfznzB+z+M+VP2bxnzt/zOI/T/7Yf7//XA++lf8j++/3f6B55ssfs/jPnz9m8V8gf8ziv2D+mMV/TP6YxX+h/DGL/9j8MYv/wvljFv9F8scs/k/KH7P4Pzl/zOL/lPwxi/+i+WMW/6fmj1n8F8sfs/g/LX/M4v/0/DGL/+L5Yxb/Z+SPWfyfmT9m8R+XP2bxf1b+mMX/2fljFv/n5I9Z/Mfnj1n8l8gfs/g/N3/M4r9k/pjFf6n8MYv/8/LHLP7Pzx+z+L8gf8zi/8L8MYv/0vljFv8X5Y9Z/JfJH7P4L5s/ZvFfLn/M4r98/pjFf4X8MYv/ivljFv8X549Z/FfKH7P4r5w/ZvFfJX/M4r9q/pjF/yX5Yxb/1fLHLP6r549Z/F+aP2bxf1n+mMX/5fljFv8J+WMW/4n5Yxb/SfljFv818scs/mvmj1n818ofs/hPzh+z+E/JH7P4r50/ZvFfJ3/M4v+K/DGL/yvzxyz+6+aPWfzXyx+z+K+fP2bxf1X+mMV/g/wxi/+r88cs/hvmj1n8N8ofs/hvnD9m8d8kf8zi/5r8MYv/pvljFv/N8scs/q/NH7P4vy5/zOL/+vwxi/8b8scs/m/MH7P4vyl/zOL/5vwxi//m+WMW/y3yxyz+W+aPWfzfkj9m8d8qf8ziv3X+mMV/m/wxi/+2+WMW/7fmj1n8t8sfs/i/LX/M4v/2/DGL//b5Yxb/HfLHLP475o9Z/HfKH7P4vyN/zOL/zvwxi//O+WMW/13yxyz+u+aPWfzflT9m8X93/pjF/z35Yxb/3fLHLP67549Z/PfIH7P4vzd/zOL/vvwxi//788cs/h/IH7P4fzB/zOK/Z/6Yxf9D+WMW/w/nj1n8P5I/ZvH/aP6YxX+v/DGL/8fyxyz+e+ePWfw/nj9m8f9E/pjFf5/8MYv/J/PHLP6fyh+z+H86f8zi/5n8MYv/Z/PHLP775o9Z/PfLH7P4fy5/zOL/+fwxi//++WMW/y/kj1n8D8gfs/gfmD9m8f9i/pjF/0v5Yxb/L+ePWfy/kj9m8f9q/pjF/2v5Yxb/r+ePWfy/kT9m8T8of8zif3D+mMX/kPwxi/+h+WMW/8Pyxyz+h+ePWfyPyB+z+B+ZP2bxPyp/zOJ/dP6Yxf+Y/DGL/zfzxyz+x+aPWfyPyx+z+B+fP2bxPyF/zOJ/Yv6Yxf9b+WMW/2/nj1n8T8ofs/ifnD9m8T8lf8zif2r+mMX/O/ljFv/T8scs/qfnj1n8z8gfs/h/N3/M4v+9/DGL/5n5Yxb/s/LHLP5n549Z/M/JH7P4n5s/ZvH/fv6Yxf8H+WMW/x/mj1n8f5Q/ZvH/cf6Yxf8n+WMW//Pyxyz+5+ePWfx/mj9m8b8gf8zi/7P8MYv/hfljFv+L8scs/hfnj1n8L8kfs/hfmj9m8b8sf8zif3n+mMX/5/ljFv9f5I9Z/H+ZP2bx/1X+mMX/ivwxi/+V+WMW/1/nj1n8f5M/ZvG/Kn/M4v/b/DGL/9X5Yxb/a/LHLP7X5o9Z/H+XP2bxvy5/zOJ/ff6Yxf+G/DGL/+/zxyz+f8gfs/j/MX/M4n9j/pjF/0/5Yxb/m/LHLP43549Z/G/JH7P435o/ZvH/c/6Yxf+2/DGL/+35Yxb/v+SPWfzvyB+z+P81f8zi/7f8MYv/3/PHLP7/yB+z+N+ZP2bxvyt/zOJ/d/6Yxf+e/DGL/735Yxb/qfljFv/78scs/vfnj1n8p+WPSfznHeSPWfyH8scs/qPyxyz+s+WPWfxnzx+z+I/OH7P4z5E/ZvGfM3/M4j9X/pjFf+78MYv/PPljFv9588cs/vPlj1n8588fs/gvkD9m8V8wf8ziPyZ/zOK/UP6YxX9s/pjFf+H8MYv/IvljFv8n5Y9Z/J+cP2bxf0r+mMV/0fwxi/9T88cs/ovlj1n8n5Y/ZvF/ev6YxX/x/DGL/zPyxyz+z8wfs/iPyx+z+D8rf8zi/+z8MYv/c/LHLP7j88cs/kvkj1n8n5s/ZvFfMn/M4r9U/pjF/3n5Yxb/5+ePWfxfkD9m8X9h/pjFf+n8MYv/i/LHLP7L5I9Z/JfNH7P4L5c/ZvFfPn/M4r9C/pjFf8X8MYv/i/PHLP4r5Y9Z/FfOH7P4r5I/ZvFfNX/M4v+S/DGL/2r5Yxb/1fPHLP4vzR+z+L8sf8zi//L8MYv/hPwxi//E/DGL/6T8MYv/GvljFv8188cs/mvlj1n8J+ePWfyn5I9Z/NfOH7P4r5M/ZvF/Rf6Yxf+V+WMW/3Xzxyz+6+WPWfzXzx+z+L8qf8ziv0H+mMX/1fljFv8N88cs/hvlj1n8N84fs/hvkj9m8X9N/pjFf9P8MYv/ZvljFv/X5o9Z/F+XP2bxf33+mMX/DfljFv835o9Z/N+UP2bxf3P+mMV/8/wxi/8W+WMW/y3zxyz+b8kfs/hvlT9m8d86f8ziv03+mMV/2/wxi/9b88cs/tvlj1n835Y/ZvF/e/6YxX/7/DGL/w75Yxb/HfPHLP475Y9Z/N+RP2bxf2f+mMV/5/wxi/8u+WMW/13zxyz+78ofs/i/O3/M4v+e/DGL/275Yxb/3fPHLP575I9Z/N+bP2bxf1/+mMX//fljFv8P5I9Z/D+YP2bx3zN/zOL/ofwxi/+H88cs/h/JH7P4fzR/zOK/V/6Yxf9j+WMW/73zxyz+H88fs/h/In/M4r9P/pjF/5P5Yxb/T+WPWfw/nT9m8f9M/pjF/7P5Yxb/ffPHLP775Y9Z/D+XP2bx/3z+mMV///wxi/8X8scs/gfkj1n8D8wfs/h/MX/M4v+l/DGL/5fzxyz+X8kfs/h/NX/M4v+1/DGL/9fzxyz+38gfs/gflD9m8T84f8zif0j+mMX/0Pwxi/9h+WMW/8Pzxyz+R+SPWfyPzB+z+B+VP2bxPzp/zOJ/TP6Yxf+b+WMW/2Pzxyz+x+WPWfyPzx+z+J+QP2bxPzF/zOL/rfwxi/+388cs/iflj1n8T84fs/ifkj9m8T81f8zi/538MYv/afljFv/T88cs/mfkj1n8v5s/ZvH/Xv6Yxf/M/DGL/1n5Yxb/s/PHLP7n5I9Z/M/NH7P4fz9/zOL/g/wxi/8P88cs/j/KH7P4/zh/zOL/k/wxi/95+WMW//Pzxyz+P80fs/hfkD9m8f9Z/pjF/8L8MYv/RfljFv+L88cs/pfkj1n8L80fs/hflj9m8b88f8zi//P8MYv/L/LHLP6/zB+z+P8qf8zif0X+mMX/yvwxi/+v88cs/r/JH7P4X5U/ZvH/bf6Yxf/q/DGL/zX5Yxb/a/PHLP6/yx+z+F+XP2bxvz5/zOJ/Q/6Yxf/3+WMW/z/kj1n8/5g/ZvG/MX/M4v+n/DGL/035Yxb/m/PHLP635I9Z/G/NH7P4/zl/zOJ/W/6Yxf/2/DGL/1/yxyz+d+SPWfz/mj9m8f9b/pjF/+/5Yxb/f+SPWfzvzB+z+N+VP2bxvzt/zOJ/T/6Yxf/e/DGL/9T8MYv/ffljFv/788cs/tPyxyT+8w3yxyz+Q/ljFv9R+WMW/9nyxyz+s+ePWfxH549Z/OfIH7P4z5k/ZvGfK3/M4j93/pjFf578MYv/vPljFv/58scs/vPnj1n8F8gfs/gvmD9m8R+TP2bxXyh/zOI/Nn/M4r9w/pjFf5H8MYv/k/LHLP5Pzh+z+D8lf8ziv2j+mMX/qfljFv/F8scs/k/LH7P4Pz1/zOK/eP6Yxf8Z+WMW/2fmj1n8x+WPWfyflT9m8X92/pjF/zn5Yxb/8fljFv8l8scs/s/NH7P4L5k/ZvFfKn/M4v+8/DGL//Pzxyz+L8gfs/i/MH/M4r90/pjF/0X5Yxb/ZfLHLP7L5o9Z/JfLH7P4L58/ZvFfIX/M4r9i/pjF/8X5Yxb/lfLHLP4r549Z/FfJH7P4r5o/ZvF/Sf6YxX+1/DGL/+r5Yxb/l+aPWfxflj9m8X95/pjFf0L+mMV/Yv6YxX9S/pjFf438MYv/mvljFv+18scs/pPzxyz+U/LHLP5r549Z/NfJH7P4vyJ/zOL/yvwxi/+6+WMW//Xyxyz+6+ePWfxflT9m8d8gf8zi/+r8MYv/hvljFv+N8scs/hvnj1n8N8kfs/i/Jn/M4r9p/pjFf7P8MYv/a/PHLP6vyx+z+L8+f8zi/4b8MYv/G/PHLP5vyh+z+L85f8ziv3n+mMV/i/wxi/+W+WMW/7fkj1n8t8ofs/hvnT9m8d8mf8ziv23+mMX/rfljFv/t8scs/m/LH7P4vz1/zOK/ff6YxX+H/DGL/475Yxb/nfLHHvTf5oT/av935I9Zzv935o9Z/HfOH7P475I/ZvHfNX/M4v+u/DGL/7vzxyz+78kfs/jvlj9m8d89f8ziv0f+mMX/vfljFv/35Y9Z/N+fP2bx/0D+mMX/g/ljFv8988cs/h/KH7P4fzh/zOL/kfwxi/9H88cs/nvlj1n8P5Y/ZvHfO3/M4v/x/DGL/yfyxyz+++SPWfw/mT9m8f9U/pjF/9P5Yxb/z+SPWfw/mz9m8d83f8ziv1/+mMX/c/ljFv/P549Z/PfPH7P4fyF/zOJ/QP6Yxf/A/DGL/xfzxyz+X8ofs/h/OX/M4v+V/DGL/1fzxyz+X8sfs/h/PX/M4v+N/DGL/0H5Yxb/g/PHLP6H5I9Z/A/NH7P4H5Y/ZvE/PH/M4n+E0n+Of7qGxf9Ipf8/z+J/VP6Yxf/o/DGL/zH5Yxb/b+aPWfyPzR+z+B+XP2bxPz5/zOJ/Qv6Yxf/E/DGL/7fyxyz+384fs/iflD9m8T85f8zif0r+mMX/1Pwxi/938scs/qflj1n8T88fs/ifkT9m8f9u/pjF/3v5Yxb/M/PHLP5n5Y9Z/M/OH7P4n5M/ZvE/N3/M4v/9/DGL/w/yxyz+P8wfs/j/KH/M4v/j/DGL/0/yxyz+5+WPWfzPzx+z+P80f8zif0H+mMX/Z/ljFv8L88cs/hflj1n8L84fs/hfkj9m8b80f8zif1n+mMX/8vwxi//P88cs/r/IH7P4/zJ/zOL/q/wxi/8V+WMW/yvzxyz+v84fs/j/Jn/M4n9V/pjF/7f5Yxb/q/PHLP7X5I9Z/K/NH7P4/y5/zOJ/Xf6Yxf/6/DGL/w35Yxb/3+ePWfz/kD9m8f9j/pjF/8b8MYv/n/LHLP435Y9Z/G/OH7P435I/ZvG/NX/M4v/n/DGL/235Yxb/2/PHLP5/yR+z+N+RP2bx/2v+mMX/b/ljFv+/549Z/P+RP2bxvzN/zOJ/V/6Yxf/u/DGL/z35Yxb/e/PHLP5T88cs/vflj1n8788fs/hPyx+T+M8/eAz/D/7/MKz/q1n8hzr/MYv/qPwxi/9s+WMW/9nzxyz+o/PHLP5z5I9Z/OfMH7P4z5U/ZvGfO3/M4j9P/pjFf978MYv/fPljFv/588cs/gvkj1n8F8wfs/iPyR+z+C+UP2bxH5s/ZvFfOH/M4r9I/pjF/0n5Yxb/J+ePWfyfkj9m8V80f8zi/9T8MYv/YvljFv+n5Y9Z/J+eP2bxXzx/zOL/jPwxi/8z88cs/uPyxyz+z8ofs/g/O3/M4v+c/DGL//j8MYv/EvljFv/n5o9Z/JfMH7P4L5U/ZvF/Xv6Yxf/5+WMW/xfkj1n8X5g/ZvFfOn/M4v+i/DGL/zL5Yxb/ZfPHLP7L5Y9Z/JfPH7P4r5A/ZvFfMX/M4v/i/DGL/0r5Yxb/lfPHLP6r5I9Z/FfNH7P4vyR/zOK/Wv6YxX/1/DGL/0vzxyz+L8sfs/i/PH/M4j8hf8ziPzF/zOI/KX/M4r9G/pjFf838MYv/WvljFv/J+WMW/yn5Yxb/tfPHLP7r5I9Z/F+RP2bxf2X+mMV/3fwxi/96+WMW//Xzxyz+r8ofs/hvkD9m8X91/pjFf8P8MYv/RvljFv+N88cs/pvkj1n8X5M/ZvHfNH/M4r9Z/pjF/7X5Yxb/1+WPWfxfnz9m8X9D/pjF/435Yxb/N+WPWfzfnD9m8d88f8ziv0X+mMV/y/wxi/9b8scs/lvlj1n8t84fs/hvkz9m8d82f8zi/9b8MYv/dvljFv+35Y9Z/N+eP2bx3z5/zOK/Q/6YxX/H/DGL/075Yxb/d+SPWfzfmT9m8d85f8ziv0v+mMV/1/wxi/+78scs/u/OH7P4vyd/zOK/W/6YxX/3/DGL/x75Yxb/9+aPWfzflz9m8X9//pjF/wP5Yxb/D+aPWfz3zB+z+H8of8zi/+H8MYv/R/LHLP4fzR+z+O+VP2bx/1j+mMV/7/wxi//H88cs/p/IH7P475M/ZvH/ZP6Yxf9T+WMW/0/nj1n8P5M/ZvH/bP6YxX/f/DGL/375Yxb/z+WPWfw/nz9m8d8/f8zi/4X8MYv/AfljFv8D88cs/l/MH7P4fyl/zOL/5fwxi/9X8scs/l/NH7P4fy1/zOL/9fwxi/838scs/gflj1n8D84fs/gfkj9m8T80f8zif1j+mMX/8Pwxi/8R+WMW/yPzxyz+R+WPWfyPzh+z+B+TP2bx/2b+mMX/2Pwxi/9x+WMW/+Pzxyz+J+SPWfxPzB+z+H8rf8zi/+38MYv/SfljFv+T88cs/qfkj1n8T80fs/h/J3/M4n9a/pjF//T8MYv/GfljFv/v5o9Z/L+XP2bxPzN/zOJ/Vv6Yxf/s/DGL/zn5Yxb/c/PHLP7fzx+z+P8gf8zi/8P8MYv/j/LHLP4/zh+z+P8kf8zif17+mMX//Pwxi/9P88cs/hfkj1n8f5Y/ZvG/MH/M4n9R/pjF/+L8MYv/JfljFv9L88cs/pflj1n8L88fs/j/PH/M4v+L/DGL/y/zxyz+v8ofs/hfkT9m8b8yf8zi/+v8MYv/b/LHLP5X5Y9Z/H+bP2bxvzp/zOJ/Tf6Yxf/a/DGL/+/yxyz+1+WPWfyvzx+z+N+QP2bx/33+mMX/D/ljFv8/5o9Z/G/MH7P4/yl/zOJ/U/6Yxf/m/DGL/y35Yxb/W/PHLP5/zh+z+N+WP2bxvz1/zOL/l/wxi/8d+WMW/7/mj1n8/5Y/ZvH/e/6Yxf8f+WMW/zvzxyz+d+WPWfzvzh+z+N+TP2bxvzd/zOI/NX/M4n9f/pjF//78MYv/tPwxif8Cg/wxi/9Q/pjFf1T+mMV/tvwxi//s+WMW/9H5Yxb/OfLHLP5z5o9Z/OfKH7P4z50/ZvGfJ3/M4j9v/pjFf778MYv//PljFv8F8scs/gvmj1n8x+SPWfwXyh+z+I/NH7P4L5w/ZvFfJH/M4v+k/DGL/5Pzxyz+T8kfs/gvmj9m8X9q/pjFf7H8MYv/0/LHLP5Pzx+z+C+eP2bxf0b+mMX/mfljFv9x+WMW/2flj1n8n50/ZvF/Tv6YxX98/pjFf4n8MYv/c/PHLP5L5o9Z/JfKH7P4Py9/zOL//Pwxi/8L8scs/i/MH7P4L50/ZvF/Uf6YxX+Z/DGL/7L5Yxb/5fLHLP7L549Z/FfIH7P4r5g/ZvF/cf6YxX+l/DGL/8r5Yxb/VfLHLP6r5o9Z/F+SP2bxXy1/zOK/ev6Yxf+l+WMW/5flj1n8X54/ZvGfkD9m8Z+YP2bxn5Q/ZvFfI3/M4r+myH+uf2Fdi/9aIv9/JYv/5Pwxi/+U/DGL/9r5Yxb/dfLHLP6vyB+z+L8yf8ziv27+mMV/vfwxi//6+WMW/1flj1n8N8gfs/i/On/M4r9h/pjFf6P8MYv/xvljFv9N8scs/q/JH7P4b5o/ZvHfLH/M4v/a/DGL/+vyxyz+r88fs/i/IX/M4v/G/DGL/5vyxyz+b84fs/hvnj9m8d8if8ziv2X+mMX/LfljFv+t8scs/lvnj1n8t8kfs/hvmz9m8X9r/pjFf7v8MYv/2/LHLP5vzx+z+G+fP2bx3yF/zOK/Y/6YxX+n/DGL/zvyxyz+78wfs/jvnD9m8d8lf8ziv2v+mMX/XfljFv93549Z/N+TP2bx3y1/zOK/e/6YxX+P/DGL/3vzxyz+78sfs/i/P3/M4v+B/DGL/wfzxyz+e+aPWfw/lD9m8f9w/pjF/yP5Yxb/j+aPWfz3yh+z+H8sf8ziv3f+mMX/4/ljFv9P5I9Z/PfJH7P4fzJ/zOL/qfwxi/+n88cs/p/JH7P4fzZ/zOK/b/6YxX+//DGL/+fyxyz+n88fs/jvnz9m8f9C/pjF/4D8MYv/gfljFv8v5o9Z/L+UP2bx/3L+mMX/K/ljFv+v5o9Z/L+WP2bx/3r+mMX/G/ljFv+D8scs/gfnj1n8D8kfs/gfmj9m8T8sf8zif3j+mMX/iPwxi/+R+WMW/6Pyxyz+R+ePWfyPyR+z+H8zf8zif2z+mMX/uPwxi//x+WMW/xN0/o/v01r8T9T5P74s/t/KH7P4fzt/zOJ/Uv6Yxf/k/DGL/yn5Yxb/U/PHLP7fyR+z+J+WP2bxPz1/zOJ/Rv6Yxf+7+WMW/+/lj1n8z8wfs/iflT9m8T87f8zif07+mMX/3Pwxi//388cs/j/IH7P4/zB/zOL/o/wxi/+P88cs/j/JH7P4n5c/ZvE/P3/M4v/T/DGL/wX5Yxb/n+WPWfwvzB+z+F+UP2bxvzh/zOJ/Sf6Yxf/S/DGL/2X5Yxb/y/PHLP4/zx+z+P8if8zi/8v8MYv/r/LHLP5X5I9Z/K/MH7P4/zp/zOL/m/wxi/9V+WMW/9/mj1n8r84fs/hfkz9m8b82f8zi/7v8MYv/dfljFv/r88cs/jfkj1n8f58/ZvH/Q/6Yxf+P+WMW/xvzxyz+f8ofs/jflD9m8b85f8zif0v+mMX/1vwxi/+f88cs/rflj1n8b88fs/j/JX/M4n9H/pjF/6/5Yxb/v+WPWfz/nj9m8f9H/pjF/878MYv/XfljFv+788cs/vfkj1n8780fs/hPzR+z+N+XP2bxvz9/zOI/LX9M4r/gIH/M4j+UP2bxH5U/ZvGfLX/M4j97/g9rtpFHi//o/DGL/xz5Yxb/OfPHLP5z5Y9Z/OfOH7P4z5M/ZvGfN3/M4j9f/pjFf/78MYv/AvljFv8F88cs/mPyxyz+C+WPWfzH5o9Z/BfOH7P4L5I/ZvF/Uv6Yxf/J+WMW/6fkj1n8F80fs/g/NX/M4r9Y/pjF/2n5Yxb/p+ePWfwXzx+z+D8jf8zi/8z8MYv/uPwxi/+z8scs/s/OH7P4Pyd/zOI/Pn/M4r9E/pjF/7n5Yxb/JfPHLP5L5Y9Z/J+XP2bxf37+mMX/BfljFv8X5o9Z/JfOH7P4vyh/zOK/TP6YxX/Z/DGL/3L5Yxb/5fPHLP4r5I9Z/FfMH7P4vzh/zOK/Uv6YxX/l/DGL/yr5Yxb/VfPHLP4vyR+z+K+WP2bxXz1/zOL/0vwxi//L8scs/i/PH7P4T8gfs/hPzB+z+E/KH7P4r5E/ZvFfM3/M4r9W/pjFf3L+mMV/Sv6YxX/t/DGL/zr5Yxb/V+SPWfxfmT9m8V83f8ziv17+mMV//fwxi/+r8scs/hvkj1n8X50/ZvHfMH/M4r9R/pjFf+P8MYv/JvljFv/X5I9Z/DfNH7P4b5Y/ZvF/bf6Yxf91+WMW/9fnj1n835A/ZvF/Y/6Yxf9N+WMW/zfnj1n8N88fs/hvkT9m8d8yf8zi/5b8MYv/VvljFv+t88cs/tvkj1n8t80fs/i/NX/M4r9d/pjF/235Yxb/t+ePWfy3zx+z+O+QP2bx3zF/zOK/U/6Yxf8d+WMW/3fmj1n8d84fs/jvkj9m8d81f8zi/678MYv/u/PHLP7vyR+z+O+WP2bx3z1/zOK/R/6Yxf+9+WMW//flj1n835///8cePSAAQihQAPxG3Gzbtm3btu3dbNu2bdu2bdt1gXeC3swVJmr5H+g/avkf5D9q+d/Tf9Tyv5f/qOV/b/9Ry/8+/qOW/339Ry3/+/mPWv739x+1/B/gP2r5P9B/1PJ/kP+o5f9g/1HL/yH+o5b/Q/1HLf+H+Y9a/g/3H7X8H+E/avk/0n/U8n+U/6jl/2j/Ucv/Mf6jlv9j/Uct/8f5j1r+j/cftfyf4D9q+T/Rf9Tyf5L/qOX/ZP9Ry/8p/qOW/1P9Ry3/p/mPWv5P9x+1/J/hP2r5P9N/1PJ/lv+o5f9s/1HL/zn+o5b/c/1HLf/n+Y9a/s/3H7X8X+A/avm/0H/U8n+R/6jl/2L/Ucv/Jf6jlv9L/Uct/5f5j1r+L/cftfxf4T9q+b/Sf9Tyf5X/qOX/av9Ry/81/qOW/2v9Ry3/1/mPWv6v9x+1/N/gP2r5v9F/1PJ/k/+o5f9m/1HL/y3+o5b/W/1HLf+3+Y9a/m/3H7X83+E/avm/03/U8n+X/6jl/27/Ucv/Pf6jlv97/Uct//f5j1r+7/cftfw/4D9q+X/Qf9Ty/5D/qOX/Yf9Ry/8j/qOW/0f9Ry3/j/mPWv4f9x+1/D/hP2r5f9J/1PL/lP+o5f9p/1HL/zP+o5b/Z/1HLf/P+Y9a/p/3H7X8v+A/avl/0X/U8v+S/6jl/2X/Ucv/K/6jlv9X/Uct/6/5j1r+X/cftfy/4T9q+X/Tf9Ty/5b/qOX/bf9Ry/87/qOW/3f9Ry3/7/mPWv7f9x+1/H/gP2r5/9B/1PL/kf+o5f9j/1HL/yf+o5b/T/1HLf+f+Y9a/j/3H7X8f+E/avn/0n/U8v+V/6jl/2v/Ucv/N/6jlv9v/Uct/9/5j1r+v/cftfz/4D9q+f/Rf9Ty/5P/qOX/Z/9Ry/8v/qOW/1/9Ry3/v/mPWv5/9x+1/P/hPyr5H/A3/1HL/9/9Ry3///Aftfz/03/U8v8v/1HL/7/9Ry3///Eftfz/13/U8v8//1HL///9Ry3/g/mPWv4H9x+1/A/hP2r5H9J/1PI/lP+o5X9o/1HL/wD/Ucv/MP6jlv9h/Uct/8P5j1r+h/cftfyP4D9q+R/Rf9TyP5L/qOV/ZP9Ry/8o/qOW/1H9Ry3/o/mPWv5H9x+1/I/hP2r5H9N/1PI/lv+o5X9s/1HL/zj+o5b/cf1HLf/j+Y9a/sf3H7X8T+A/avmf0H/U8j+R/6jlf2L/Ucv/JP6jlv9J/Uct/5P5j1r+J/cftfxP4T9q+Z/Sf9TyP5X/qOV/av9Ry/80/qOW/2n9Ry3/0/mPWv6n9x+1/M/gP2r5n9F/1PI/k/+o5X9m/1HL/yz+o5b/Wf1HLf+z+Y9a/mf3H7X8z+E/avmf03/U8j+X/6jlf27/Ucv/PP6jlv95/Uct//P5j1r+5/cftfwv4D9q+V/Qf9Tyv5D/qOV/Yf9Ry/8i/qOW/0X9Ry3/i/mPWv4X9x+1/C/hP2r5X9J/1PK/lP+o5X9p/1HL/zL+o5b/Zf1HLf/L+Y9a/pf3H7X8r+A/avlf0X/U8r+S/6jlf2X/Ucv/Kv6jlv9V/Uct/6v5j1r+V/cftfyv4T9q+V/Tf9Tyv5b/qOV/bf9Ry/86/qOW/3X9Ry3/6/mPWv7X9x+1/G/gP2r539B/1PK/kf+o5X9j/1HL/yb+o5b/Tf1HLf+b+Y9a/jf3H7X8b+E/avnf0n/U8r+V/6jlf2v/Ucv/Nv6jlv9t/Uct/9v5j1r+t/cftfzv4D9q+d/Rf9Tyv5P/qOV/Z/9Ry/8u/qOW/139Ry3/u/mPWv539x+1/O/hP2r5H+g/avkf5D/6y/0DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwJ/t2G1tnWfhx/O62jrE//2TEBZehySYXCokw2z1kvCBsMrbVQTeexwBHt3Zjo91m12FXwD28mEQID5JMskSJsmUoYSY0EgPBCiIadFETDT4AohBF40QIuiUu1pz2tLTHrvFc9boW5fN50XPu++x3b2vy3X0vMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD479XQuPDI+Jphp8YPPfjg4Za+1zlHV9584Lc9Fw68lj9eNsIlxw096O3t7Z3z3Owd5cNTiqIo/Ww7y8eTKsel6++s/0Jn/1FY0PPSkuNTft545MCa0x+p6z56f23f2dripnUbWls+Nq4owsW1RWfpoK6mKMLi2uK+0kF96WBJbfFI6WB238GpxbdLB+ev3dzaXDqxNPp7Bv8rGhp3FuOHFVsM+9NgaP87679158DrKJccuNqEotz/FV3ff6viswEn6H/g+mFhZf9V/waBE6qu/xcWDLyOcsl/uf9PfmrVKyN9duL+B64fPq5/SGeE5/9hjVY+91c8/88Y4ZKD+6tquo6X+r/0tmdnlk9N+Hee/9+9fri4sv9xw57/S8/xiwae/08pinDJGL8d8J7S0LjryGj3/9H7nzC9YlMztP8z2jfvL/X/+JLvPVE+VVtl/4tGuf+PW1rxawWq09D45d6K+38V/RcfGeGSg/2//cSvHy71/9jvHzhzyGfV9H9JZf+zOtq2zNq6veu8DW1N61vWt2yqmz1/zrz6unkXzJ3V90jQ/3WM3xV4bxjb/b+YXLGpKYqWwf013QeeLvU/98EH55RPTaqy/8Wj3v9nuP/DiD40rpg4sehs6uhor+v/OnBY3/+1/4eN0H8Vf/8/65zyD6stv9YUxbTB/V1n3r2i1P87h57dXT41scr+l4za/4LBnxeIMMb7f3PFZlj/Bw+91Pf8v+zeg2eUT1X79/+lo/b/qvs/jEVDY8X/8PMfVup/V3FZZKehwX//g3Ry9P/YOzf0xK3DJ/QP6eTo/3efO3pu3Dos0z+kk6P/CRsfeD5uHS7VP6STo//lU+eviFuHy/QP6eTof+2r5/45bh0a9Q/p5Oj/nC/t7oxbh+X6h3Ry9P9Q+5xtceuwQv+QTo7+f3raQ6/FrcPl+od0cvR/7Ng9N8atwxX6h3Ry9N+95+wfxK3DlfqHdHL0f/m6hSFuHa7SP6STo//p0/74eNw6XK1/SCdH//P+9PfT4tbhGv1DOjn6v+PzK/bFrcO1+od0cvQ//vpXXoxbh5X6h3Ry9L/07G0L49bhOv1DOjn6b/5Jc2/cOqzSP6STo/9ZX//Rhrh1uF7/kE6O/g8vf3RP3DrcoH9IJ0f/e+qKKXHrcKP+IZ0c/X/tu6cfiluHT+of0snR/2+eenJ+3Dqs1j+kk6P/5z5w+zfi1uEm/UM6Ofq/d82LZ8WtQ5P+IZ0c/T+89/kvxq3DGv1DOjn6f+ONtv+LW4e1+od0cvQ/edKpr8etQ7P+IZ0c/S+89SvtcevQon9IJ0f/bbu7fxi3Duv0D+nk6P/Dx6etiluH9fqHdHL0v3Lu3vfHrcPN+od0cvT/vmUX7opbhw36h3Ry9H9Rz0cviluHjfqHdHL03/HMZ78atw636B/SydH/3pmvLY5bh1b9Qzo5+n959dIfx61Dm/4hnRz9v/XodZvi1mGT/iGdHP0/+bO3j8Wtw2b9Qzo5+v//Cxb9NW4dtugf0snR/+Ilb66NW4dP6R/SydH/xu5/vBy3Du36h3Ry9D/z8NXL4tZhq/4hnRz9f+e8uv1x69Chf0gnR/93XrmvPm4dtukf0snR//6Dd90dtw636h/SydH/m7+YMT1uHT6tf0gnR//3Tzl0bdw6dOof0snR/y831T4Ttw7b9Q/p5Oj/b/um7ohbhy79Qzo5+n/69Z4/xK3DbfqHdHL0v3rCrybGrcPt+od0cvQ/tWvLfXHrcIf+IZ0c/c+/p+n8uHX4jP4hnRz9b/3LC9+MW4cd+od0tm7vuqWptbWl3RtvvPFm8M3J/pMJSO3d6E/2rwQAAAAAAAAAAAAAADiRHP+c6GT/HgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIB/sgMHAgAAAABA/q+NUFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYUdOBYAAAAAEOZvHUTvBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF8BAAD//+8S49Y=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x28042, 0x0)
ioctl$FICLONERANGE(r0, 0x4020940d, &(0x7f00000000c0)={{r0}, 0x0, 0x0, 0x100000})
truncate(&(0x7f0000000940)='./file1\x00', 0x2fffffd)
truncate(&(0x7f0000001c40)='./file1\x00', 0xe4a0)

4.392001434s ago: executing program 0 (id=741):
socket$nl_netfilter(0x10, 0x3, 0xc)
socket(0x10, 0x3, 0x0)
socket$key(0xf, 0x3, 0x2)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bpf$MAP_DELETE_BATCH(0x18, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x5, 0xffffffffffffffff, 0x0, 0x20}, 0x38)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/custom1\x00', 0x802, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f00000000c0)=0x3)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
r3 = syz_io_uring_setup(0xef4, &(0x7f0000000240)={0x0, 0x26bf, 0x20, 0x3, 0x0, 0x0, r2}, &(0x7f0000000180)=<r4=>0x0, &(0x7f00000001c0)=<r5=>0x0)
syz_io_uring_submit(r4, r5, 0x0)
io_uring_enter(r3, 0x2ded, 0x4000, 0x0, 0x0, 0x0)
setsockopt$inet_tcp_TCP_FASTOPEN_KEY(0xffffffffffffffff, 0x6, 0x21, &(0x7f0000000040)="5766b1b827f600333b09d3748ee7d700", 0x10)
r6 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/timer_list\x00', 0x0, 0x0)
r7 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/net/ipv4/tcp_dsack\x00', 0x1, 0x0)
sendfile(r7, r6, &(0x7f00000000c0)=0x8e, 0x180000504)
ioprio_get$uid(0x0, 0x0)
ioctl$HCIINQUIRY(r0, 0x400448ca, 0x0)
bind$bt_hci(r0, &(0x7f0000000040)={0x1f, 0x0, 0x1}, 0x6)
write$bt_hci(r0, &(0x7f0000000200)=ANY=[@ANYRES8], 0xb)
ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f00000000c0)={0x2, 0x1, 0x1})
ioctl$vim2m_VIDIOC_STREAMOFF(0xffffffffffffffff, 0x40045612, &(0x7f0000000100)=0x1)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000000)={0x1, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x20, &(0x7f00000002c0)=[r1], 0x1)
openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000002740), 0x401e80)
bind$packet(0xffffffffffffffff, 0x0, 0x0)

4.301852659s ago: executing program 2 (id=742):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000380)={'syzkaller0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r2, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
r3 = socket$pppl2tp(0x18, 0x1, 0x1)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r3, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r4, {0x2, 0x0, @dev}, 0x2}}, 0x2e)
r5 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r5, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x18}}, 0x2, 0x1}}, 0x2e)
r6 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x1a01, 0x0)
ioctl$EVIOCGPROP(r6, 0x40047438, &(0x7f0000000180)=""/246)
writev(r6, &(0x7f0000000640)=[{&(0x7f0000000300)="c0217cb14adc", 0x6}], 0x1)

3.815226228s ago: executing program 0 (id=743):
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0)
r1 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000280)=ANY=[@ANYBLOB="440000001300a7cc4a372eaf541d002007000000", @ANYRES32, @ANYBLOB="00000000100000001c001a80080002802d00ff0008000200", @ANYRES16=r0, @ANYRES32=r1], 0x44}}, 0x0)
r2 = socket(0x400000000010, 0x3, 0x0)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
sendmsg$nl_route_sched(r2, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x54801}, 0x0)

3.664695487s ago: executing program 2 (id=744):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)={{0x14}, [@NFT_MSG_NEWRULE={0x58, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x2c, 0x4, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, @synproxy={{0xd}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_SYNPROXY_MSS={0x6}, @NFTA_SYNPROXY_FLAGS={0x8, 0x3, 0x1, 0x0, 0xc}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x5}}}, 0x80}}, 0x0)

3.663821127s ago: executing program 0 (id=745):
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x13, 0x4, 0x0, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0258ff000000000000000058000b4824ca945f64009400ffc094010ebc000000000000008000f0fffeff0300000000fff5dd00000010000100090810000c0000000204", 0x56}], 0x1)
bpf$MAP_CREATE(0x100000000000000, 0x0, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000740)=ANY=[@ANYBLOB], &(0x7f0000000000)='GPL\x00', 0x2}, 0x94)
mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0xfffffffffcffffff, 0x20031, 0xffffffffffffffff, 0xbe9f5000)
r1 = userfaultfd(0x80001)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x80242, 0x0)
ftruncate(r2, 0x2007ffc)
r3 = open(&(0x7f0000000400)='./bus\x00', 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0xe, 0x0, &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8}, 0x94)
syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x3)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_open_pts(0xffffffffffffffff, 0x141601)
read(r3, &(0x7f0000000180)=""/19, 0xfffffe47)
ioctl$USBDEVFS_GETDRIVER(0xffffffffffffffff, 0x41045508, &(0x7f0000000580)={0x1, "3d6688e329343ce3a83f185872dbeddb5003ce172d596e90e4aec0a227982ce525d6ded781f23c087183676027015580366a911fc4eb8aeb098d69a3a1bb1df2cdaaf4e8c611960653a3d9e2603fc656a14be867291734656512ae9b61fb8be59f07fd1563c0778cb102a56a10cf882917b9d666996139b0a662b72349f30881f9d3bc588a87e06fb0522b20c4a8a6ef7a6a3a6958f8b5ce900f87712148fcbacc7110f83d840a3d18e33e82893083ef087d491b446fbb63dbd78b0f1001554e3eed406d57c0afabfc969a87f682a8c87d6c246e93ec8de668389e6f788af3ed0e63943edc36625e10dcdf40e212136c5444b5fb1edf75fe920464bdc506d8e3"})
pidfd_send_signal(0xffffffffffffffff, 0xc, 0x0, 0x0)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000040)={0xaa, 0x2e8})
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000140)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x4})
syz_usb_connect$uac1(0x2, 0xa4, &(0x7f0000000300)=ANY=[@ANYBLOB="12010003000000106b1d01014000010203010902928444eaf10566670b000000010100000a240181001002011a092405020998ba757408240804000205af092405030a4487c04e07240503052bca0924080107000bbca5092408020500570fc8090401000001020000090401016ecff24e00090501090002380b07072501030ac8040904"], &(0x7f00000002c0)={0x0, 0x0, 0x3f, 0x0})
ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000080)={&(0x7f00006c6000/0x400000)=nil, &(0x7f000018b000/0x3000)=nil, 0x400000, 0x0, 0x18100})
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xe, 0x4, &(0x7f0000000a80)=ANY=[], 0x0}, 0x94)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000001080)=ANY=[@ANYBLOB="0900000018000000080000004000000042000000", @ANYRES32=0x1, @ANYBLOB="000000000041a47d6d65b09eec3b000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100), &(0x7f0000000580), 0x1000, r4}, 0x38)
r5 = socket$inet6(0xa, 0x800000000000002, 0x0)
setsockopt$sock_linger(r5, 0x1, 0x3c, 0x0, 0x0)
sendto$inet6(r5, 0x0, 0x0, 0x4c881, &(0x7f0000000540)={0xa, 0x4e24, 0x10, @mcast2}, 0x1c)
sendmmsg$inet6(r5, &(0x7f0000000880)=[{{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000580)='B', 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f00000006c0)}}, {{0x0, 0x0, &(0x7f0000000a40)=[{0x0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000e40)=[{&(0x7f0000000bc0)}], 0x1}}, {{0x0, 0x0, &(0x7f0000001100)=[{&(0x7f0000000f00)="e8", 0x1}], 0x1}}, {{0x0, 0x0, 0x0}}], 0x6, 0x400c404)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000001600)={r4, &(0x7f0000000580), &(0x7f0000001580)=""/92}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x12, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000010000000000000000000000711823000000000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock_addr=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

3.451331579s ago: executing program 2 (id=746):
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
recvmsg(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0xf8}], 0x1}, 0x1f00)
sendmsg$tipc(r2, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0)

2.455855857s ago: executing program 2 (id=747):
syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file1\x00', 0x8c0, &(0x7f0000000080)=ANY=[@ANYBLOB='acl,heartbeat=none,dir_resv_level=00003,coherency=full,coherency=full,localflocks,coherency=full,noacl,\x00'/119], 0x1, 0x4428, &(0x7f0000008940)="$eJzs3T9sG2UfAOD3Lvm+Jv3afknpUCQkLFEJBChKOgGpRJqmTZM2FBVaIRbXSdw24MRV4iCGDmGrxITEgBgqkNgyVRlYy8jIwlgmhkowsCAhVQTZPie5i62YKk5oeR6pOd/73/75Xr83XN84Ubk5t5SbW8oVFnLlmetLJ3MflUvL88UQ75H97p/2dCJOYr9/Lp05987VkyF8N/vjw/X19fVQ1R2aGtry+vffbs9sPTbEmTrVdpu3tlveDyEc2zauqq4QwnvfhhCFEE4naaPJsTeEcCTU867e/vRabpdGc+9B8VT+0dSdteETk6t311q/9yiEL0vPvnpj/pcXuoZ/enmXugcAAAAAAAAAAAAAAAAA4Ak3fvnSlbcHh8L9KHSvRtuf1x1Pjq2ej13fNc93/s0CAAAAAAAAAAAAAAAAAADAP9Tm8/+56GiT5//HkuNIi/rrb3Z+jHTOxFuXxs4ODiX7v0fb8l9Lkn493RX6m+z7nt3//XSmfvP937f387ga42v02xeieCB1HscDAyF8nWz8fjw6GJfKS5VXrpeXF2Z3bRhPrHT867v3p6KTbOi/U/x//r5ebjTTfuf3/39m27epen5t975iT7V0/Ltalvvmk6it6/9Mpt5exJ/Hl45/dy2td2uBkfoEUI3/Z907x38s036n4n8khJCLqmPNpWaA6hqmmt5qvUJaOv7/qaWlps7kg2x1/f+Rif/ZTPv7Nf+vZH+IaCod///W0npSJTav//545+v/XKb9/Yh/dfwrfv/bko7/gXpid6pI7ZNsd/4fz7TfqfhfiZNxHolS34DVqJ7e6v+rIy0d/55t+Zv3f3Fb67/zmfp7df/X6Ldx/9eY/l+K6vd/NJeOf2/Lcu1e/xOZep2e/0dq6z8eVzr+B2tp6bVzX+1vu/GfzLTfqfjXViU9jfhvzid/Hqinf2X915Z0/P9XT4y3llip/a2t/6Kd1/8XMu3vx/qvOv6VuLO9Pi3S8T/Uslw1/j+08ft/MVOv8/HfzdXEv086/odblqtd/z07x38qU6/T8X+xk40DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPAFGk2NfiOKB1HkcDwyEcCY5Px4ORtOF2fx0qTzz4VIIY0l6LhyNbpTK04VSfm6hPFvMF0ql8kwIZ5P8Y6EnWiqVK/n5wq1zG231RjeLhcXKdLFQCSGMJ+nPhcONtqbnKvOFWyGE8xt5/4/Li7duFhbys3OLbwwODg6GiY0x9EfFjyvFhUq993puCJMbdfuiLYOrZV/YGMuh6IPy8uJCoVRLv7ilTqk8UyhtqTOV5H0e+qPK4vLCTKFSzJfKNxr97aeR5Dg2cfndyxeHtuVfi+rH0b0dFgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB/0/3h178IIXTXz+IQQi5KXkTJv5R7D4qn8o+m7qwNn5hcvbv2sFkZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgL/YgQMBAAAAACD/10aoqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwi79ozQQRHEAfjMWWnoMq2W3s11RRAtXBE+gx/AwehQv4R0sUqRNEQLJLIT9A9sk1fc1D+bHzHswDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgOUe37r317qJSHG1vYz4/fz7P86fS/2+m75/cYYZOZ2nl+7+oW7Kv6dRfluOVm3ep5v110dM1N7PYE+G+3Qw7jM0t29z8/V9ryPlKiLakt+knKtq2VsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwI4dOBAAAAAAAPJ/bYSqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoq7MCxAAAAAIAwf+so+jYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4FQAA//8KEyDQ")
r0 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x4c1, 0x108)
pwrite64(r0, &(0x7f0000000100)='(', 0x1, 0xa0000)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x141842, 0x142)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
write$binfmt_script(r3, &(0x7f0000000200), 0xfea7)
copy_file_range(r2, 0x0, r1, 0x0, 0xffffffffa003e45c, 0x700000000000000)

2.290676947s ago: executing program 4 (id=748):
socketpair$unix(0x1, 0x3, 0x0, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000280), 0xffffffffffffffff)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x4, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2, 0x0, 0x0, 0x1}, [@call={0x85, 0x0, 0x0, 0x18}]}, 0x0, 0x8, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3fffffff}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000100)=0x5)
sched_setaffinity(0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000007c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000100), 0x1c3902, 0x0)
sendfile(r2, r2, 0x0, 0x200000)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
socket$nl_generic(0x10, 0x3, 0x10)
sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x4)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="240000002100050100000000ffdbdf250200000000000000020000000500131201000000"], 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
sendmsg$NL80211_CMD_START_AP(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000001cc0)=ANY=[@ANYBLOB, @ANYRES32=0x0, @ANYBLOB="0c009900000000000000000028002a007e150afb030802110000000200000005000000018000000103b61b60bd0608021100000073007f00826d4700010000000008021100000109000000ffffffffffff03000000040000000700ffffffffffff09000000040802110000010500000004ffffffffffff0000000001080211000001ffffffff00ffffffffffff0100000001080211000001968d0000010802110000010200000000e905910071199103b687d675f7b257d42ca8d1b592cacbbfe11ff99d943cdccc37832799079f0e1d39316259fd46559135bd3f635c7796849fdb5ecc9d38a7660094a0dd63721c3464457c484f9d5a5bbd8f31dbdd7ea4b5de962f28c8fc21d66a9cff766b2385e950df09ed487fc31beb64fffcef66a1451bf6212f50d871b04fbc6ad8f11775d4bf7635054871a917b1cd10909e7e08df2fb3d92f0e5ae5b020bc1b0973c430a1e766e9f435523b08adeaca66c4524b38224ac9aa940ad54889cf06f2a79220ad61b5877222fcd51d9f6dfd748630f398f69da97993ba4806eaa8e0e784763d5a135a6b057b5b0e31248ceebefcfffa6ad28f6d3961e661d1d45c09124e5e9477acdd4106c36a3440925521826c40a0642208e1276c532794f7f5acf2a4b3c00b2553c6f0b1f31a6def8d38abcb187b394fe7d20245fe18043d34a224ee6f476d0376ba7bec516ef78ecbfccdd3f84a9825b56ca488dd96015f6e6708a94028dae9bcb0bf9e62645a658923c5d0701c740c367d361224098aa27638e67f7e80dabafe042e7648261c852b00f41646a1e52ec9933e68b84f8e773dae3230ec1f9c96a2de2fc4e0c0b640cc6124571e92ce710ef490ab721ffe5fe577a5184bd77ac62eea730f75a36592ef9148ac6ad4b8c7ef2f783af3ca2db1f1cdbedf8f5e9a5710fc63c7d33aaf3eaea193f016831c572daa869b0e1bfa00f91bfc06e97b2129859ecc2cd3f63dd12ae68c51a221496b47d42e6818d6872a4c862248cfeae0bfae690b6b0e4281693039c4b0aeaa991ad7830d78478900d2f3676be2dc5af93ae12428725a96ea6647b7384596c2188c9ecee360f785405a9edd6de764fc001ffc2a6357e0b2c2a93024fad275ff09f9e25a45fc7b2e9cdd8c222a65df8e56a56e907a7d67b63e48e1d9945e150320b518cba2671daf27b025096466337b052baa11e3dcc3130c1da9188bb1d5a2fe32c5cba62be5b62b524043cc48dc08e2ae7bfb3c106e8e0b635ee1660cb990f371e85e3b4b8025f322fcc7825f223e942efcf578eae40b7cfac2816c3de76f8d4d313f0bbdad835b6c59b8145820b86b834122e0d8d617c9e4ca60e04e51229d6bf22f33d7011c800dd81c8d1e725082fef2b9f62b3e3675f527c10c533b68e07e6928fdc5b4142d2a4918be3aed08bdf386dcfe698778ae8dc0b2646bdd472c89a81b850fd32b6a47705a0596da0d6ff5cda5914d943718957c214aad87c81e09012397b67e74a9b85623c8ad9381255dbfd30b3917e81e2a1538ee42e018dd3d7770d679956cf373ea06c804a68306976f93b7f4d5153ef3acf2dc5db0cba0ba974f9ac072c4737a85b1c1ccd9af8cbae3856a08903f1bb47505133d645014192bb20d6019f930819b4561e48c944af27617d484729caa1e23f1dec901086c5dc23b5e30397282b9a8f5b2595d8405302c6004eb7d63c327cd7e0f32eaef297977d2ce52f8d576ae5b70782c26cce9cc56663ea87a67ae6f9f20c9f7f32a18722e6bf3eaf66ce866c2e5a19cb2d6bff07bccefd0006352dbcbdc09d4be0a60eb9e0c780c858178a7a9bdb84ee6fe70b1277447590611fd952dfcaba8b72378b6c9fc0eaa231c61651b9f691a976788cd720c8ea5f900ddd9f21bd376572c9bfce0cc4c52c317bb1291811bca9cda53bf61a0e3300f7fd23b2a224c5ec6be0fa56552f3ae791570dcd01ad9405ab1eb9ce5faa67a72356ea39f808437cbe3a96f152981e5372d1da8d7a06af2ccbaf583a9a62f75175841125b30a377e8ad4963bd187ef2339a4dcf28875811440633176ea518214446902bd134a688fb5bb7cbfcd28ceaa2a9b5046a9ac6eb3bcd9da574b3e23ce00338d490c27c32bc193dd12a92b1bfce6d8aab372280ec3687591567a656d7f57266aae72f22880b4024f13087899c535bcfac93df34298d298da20e7ee54e234e664208890b0a70846a63e15b4b4975861fd5b2bb1b1ef83a226b6fc0274ce19911892628f3a58278e5f1f670d242ba262a27f2b055c17f152021d9df35d3ca71a57cc4f6ecf812c963fbdae7afb75c79c643962fb9276b36b4dd4af7a088e691abecfe1ac7600979baecbf7cb025ee1cedc4c6672e17b8f1406900000042000f0006024d008325409b01080211000001010000000802110000000200000005000000ffffffffffff0400000000060101010101013e01030406060d00040200000004007f00d0000e80ca000200070bb3e9ff16235c788cad9d15eb81f4a3e41c50c5d7904a782b0f9f9a88800d10715051347207ff17839d2aa3121e19b7a20474dcd1dd249afdc2b281b531d65a50c1c92004c5b124f5bef67cb30e4911ac50d763aa1eb8c9ffd46ec8c4a57b426861bee640d2a60d01f504fb8514cbe001be2e51ecbb5543184e397c44d3f7837a8b6f2240b5c85a0ef44042d8704ae4ec7dda58a2c4a447f6c78c67345fc892472df94e22a925ccf6e0df9ade864454ed21358f7325b18967e9b4fc907f255e69590dd7b00000ae007f006804554e0f002d1a02001df30e0000000000002f000200060000000600e2d700007f823b040a0e7e5a0000080211000000ffffff7fa4f8000005000000030408021100000001000080010802110000010800000004ffffffffffff00020000720603030303030382414708200000000008021100000008000000ffffffffffff0e000000000400000301ffffffffffff0400000005080211000000ff7f00000508021100000001000000000031002a00831f000203ffffffffffff55050000d7be000005000000080211000001010400007107ff01ff000207603e0102000000660491004abfe86d42cdf85d8c7abf77d9cfbe8518bb2e13818c115ee057ef85ce5b4f83abb112e339e6573ec9e05df7ec0ef1c5aa067f39a38d765d0fa923b07bea801cdb31a7263d626ba9e257be26bfe8205d4c5d8a3fe5b32488f9400f4223de9e37e9d144f8e31549263d9c23a417ec26b781afa43fa92374eb26c313c96682725767b7ff381efe78d7d11d3ac336447018510eddf1b3ac3bc5e000a2ae8f461f583eeb8ef8bba64bbdd7abc580c8bf4c1da3d08a2e438c2fe4dbb838ac9fc1bd8f8d7c17f2a085340f6f12a5d64c615f267309a9b7a7fd5ab9cc97f1b72fdf00b4202ef988e25a10293c031d24ff2010458f3844ae9addb402fb7163ee3991f9a9c7e5463645e7bbee8be41e947d6db35de593741d6369fe808546ce81e0c0eb9560bcb7725aa411ed23bcc51263ec700038c7a04ad4c73343f526f8164e05c0d222189404685700c2713c25762c5bbcb358ab5e889ca54b014c086bb554fa88b07cc0448dd136830b282dd9f88aa672ccaca36719300828877fc0ac61b7b8fd307407d17c8430d9cc4d0d1ffa83d238ad409778ae947ecf2344217978c6dbc7cece212ccc70c0631374643d407a2022efa832d31e2e1604e6224d71c6ec2bfde373a9fc69cf372f786d35fd79682ecf659a85583ef92c7365cc58f04783bf6a773cd8562193a44c132e81d9142d6250f5623950c24d5bddcecd863c694b6a3a79e60a7f3f5d5a5a03e19a38747c846a2fca6a20496e4c4b39e956465c6d39686fa9899d2d37616d14cb77682aa9d38dbe2e513d47b620fe1ddf83e99a105f35420e1aed0d5af192d11674d992e3a254823754a11230a0d379183a51a0e0cb9707724019a1559402d87c0b8045841280a06cabd4c61ae395646218b2a853da291e7ebf87a0ff8847f268ddb7986fa97da737f3417409fb8de97571be9ae403ee14dfe7bdb5100027b27b02483960e638132b5861128095495c5483a7611e18570cc1ed2ab734783d428346f189b212e37f9217e8a58d4323553c81fe63fbdb86361d99bd763c72034483061b278cf4d8bc8619ca0acdcf6a2d13d12f685a4dbb8ee0f0310c689819b579920605289787dd497138c3cc8d3e35bc1946d8353914f8abe25dc1cfa25cba4c8f2c92bdcd5fdb795240452a911b3aacbc2f9709aa88aeed27d91fa1c7493a20fca7e8ba21a4c57b52c887ea0ff38e427a621323dc4c1b677e8ae6faeb8f5f5e37cecf0e94297d9ae75d7c0b5415881e4a8c60056fa7e15c241d2e6a2bd0b821282a1695c3da62e61f0a5c6833cc3c1860f3059e2f7b9fc0cbf7a9cc0abdff259ae8eaf6a1b746c03e70595b5c0174bbe7b79c34e897b5d470e6324904a171892e7c310890e504b029075abf5dffbd0230a8a941af43578764946cd5661071625b7b82363489c6cd954852f40c964865fd7fe20253c2a6deb2e63bca31e2de925111aa897d3d64c0b40f60236d7f3c02eb58f330267afb8746db07fbfb05ac6bb992af07059fae7d042057ed420829123dd7af5228449bb3cf73d4e977a44abb85d05df95a9feae73ee9277b7e9517c15d65f253f59a8bcffb000008000d000100000008004a0001ac0f0004001e01040008011c004c000dac0f0007ac0f0004ac0f000dac0f000fac0f000bac0f0071000f00060201046804050004003761030187d9e0c6ee5e347d803b2c3cafb488040016de6904893cd6cf0b32ae64c437ca06e3064f689abac91753be577a4ac8d95085e320f66086244868ae8b4b58521cbf114aad36dfc93b67eefe3fc567d013040d6b44d860af0382f4750b0614a50000000d0080007107ffff00ff0008210000004e010e00809c0500ffffffffffffffffffffffff50505050505005001c000880010000000000000064"], 0x1360}}, 0x0)

1.952216327s ago: executing program 3 (id=749):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x2000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f0000000080)={0x0, 0xf03e, 0x30}, 0xc)
r3 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_mreq(r3, 0x29, 0x1b, &(0x7f0000000100)={@remote}, 0x14)
setsockopt$inet6_mreq(r3, 0x29, 0x1b, &(0x7f0000000280)={@remote}, 0x14)
r4 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
r5 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r5, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-aesni\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r5, 0x117, 0x1, &(0x7f0000000f40)="ad5bb6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r6 = accept4(r5, 0x0, 0x0, 0x800)
sendmmsg$alg(r6, &(0x7f0000000d00)=[{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000005580)="b9c973acad96fc274d605b6ea5083e90f7854520a3d82c106c2af8caf9b5e405cc034349655ac1b02043573da783b7abbfb914c18faaa9f22793be794e48473a883838d23d387aa105d1935058122b84e197b38365433fb37bb8749ee0d3f510c764131b4218a46cd7c2d3c99ef99d5442a6472f74c677c431784c317607750b0f88b7575faf59a9f3d0cc346d0b5a7dd8949753cf51cb7b70eb86bd53a19b0661b0ec33ad3b24e8bd3ddfe2546ebd4ea346", 0xb2}, {0x0}], 0x2, 0x0, 0x0, 0x8011}], 0x1, 0x40800)
ioctl$sock_netrom_SIOCADDRT(r4, 0x890b, &(0x7f0000000000)={0x1, @default, @bpq0, 0x4, 'syz1\x00', @default, 0x1, 0x0, [@null, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @default, @default]})
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000000))
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x0)

1.587812328s ago: executing program 4 (id=750):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
timer_create(0x0, 0x0, 0x0)
timer_settime(0x0, 0x0, 0x0, 0x0)
futex(&(0x7f0000000180)=0x1, 0x86, 0x2, 0x0, 0x0, 0xfffffffc)
r1 = creat(&(0x7f0000000080)='./file0\x00', 0x248)
close(r1)
r2 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000000), 0x80042, 0x0)
ioctl$PTP_PEROUT_REQUEST2(r2, 0x40043d0d, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$inet6_sctp(0xa, 0x5, 0x84)
mount$9p_fd(0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYBLOB])
r3 = socket$inet6_sctp(0xa, 0x801, 0x84)
getsockopt$bt_hci(r3, 0x84, 0x80, &(0x7f00000010c0)=""/4111, &(0x7f0000000000)=0x100f)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
syz_io_uring_setup(0x49a, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0)
r4 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r4, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000002c0)="2e00000010008188040f80ec59acbc0413010048100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)

551.729148ms ago: executing program 4 (id=751):
socket$nl_netfilter(0x10, 0x3, 0xc)
socket(0x10, 0x3, 0x0)
socket$key(0xf, 0x3, 0x2)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bpf$MAP_DELETE_BATCH(0x18, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x5, 0xffffffffffffffff, 0x0, 0x20}, 0x38)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/custom1\x00', 0x802, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f00000000c0)=0x3)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
r3 = syz_io_uring_setup(0xef4, &(0x7f0000000240)={0x0, 0x26bf, 0x20, 0x3, 0x0, 0x0, r2}, &(0x7f0000000180)=<r4=>0x0, &(0x7f00000001c0)=<r5=>0x0)
syz_io_uring_submit(r4, r5, 0x0)
io_uring_enter(r3, 0x2ded, 0x4000, 0x0, 0x0, 0x0)
setsockopt$inet_tcp_TCP_FASTOPEN_KEY(0xffffffffffffffff, 0x6, 0x21, &(0x7f0000000040)="5766b1b827f600333b09d3748ee7d700", 0x10)
r6 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/timer_list\x00', 0x0, 0x0)
r7 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/net/ipv4/tcp_dsack\x00', 0x1, 0x0)
sendfile(r7, r6, &(0x7f00000000c0)=0x8e, 0x180000504)
ioprio_get$uid(0x0, 0x0)
ioctl$HCIINQUIRY(r0, 0x400448ca, 0x0)
bind$bt_hci(r0, &(0x7f0000000040)={0x1f, 0x0, 0x1}, 0x6)
write$bt_hci(r0, &(0x7f0000000200)=ANY=[@ANYRES8], 0xb)
ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f00000000c0)={0x2, 0x1, 0x1})
ioctl$vim2m_VIDIOC_STREAMOFF(0xffffffffffffffff, 0x40045612, &(0x7f0000000100)=0x1)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000000)={0x1, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x20, &(0x7f00000002c0)=[r1], 0x1)
openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000002740), 0x401e80)
bind$packet(0xffffffffffffffff, 0x0, 0x0)

0s ago: executing program 4 (id=752):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newqdisc={0x24, 0x24, 0x4ee4e6a52ff56541, 0x60b924, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x2, 0x9}, {0x6, 0xb}, {0xa, 0xffe0}}}, 0x24}, 0x1, 0x0, 0x0, 0x2400c0e0}, 0x4890)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
r5 = syz_io_uring_setup(0x117, &(0x7f0000000400)={0x0, 0x0, 0x10, 0x0, 0x3a2}, &(0x7f00000001c0)=<r6=>0x0, &(0x7f0000000000)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000080)=0xfffffc00, 0x0, 0x4)
syz_io_uring_submit(r6, r7, &(0x7f00000000c0)=@IORING_OP_SENDMSG={0x9, 0x40, 0x0, r4, 0x0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000100000001"], 0x18}, 0x0, 0x40000, 0x1})
io_uring_enter(r5, 0x47f6, 0x80ffff, 0x0, 0x0, 0x0)
r8 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NLBL_MGMT_C_ADDDEF(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)={0x14, r8, 0x511, 0x0, 0xfffffffe, {0x5}}, 0x21}}, 0xa000000)
syz_genetlink_get_family_id$ieee802154(0x0, 0xffffffffffffffff)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x41, &(0x7f0000000200)=0x632a, 0x4)

kernel console output (not intermixed with test programs):

terface activated: batadv_slave_1
[   72.300415][ T5768] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   72.315068][ T5768] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   72.329361][ T5768] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   72.340851][ T5768] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   72.402365][ T5767] veth1_vlan: entered promiscuous mode
[   72.442985][ T5770] veth0_macvtap: entered promiscuous mode
[   72.453060][ T5770] veth1_macvtap: entered promiscuous mode
[   72.469803][   T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   72.485759][   T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   72.531579][ T5770] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   72.543592][ T5770] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   72.555515][ T5770] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   72.567817][ T5770] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   72.581844][ T5770] batman_adv: batadv0: Interface activated: batadv_slave_0
[   72.620875][ T5767] veth0_macvtap: entered promiscuous mode
[   72.642151][   T42] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   72.652995][ T5770] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   72.656966][   T42] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   72.677011][ T5770] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   72.688819][ T5770] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   72.701409][ T5770] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   72.715816][ T5770] batman_adv: batadv0: Interface activated: batadv_slave_1
[   72.730416][ T5770] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   72.744882][ T5770] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   72.755356][ T5770] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   72.767676][ T5770] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   72.787948][ T1138] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   72.818758][ T1138] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   72.823523][ T5767] veth1_macvtap: entered promiscuous mode
[   72.936825][ T1093] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   72.957360][ T1093] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   72.978073][ T5767] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   72.989937][ T5767] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   73.001632][ T5767] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   73.014492][ T5767] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   73.040240][ T5767] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   73.053165][ T5767] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   73.070902][ T5767] batman_adv: batadv0: Interface activated: batadv_slave_0
[   73.133386][ T5767] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   73.169298][ T5767] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   73.184806][ T5767] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   73.186141][ T5861] syz.3.4[5861]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set
[   73.205743][ T5767] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   73.223502][ T5767] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   73.238263][ T5767] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   73.253286][ T5767] batman_adv: batadv0: Interface activated: batadv_slave_1
[   73.291738][   T42] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   73.302776][ T5767] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   73.319849][   T42] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   73.328533][ T5767] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   73.331107][ T5767] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   73.386644][ T5767] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   73.427517][ T5781] Bluetooth: hci2: command tx timeout
[   73.436833][ T5781] Bluetooth: hci1: command tx timeout
[   73.436885][   T51] Bluetooth: hci3: command tx timeout
[   73.506979][   T51] Bluetooth: hci0: command tx timeout
[   73.578800][   T42] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   73.620304][   T42] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   73.985494][ T1093] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   74.060018][ T1093] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   74.091533][ T5861] loop3: detected capacity change from 0 to 32768
[   74.104696][ T5861] =======================================================
[   74.104696][ T5861] WARNING: The mand mount option has been deprecated and
[   74.104696][ T5861]          and is ignored by this kernel. Remove the mand
[   74.104696][ T5861]          option from the mount to silence this warning.
[   74.104696][ T5861] =======================================================
[   74.233319][ T5861] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[   74.332505][ T1093] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   74.476700][ T1093] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   74.603821][    T0] NOHZ tick-stop error: local softirq work is pending, handler #10!!!
[   74.706775][ T5879] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   75.509650][   T51] Bluetooth: hci1: command tx timeout
[   75.513104][ T5781] Bluetooth: hci2: command tx timeout
[   75.523187][ T5781] Bluetooth: hci3: command tx timeout
[   75.596734][ T5781] Bluetooth: hci0: command tx timeout
[   75.679819][ T5861] XFS (loop3): Ending clean mount
[   75.719329][ T5861] XFS (loop3): Quotacheck needed: Please wait.
[   76.100181][    T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!!
[   76.202596][    T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!!
[   76.257944][ T5861] XFS (loop3): Quotacheck: Done.
[   76.305038][    T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!!
[   76.407761][    T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!!
[   76.483411][ T5766] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[   76.740081][    T0] NOHZ tick-stop error: local softirq work is pending, handler #10!!!
[   78.156639][ T5893] 9pnet_virtio: no channels available for device syz
[   78.641708][ T5900] tipc: Started in network mode
[   78.703912][ T5900] tipc: Node identity 8edd24e3d162, cluster identity 4711
[   78.778428][ T5900] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   78.869179][ T5901] syzkaller0: entered promiscuous mode
[   78.887699][ T5901] syzkaller0: entered allmulticast mode
[   78.990261][ T5900] tipc: Resetting bearer <eth:syzkaller0>
[   79.048801][ T5898] tipc: Resetting bearer <eth:syzkaller0>
[   79.168567][ T5898] tipc: Disabling bearer <eth:syzkaller0>
[   79.426100][ T5912] binder: 5909:5912 ioctl c0306201 200000000300 returned -11
[   79.907686][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[   79.925187][ T5781] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0
[   79.927414][ T5920] 9pnet_fd: Insufficient options for proto=fd
[   79.935154][ T5781] Bluetooth: hci3: Injecting HCI hardware error event
[   79.952359][ T5781] Bluetooth: hci3: hardware error 0x00
[   80.027269][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   80.067275][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   80.803543][ T5924] loop2: detected capacity change from 0 to 40427
[   80.867157][    T0] NOHZ tick-stop error: local softirq work is pending, handler #48!!!
[   81.596450][    C1] sched: RT throttling activated
[   81.693281][ T5924] F2FS-fs (loop2): build fault injection attr: rate: 771, type: 0x7ffff
[   81.713878][ T5924] F2FS-fs (loop2): invalid crc value
[   81.987486][ T5781] Bluetooth: hci3: Opcode 0x0c03 failed: -110
[   82.620156][    T9] cfg80211: failed to load regulatory.db
[   82.639597][ T5924] F2FS-fs (loop2): Found nat_bits in checkpoint
[   82.909067][ T5924] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[   83.716230][ T5767] syz-executor: attempt to access beyond end of device
[   83.716230][ T5767] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   83.738448][ T5767] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[   84.907006][ T5859] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[   85.096833][ T5859] usb 4-1: Using ep0 maxpacket: 16
[   85.133872][ T5859] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   85.174186][ T5859] usb 4-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[   85.189562][ T5859] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   85.199395][ T5859] usb 4-1: Product: syz
[   85.203862][ T5859] usb 4-1: Manufacturer: syz
[   85.208753][ T5859] usb 4-1: SerialNumber: syz
[   85.237417][ T5859] usb 4-1: config 0 descriptor??
[   85.306867][ T5864] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[   85.538315][ T5864] usb 1-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[   85.580712][ T5864] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   86.297005][ T5948] process 'syz.1.21' launched './file1' with NULL argv: empty string added
[   86.611393][ T5864] usb 1-1: config 0 descriptor??
[   89.690683][   T27] usb 4-1: USB disconnect, device number 2
[   89.976765][ T5864] [drm] vendor descriptor length:b9 data:00 00 00 00 00 00 00 00 00 00 00
[   90.025707][ T5864] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor
[   90.062929][ T5864] [drm:udl_init] *ERROR* Selecting channel failed
[   90.446947][ T5962] hfs: can't find a HFS filesystem on dev nullb0
[   92.615391][ T5864] [drm] Initialized udl 0.0.1 20120220 for 1-1:0.0 on minor 2
[   92.945310][ T5864] [drm] Initialized udl on minor 2
[   92.954248][ T5864] udl 1-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[   92.985720][ T5864] udl 1-1:0.0: [drm] Cannot find any crtc or sizes
[   93.000851][    T8] udl 1-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[   93.034286][    T8] udl 1-1:0.0: [drm] Cannot find any crtc or sizes
[   93.052596][ T5864] usb 1-1: USB disconnect, device number 2
[   95.703605][ T5984] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[   95.746402][ T5983] random: crng reseeded on system resumption
[   96.288569][ T5990] netlink: 44 bytes leftover after parsing attributes in process `syz.0.31'.
[   96.543874][ T5990] bridge0: port 2(bridge_slave_1) entered disabled state
[   96.553143][ T5990] bridge0: port 1(bridge_slave_0) entered disabled state
[   99.248781][ T6006] netlink: 16 bytes leftover after parsing attributes in process `syz.3.36'.
[   99.273812][ T6006] netlink: 12 bytes leftover after parsing attributes in process `syz.3.36'.
[   99.832567][ T6014] loop1: detected capacity change from 0 to 40427
[   99.841244][    T8] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[   99.862172][ T6014] F2FS-fs (loop1): build fault injection attr: rate: 771, type: 0x7ffff
[   99.885509][ T6014] F2FS-fs (loop1): invalid crc value
[   99.922102][ T6014] F2FS-fs (loop1): Found nat_bits in checkpoint
[   99.962000][ T6014] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  100.065485][    T8] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  100.122431][    T8] usb 3-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  100.208002][    T8] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  100.300010][    T8] usb 3-1: config 0 descriptor??
[  100.338975][    T8] usb 3-1: can't set config #0, error -71
[  100.379781][    T8] usb 3-1: USB disconnect, device number 2
[  102.063942][ T6034] loop1: detected capacity change from 0 to 32768
[  102.089777][ T6034] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 scanned by syz.1.43 (6034)
[  102.145083][ T6034] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  102.158158][ T6034] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm
[  102.168254][ T6034] BTRFS info (device loop1): turning on async discard
[  102.175996][ T6034] BTRFS info (device loop1): use no compression
[  102.183283][ T6034] BTRFS info (device loop1): turning on sync discard
[  102.190888][ T6034] BTRFS info (device loop1): force clearing of disk cache
[  102.200656][ T6034] BTRFS info (device loop1): enabling auto defrag
[  102.210399][ T6034] BTRFS info (device loop1): disabling free space tree
[  102.219667][ T6034] BTRFS info (device loop1): disabling tree log
[  102.335991][ T6034] BTRFS info (device loop1): enabling ssd optimizations
[  102.421293][ T6034] BTRFS info (device loop1): rebuilding free space tree
[  102.750818][ T6034] BTRFS info (device loop1): disabling free space tree
[  102.763451][ T6034] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  102.782921][ T6034] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  104.398046][ T5770] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  104.583404][ T6064] random: crng reseeded on system resumption
[  105.679267][ T6082] loop2: detected capacity change from 0 to 40427
[  105.689290][ T6082] F2FS-fs (loop2): build fault injection attr: rate: 771, type: 0x7ffff
[  105.704545][ T6082] F2FS-fs (loop2): invalid crc value
[  105.740149][ T6082] F2FS-fs (loop2): Found nat_bits in checkpoint
[  105.841015][ T6082] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  106.254562][ T6095] tipc: Started in network mode
[  106.296546][ T6095] tipc: Node identity d2be97630353, cluster identity 4711
[  106.304122][ T6095] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  106.354052][ T6096] syzkaller0: entered promiscuous mode
[  106.376163][ T6096] syzkaller0: entered allmulticast mode
[  106.475663][ T6095] tipc: Resetting bearer <eth:syzkaller0>
[  106.517440][ T6094] tipc: Resetting bearer <eth:syzkaller0>
[  106.719592][ T6091] loop0: detected capacity change from 0 to 32768
[  106.739430][ T6094] tipc: Disabling bearer <eth:syzkaller0>
[  106.837679][ T6091] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  107.019393][ T6091] XFS (loop0): Ending clean mount
[  107.088611][ T6091] XFS (loop0): Quotacheck needed: Please wait.
[  107.753268][ T6091] XFS (loop0): Quotacheck: Done.
[  108.026635][ T6128] ICMPv6: RA: ndisc_router_discovery failed to add default route
[  108.038359][ T6128] ICMPv6: RA: ndisc_router_discovery failed to add default route
[  108.048474][ T6128] ICMPv6: RA: ndisc_router_discovery failed to add default route
[  108.059645][ T6128] ICMPv6: RA: ndisc_router_discovery failed to add default route
[  108.069230][ T6128] ICMPv6: RA: ndisc_router_discovery failed to add default route
[  108.078781][ T6128] ICMPv6: RA: ndisc_router_discovery failed to add default route
[  108.090179][ T6128] ICMPv6: RA: ndisc_router_discovery failed to add default route
[  108.099771][ T6128] ICMPv6: RA: ndisc_router_discovery failed to add default route
[  108.109175][ T6128] ICMPv6: RA: ndisc_router_discovery failed to add default route
[  108.111356][ T5768] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  108.118830][ T6128] ICMPv6: RA: ndisc_router_discovery failed to add default route
[  109.010639][ T5858] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  109.042123][ T6133] loop2: detected capacity change from 0 to 16
[  109.073675][ T6133] erofs: (device loop2): mounted with root inode @ nid 36.
[  109.148666][ T6133] syz.2.65: attempt to access beyond end of device
[  109.148666][ T6133] loop2: rw=524288, sector=1342177272, nr_sectors = 32 limit=16
[  109.173338][ T6133] syz.2.65: attempt to access beyond end of device
[  109.173338][ T6133] loop2: rw=0, sector=1342177272, nr_sectors = 32 limit=16
[  109.203552][   T28] audit: type=1800 audit(1769677419.847:2): pid=6133 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.65" name="file1" dev="loop2" ino=86 res=0 errno=0
[  109.243134][ T5858] usb 1-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  109.252772][ T5858] usb 1-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  109.266253][ T5858] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 66
[  109.280413][ T5858] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9
[  109.296391][ T5858] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024
[  109.329371][ T5858] usb 1-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  109.362631][ T5858] usb 1-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  109.396527][ T5858] usb 1-1: Product: syz
[  109.406567][ T5858] usb 1-1: Manufacturer: syz
[  109.428174][ T5858] cdc_wdm 1-1:1.0: skipping garbage
[  109.436107][ T5858] cdc_wdm 1-1:1.0: skipping garbage
[  109.496156][ T5858] cdc_wdm 1-1:1.0: cdc-wdm0: USB WDM device
[  109.509005][ T5858] cdc_wdm 1-1:1.0: Unknown control protocol
[  109.635419][ T5858] usb 1-1: USB disconnect, device number 3
[  109.639523][ T6140] tipc: Started in network mode
[  109.649539][ T6140] tipc: Node identity 2acf37fbf607, cluster identity 4711
[  109.662817][ T6140] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  109.683959][ T6140] syzkaller0: entered promiscuous mode
[  109.693521][ T6140] syzkaller0: entered allmulticast mode
[  109.742331][ T6140] tipc: Resetting bearer <eth:syzkaller0>
[  109.763163][ T6139] tipc: Resetting bearer <eth:syzkaller0>
[  109.801080][ T6139] tipc: Disabling bearer <eth:syzkaller0>
[  110.793403][ T5858] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  112.586689][ T6161] tipc: Started in network mode
[  112.591778][ T6161] tipc: Node identity ac14140f, cluster identity 4711
[  112.599475][ T6161] tipc: New replicast peer: 255.255.255.255
[  112.606192][ T6161] tipc: Enabled bearer <udp:syz2>, priority 10
[  112.737272][ T6161] Zero length message leads to an empty skb
[  113.037534][ T5858] usb 1-1: device descriptor read/all, error -71
[  113.697450][ T6162] random: crng reseeded on system resumption
[  113.728318][   T27] tipc: Node number set to 2886997007
[  113.884064][   T27] kernel write not supported for file /input/mouse0 (pid: 27 comm: kworker/1:1)
[  114.447050][ T5858] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  114.646614][ T5858] usb 1-1: Using ep0 maxpacket: 16
[  114.677708][ T5858] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  114.954329][ T5858] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  114.969855][ T5858] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[  114.985688][ T5858] usb 1-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  115.012479][ T5858] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  115.054737][ T5858] usb 1-1: config 0 descriptor??
[  115.544735][ T6200] syzkaller0: entered promiscuous mode
[  115.560964][ T6200] syzkaller0: entered allmulticast mode
[  115.676304][   T27] kernel write not supported for file /input/mouse0 (pid: 27 comm: kworker/1:1)
[  115.732064][ T5858] usbhid 1-1:0.0: can't add hid device: -71
[  115.756802][ T5858] usbhid: probe of 1-1:0.0 failed with error -71
[  115.771400][ T5858] usb 1-1: USB disconnect, device number 5
[  117.057367][   T27] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  117.407183][   T27] usb 1-1: Using ep0 maxpacket: 16
[  117.467718][   T27] usb 1-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  117.768255][   T27] usb 1-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  117.908254][   T27] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  117.974353][ T6223] netlink: 1752 bytes leftover after parsing attributes in process `syz.2.92'.
[  118.040564][   T27] usb 1-1: Product: syz
[  118.068062][   T27] usb 1-1: Manufacturer: syz
[  118.097846][   T27] usb 1-1: SerialNumber: syz
[  118.119037][   T27] usb 1-1: config 0 descriptor??
[  118.576053][ T6227] syzkaller0: entered promiscuous mode
[  118.616775][ T6227] syzkaller0: entered allmulticast mode
[  119.169538][    T8] usb 4-1: new full-speed USB device number 4 using dummy_hcd
[  120.216594][ T5859] usb 1-1: USB disconnect, device number 6
[  120.282776][    T8] usb 4-1: unable to get BOS descriptor or descriptor too short
[  120.380308][    T8] usb 4-1: not running at top speed; connect to a high speed hub
[  120.409797][    T8] usb 4-1: config index 0 descriptor too short (expected 33938, got 146)
[  120.511533][    T8] usb 4-1: config 234 has too many interfaces: 68, using maximum allowed: 32
[  120.597716][    T8] usb 4-1: config 234 has an invalid descriptor of length 0, skipping remainder of the config
[  120.712577][    T8] usb 4-1: config 234 has 1 interface, different from the descriptor's value: 68
[  120.973750][    T8] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  121.119343][    T8] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  121.224792][    T8] usb 4-1: Product: syz
[  121.263339][    T8] usb 4-1: Manufacturer: syz
[  121.268692][    T8] usb 4-1: SerialNumber: syz
[  122.044813][ T6260] netlink: 1752 bytes leftover after parsing attributes in process `syz.0.103'.
[  122.072034][    T8] usb 4-1: USB disconnect, device number 4
[  122.919486][ T6271] binder_alloc: 6268: binder_alloc_buf, no vma
[  123.616345][ T6281] fuse: Bad value for 'fd'
[  124.948989][ T6291] netlink: 1752 bytes leftover after parsing attributes in process `syz.3.112'.
[  126.196774][   T27] usb 1-1: new full-speed USB device number 7 using dummy_hcd
[  126.473294][   T27] usb 1-1: unable to get BOS descriptor or descriptor too short
[  126.527727][   T27] usb 1-1: not running at top speed; connect to a high speed hub
[  126.724399][ T6308] binder_alloc: 6303: binder_alloc_buf, no vma
[  126.768968][   T27] usb 1-1: config index 0 descriptor too short (expected 33938, got 146)
[  127.102578][   T27] usb 1-1: config 234 has too many interfaces: 68, using maximum allowed: 32
[  127.126527][   T27] usb 1-1: config 234 has an invalid descriptor of length 0, skipping remainder of the config
[  127.141211][   T27] usb 1-1: config 234 has 1 interface, different from the descriptor's value: 68
[  127.228913][   T27] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  127.242928][   T27] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  127.261023][   T27] usb 1-1: Product: syz
[  127.289071][   T27] usb 1-1: Manufacturer: syz
[  127.299279][   T27] usb 1-1: SerialNumber: syz
[  127.890209][   T28] audit: type=1326 audit(1769677438.527:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6310 comm="syz.3.118" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f900939aeb9 code=0x0
[  128.361199][   T27] usb 1-1: USB disconnect, device number 7
[  131.336991][ T6327] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  131.365159][ T6327] syzkaller0: entered promiscuous mode
[  131.424705][ T6327] syzkaller0: entered allmulticast mode
[  131.733885][ T6336] iommufd_mock iommufd_mock1: Adding to iommu group 0
[  131.996287][ T6327] tipc: Resetting bearer <eth:syzkaller0>
[  132.082446][ T6326] tipc: Resetting bearer <eth:syzkaller0>
[  132.152735][ T6326] tipc: Disabling bearer <eth:syzkaller0>
[  133.115527][ T1279] ieee802154 phy0 wpan0: encryption failed: -22
[  133.124169][ T1279] ieee802154 phy1 wpan1: encryption failed: -22
[  133.127233][   T23] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[  133.266541][ T6352] 9pnet_virtio: no channels available for device 127.0.0.1
[  133.326549][   T23] usb 2-1: Using ep0 maxpacket: 16
[  133.615445][   T23] usb 2-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  134.155026][   T23] usb 2-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  134.170368][   T23] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  134.181707][   T23] usb 2-1: Product: syz
[  134.192653][   T23] usb 2-1: Manufacturer: syz
[  134.198806][   T23] usb 2-1: SerialNumber: syz
[  134.208221][   T23] usb 2-1: config 0 descriptor??
[  134.758779][ T6361] ufs: You didn't specify the type of your ufs filesystem
[  134.758779][ T6361] 
[  134.758779][ T6361] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  134.758779][ T6361] 
[  134.758779][ T6361] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  134.798959][ T6361] ufs: ufstype=old is supported read-only
[  134.806715][ T6361] syz.0.130: attempt to access beyond end of device
[  134.806715][ T6361] loop1: rw=0, sector=16, nr_sectors = 2 limit=0
[  135.824771][ T5859] usb 2-1: USB disconnect, device number 2
[  136.414326][  T788] usb 3-1: new full-speed USB device number 3 using dummy_hcd
[  136.807380][  T788] usb 3-1: unable to get BOS descriptor or descriptor too short
[  136.869888][  T788] usb 3-1: not running at top speed; connect to a high speed hub
[  136.974503][  T788] usb 3-1: config index 0 descriptor too short (expected 33938, got 146)
[  137.017937][  T788] usb 3-1: config 234 has too many interfaces: 68, using maximum allowed: 32
[  137.031085][ T6374] binder_alloc: 6372: binder_alloc_buf, no vma
[  137.072407][  T788] usb 3-1: config 234 has an invalid descriptor of length 0, skipping remainder of the config
[  137.143906][  T788] usb 3-1: config 234 has 1 interface, different from the descriptor's value: 68
[  139.105787][  T788] usb 3-1: string descriptor 0 read error: -71
[  139.123301][  T788] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  139.149431][  T788] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  139.188979][  T788] usb 3-1: can't set config #234, error -71
[  139.210462][  T788] usb 3-1: USB disconnect, device number 3
[  139.594642][ T6390] 9pnet_virtio: no channels available for device 127.0.0.1
[  140.787320][   T23] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  140.986514][   T23] usb 3-1: Using ep0 maxpacket: 16
[  140.999767][   T23] usb 3-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping
[  141.034672][   T23] usb 3-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  141.063314][   T23] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  141.093983][   T23] usb 3-1: Product: syz
[  141.104164][   T23] usb 3-1: Manufacturer: syz
[  141.114432][   T23] usb 3-1: SerialNumber: syz
[  141.170734][   T23] usb 3-1: config 0 descriptor??
[  141.345517][ T6386] loop3: detected capacity change from 0 to 40427
[  141.384980][ T6386] F2FS-fs (loop3): invalid crc value
[  141.461534][ T6386] F2FS-fs (loop3): Found nat_bits in checkpoint
[  141.649234][ T6386] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  143.571133][  T788] usb 3-1: USB disconnect, device number 4
[  143.618864][ T6416] binder_alloc: 6414: binder_alloc_buf, no vma
[  144.242186][ T6418] loop2: detected capacity change from 0 to 32768
[  145.174477][ T6431] 9pnet_virtio: no channels available for device 127.0.0.1
[  145.312878][ T6432] hfs: can't find a HFS filesystem on dev nullb0
[  146.556748][    T9] usb 3-1: new full-speed USB device number 5 using dummy_hcd
[  146.647042][ T6441] netlink: 'syz.3.153': attribute type 10 has an invalid length.
[  146.740351][ T6441] 8021q: adding VLAN 0 to HW filter on device team0
[  146.809723][    T9] usb 3-1: unable to get BOS descriptor or descriptor too short
[  146.818457][ T6441] bond0: (slave team0): Enslaving as an active interface with an up link
[  146.843065][    T9] usb 3-1: not running at top speed; connect to a high speed hub
[  146.896651][    T9] usb 3-1: config index 0 descriptor too short (expected 33938, got 146)
[  147.036954][    T9] usb 3-1: config 234 has too many interfaces: 68, using maximum allowed: 32
[  147.056749][    T9] usb 3-1: config 234 has an invalid descriptor of length 0, skipping remainder of the config
[  147.252189][   T28] audit: type=1326 audit(1769677457.867:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6443 comm="syz.1.154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ae379aeb9 code=0x7ffc0000
[  147.302763][    T9] usb 3-1: config 234 has 1 interface, different from the descriptor's value: 68
[  147.325344][    T9] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  147.344206][   T28] audit: type=1326 audit(1769677457.867:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6443 comm="syz.1.154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ae379aeb9 code=0x7ffc0000
[  147.369192][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  147.379162][    T9] usb 3-1: Product: syz
[  147.383962][    T9] usb 3-1: Manufacturer: syz
[  147.390211][    T9] usb 3-1: SerialNumber: syz
[  148.017574][    T9] usb 3-1: USB disconnect, device number 5
[  148.193342][ T6452] binder_alloc: 6450: binder_alloc_buf, no vma
[  148.241545][ T6437] loop0: detected capacity change from 0 to 32768
[  148.357277][ T6437] XFS (loop0): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  149.046553][ T6437] XFS (loop0): Ending clean mount
[  149.112852][ T6437] XFS (loop0): Quotacheck needed: Please wait.
[  149.230386][ T6437] XFS (loop0): Quotacheck: Done.
[  149.405673][ T5768] XFS (loop0): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  149.861327][ T6472] loop2: detected capacity change from 0 to 32768
[  149.995460][ T6472] XFS (loop2): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  150.115470][ T6482] hfs: can't find a HFS filesystem on dev nullb0
[  150.786846][ T6472] XFS (loop2): Ending clean mount
[  150.807602][ T6472] XFS (loop2): Quotacheck needed: Please wait.
[  151.370585][ T6472] XFS (loop2): Quotacheck: Done.
[  151.384372][ T6486] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  151.396854][ T6486] syzkaller0: entered promiscuous mode
[  151.402415][ T6486] syzkaller0: entered allmulticast mode
[  151.478297][ T6493] netlink: 'syz.0.164': attribute type 10 has an invalid length.
[  151.544014][ T5767] XFS (loop2): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  151.577768][ T6493] 8021q: adding VLAN 0 to HW filter on device team0
[  151.602715][ T6493] bond0: (slave team0): Enslaving as an active interface with an up link
[  151.643651][ T6495] tipc: Resetting bearer <eth:syzkaller0>
[  151.658525][ T6485] tipc: Resetting bearer <eth:syzkaller0>
[  151.686106][ T6485] tipc: Disabling bearer <eth:syzkaller0>
[  152.026563][    T9] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  152.226520][    T9] usb 1-1: Using ep0 maxpacket: 32
[  152.248744][    T9] usb 1-1: config 155 has an invalid descriptor of length 0, skipping remainder of the config
[  152.259451][  T788] usb 4-1: new full-speed USB device number 5 using dummy_hcd
[  152.276512][    T9] usb 1-1: config 155 interface 0 altsetting 0 has an invalid endpoint with address 0xE2, skipping
[  152.288302][    T9] usb 1-1: config 155 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 11
[  152.324580][    T9] usb 1-1: New USB device found, idVendor=15c2, idProduct=ffdc, bcdDevice=bd.30
[  152.346487][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  152.355503][    T9] usb 1-1: Product: syz
[  152.376583][    T9] usb 1-1: Manufacturer: syz
[  152.381670][    T9] usb 1-1: SerialNumber: syz
[  152.407921][    T9] imon:imon_find_endpoints: no valid input (IR) endpoint found
[  152.415964][    T9] imon 1-1:155.0: unable to initialize intf0, err -19
[  152.423166][    T9] imon:imon_probe: failed to initialize context!
[  152.429964][    T9] imon 1-1:155.0: unable to register, err -19
[  152.505604][  T788] usb 4-1: unable to get BOS descriptor or descriptor too short
[  152.519921][  T788] usb 4-1: not running at top speed; connect to a high speed hub
[  152.538836][  T788] usb 4-1: config index 0 descriptor too short (expected 33938, got 146)
[  152.547767][  T788] usb 4-1: config 234 has too many interfaces: 68, using maximum allowed: 32
[  152.566854][  T788] usb 4-1: config 234 has an invalid descriptor of length 0, skipping remainder of the config
[  152.586470][  T788] usb 4-1: config 234 has 1 interface, different from the descriptor's value: 68
[  152.631179][  T788] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  152.641326][  T788] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  152.649467][  T788] usb 4-1: Product: syz
[  152.653935][  T788] usb 4-1: Manufacturer: syz
[  152.659403][  T788] usb 4-1: SerialNumber: syz
[  152.921057][  T788] usb 4-1: USB disconnect, device number 5
[  154.735108][ T6532] netlink: 'syz.2.176': attribute type 10 has an invalid length.
[  154.768678][   T23] usb 1-1: USB disconnect, device number 8
[  154.988211][ T6532] 8021q: adding VLAN 0 to HW filter on device team0
[  155.027118][ T6532] bond0: (slave team0): Enslaving as an active interface with an up link
[  156.216809][   T23] usb 2-1: new full-speed USB device number 3 using dummy_hcd
[  156.440329][   T23] usb 2-1: unable to get BOS descriptor or descriptor too short
[  156.489494][   T23] usb 2-1: not running at top speed; connect to a high speed hub
[  156.517536][   T23] usb 2-1: config index 0 descriptor too short (expected 33938, got 146)
[  156.530527][   T23] usb 2-1: config 234 has too many interfaces: 68, using maximum allowed: 32
[  156.543299][   T23] usb 2-1: config 234 has an invalid descriptor of length 0, skipping remainder of the config
[  156.599718][   T23] usb 2-1: config 234 has 1 interface, different from the descriptor's value: 68
[  156.606987][ T6560] random: crng reseeded on system resumption
[  156.711528][   T23] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  156.726644][   T23] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  156.735231][   T23] usb 2-1: Product: syz
[  156.744193][   T23] usb 2-1: Manufacturer: syz
[  156.751399][   T23] usb 2-1: SerialNumber: syz
[  157.316252][   T23] usb 2-1: USB disconnect, device number 3
[  160.247785][ T6586] netlink: 'syz.2.189': attribute type 10 has an invalid length.
[  161.160058][ T6604] random: crng reseeded on system resumption
[  164.755309][ T6628] random: crng reseeded on system resumption
[  166.616623][    T9] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  166.827072][    T9] usb 2-1: Using ep0 maxpacket: 8
[  166.842237][    T9] usb 2-1: unable to get BOS descriptor or descriptor too short
[  166.918043][    T9] usb 2-1: config 7 has an invalid interface number: 113 but max is 0
[  166.929988][    T9] usb 2-1: config 7 has no interface number 0
[  166.940495][ T6648] random: crng reseeded on system resumption
[  166.951314][    T9] usb 2-1: config 7 interface 113 has no altsetting 0
[  166.963628][    T9] usb 2-1: language id specifier not provided by device, defaulting to English
[  167.404863][    T9] usb 2-1: New USB device found, idVendor=17dc, idProduct=0202, bcdDevice=e6.c2
[  167.424030][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  167.442713][    T9] usb 2-1: Product: ඼焀㋉돠〦볿䙨
[  167.456233][    T9] usb 2-1: SerialNumber: syz
[  167.724612][    T9] usb 2-1: Found UVC 0.00 device ඼焀㋉돠〦볿䙨 (17dc:0202)
[  167.734453][    T9] usb 2-1: No valid video chain found.
[  167.753206][    T9] usb 2-1: USB disconnect, device number 4
[  169.301063][ T6672] random: crng reseeded on system resumption
[  171.996538][ T5858] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  172.217794][ T5858] usb 2-1: Using ep0 maxpacket: 16
[  172.240322][ T5858] usb 2-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0xF3, skipping
[  172.269006][ T5858] usb 2-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  172.296611][ T5858] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  172.311804][ T5858] usb 2-1: Product: syz
[  172.320648][ T5858] usb 2-1: Manufacturer: syz
[  172.331841][ T5858] usb 2-1: SerialNumber: syz
[  172.352734][ T5858] usb 2-1: config 0 descriptor??
[  172.360260][ T6704] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  172.373660][ T6704] syzkaller0: entered promiscuous mode
[  172.379550][ T6704] syzkaller0: entered allmulticast mode
[  172.416631][ T6703] tipc: Resetting bearer <eth:syzkaller0>
[  172.481884][ T6703] tipc: Disabling bearer <eth:syzkaller0>
[  172.816532][ T6710] random: crng reseeded on system resumption
[  174.553478][ T6722] 9pnet_virtio: no channels available for device 127.0.0.1
[  175.196546][    T9] usb 2-1: USB disconnect, device number 5
[  176.383159][ T6738] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  176.428385][ T6738] syzkaller0: entered promiscuous mode
[  176.450815][ T6738] syzkaller0: entered allmulticast mode
[  176.608677][ T6737] tipc: Resetting bearer <eth:syzkaller0>
[  176.684438][ T6737] tipc: Disabling bearer <eth:syzkaller0>
[  176.935139][ T6725] loop3: detected capacity change from 0 to 32768
[  178.101456][ T6758] loop1: detected capacity change from 0 to 512
[  178.413158][ T6758] ext3: Unknown parameter 'rootcontext'
[  178.450613][ T6758] netlink: 24 bytes leftover after parsing attributes in process `syz.1.239'.
[  179.096124][ T6768] netlink: 4 bytes leftover after parsing attributes in process `syz.1.239'.
[  179.286673][ T5858] usb 4-1: new full-speed USB device number 6 using dummy_hcd
[  180.596929][ T5858] usb 4-1: unable to get BOS descriptor or descriptor too short
[  180.637169][ T5858] usb 4-1: not running at top speed; connect to a high speed hub
[  180.659258][ T6778] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  180.666673][ T5858] usb 4-1: config index 0 descriptor too short (expected 33938, got 146)
[  180.675141][ T5858] usb 4-1: config 234 has too many interfaces: 68, using maximum allowed: 32
[  180.694965][ T6778] syzkaller0: entered promiscuous mode
[  180.706622][ T5858] usb 4-1: config 234 has an invalid descriptor of length 0, skipping remainder of the config
[  180.726515][ T6778] syzkaller0: entered allmulticast mode
[  180.734252][ T5858] usb 4-1: config 234 has 1 interface, different from the descriptor's value: 68
[  180.784965][ T5858] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  180.816476][ T5858] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  180.824539][ T5858] usb 4-1: Product: syz
[  180.834682][ T6777] tipc: Resetting bearer <eth:syzkaller0>
[  180.858173][ T5858] usb 4-1: Manufacturer: syz
[  180.889636][ T5858] usb 4-1: SerialNumber: syz
[  180.938504][ T6777] tipc: Disabling bearer <eth:syzkaller0>
[  181.849440][ T5858] usb 4-1: USB disconnect, device number 6
[  181.940888][ T6782] loop2: detected capacity change from 0 to 32768
[  183.656612][ T5864] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  183.868217][ T5864] usb 2-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[  183.893728][ T5864] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  183.926593][ T5864] usb 2-1: config 27 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  183.972275][ T5864] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  184.001019][ T5864] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  184.045693][ T5864] usb 2-1: Quirk or no altest; falling back to MIDI 1.0
[  184.057663][ T5864] usb 2-1: invalid MIDI out EP 0
[  184.272198][ T5864] snd-usb-audio: probe of 2-1:27.0 failed with error -22
[  184.293063][ T5864] usb 2-1: USB disconnect, device number 6
[  184.436853][   T23] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  185.461521][   T23] usb 4-1: Using ep0 maxpacket: 16
[  185.483362][   T23] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  185.506227][   T23] usb 4-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  185.516840][   T23] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  185.525974][   T23] usb 4-1: Product: syz
[  185.530279][   T23] usb 4-1: Manufacturer: syz
[  185.534985][   T23] usb 4-1: SerialNumber: syz
[  185.547680][   T23] usb 4-1: config 0 descriptor??
[  185.559890][   T23] em28xx 4-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  185.583990][   T23] em28xx 4-1:0.0: DVB interface 0 found: bulk
[  186.379237][ T6823] loop0: detected capacity change from 0 to 32768
[  186.502188][   T23] em28xx 4-1:0.0: unknown em28xx chip ID (0)
[  187.247457][   T23] em28xx 4-1:0.0: reading from i2c device at 0xa0 failed (error=-5)
[  187.514355][   T23] em28xx 4-1:0.0: board has no eeprom
[  187.574138][ T5864] usb 3-1: new full-speed USB device number 6 using dummy_hcd
[  187.699350][   T23] em28xx 4-1:0.0: Identified as PCTV tripleStick (292e) (card=94)
[  187.716706][   T23] em28xx 4-1:0.0: dvb set to bulk mode.
[  187.739051][ T5858] em28xx 4-1:0.0: Binding DVB extension
[  187.772914][   T23] usb 4-1: USB disconnect, device number 7
[  187.794932][ T6837] syzkaller0: entered promiscuous mode
[  187.823419][ T6837] syzkaller0: entered allmulticast mode
[  187.838012][   T23] em28xx 4-1:0.0: Disconnecting em28xx
[  187.852631][ T5864] usb 3-1: unable to get BOS descriptor or descriptor too short
[  187.916801][ T5864] usb 3-1: not running at top speed; connect to a high speed hub
[  187.954683][ T5864] usb 3-1: config index 0 descriptor too short (expected 33938, got 146)
[  187.974800][ T5864] usb 3-1: config 234 has too many interfaces: 68, using maximum allowed: 32
[  188.026627][ T5864] usb 3-1: config 234 has an invalid descriptor of length 0, skipping remainder of the config
[  188.086437][ T5864] usb 3-1: config 234 has 1 interface, different from the descriptor's value: 68
[  188.103966][ T5858] em28xx 4-1:0.0: Registering input extension
[  188.112969][   T23] em28xx 4-1:0.0: Closing input extension
[  188.150657][ T5864] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  188.151464][   T23] em28xx 4-1:0.0: Freeing device
[  188.182283][ T5864] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  188.201650][ T5864] usb 3-1: Product: syz
[  188.211516][ T5864] usb 3-1: Manufacturer: syz
[  188.233435][ T5864] usb 3-1: SerialNumber: syz
[  188.595825][ T5864] usb 3-1: USB disconnect, device number 6
[  190.936971][ T6866] netlink: 'syz.1.271': attribute type 10 has an invalid length.
[  190.975876][ T6866] 8021q: adding VLAN 0 to HW filter on device team0
[  191.039558][ T6866] bond0: (slave team0): Enslaving as an active interface with an up link
[  191.053477][ T6868] syzkaller0: entered promiscuous mode
[  191.059863][ T6868] syzkaller0: entered allmulticast mode
[  191.306597][   T23] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  191.516604][ T5776] Bluetooth: hci1: command 0x0406 tx timeout
[  191.522816][ T5776] Bluetooth: hci2: command 0x0406 tx timeout
[  192.224746][   T23] usb 1-1: Using ep0 maxpacket: 16
[  192.233255][   T23] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  192.254888][   T23] usb 1-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  192.329941][   T23] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  192.338648][   T23] usb 1-1: Product: syz
[  192.342916][   T23] usb 1-1: Manufacturer: syz
[  192.352518][   T23] usb 1-1: SerialNumber: syz
[  192.360265][   T23] usb 1-1: config 0 descriptor??
[  192.403984][   T23] em28xx 1-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  192.610986][   T23] em28xx 1-1:0.0: DVB interface 0 found: bulk
[  192.806745][ T5864] usb 3-1: new full-speed USB device number 7 using dummy_hcd
[  192.999953][ T5864] usb 3-1: unable to get BOS descriptor or descriptor too short
[  193.014512][ T5864] usb 3-1: not running at top speed; connect to a high speed hub
[  193.023038][   T23] em28xx 1-1:0.0: unknown em28xx chip ID (0)
[  193.035641][ T5864] usb 3-1: config index 0 descriptor too short (expected 33938, got 146)
[  193.044928][ T5864] usb 3-1: config 234 has too many interfaces: 68, using maximum allowed: 32
[  193.057414][ T5864] usb 3-1: config 234 has an invalid descriptor of length 0, skipping remainder of the config
[  193.089675][ T5864] usb 3-1: config 234 has 1 interface, different from the descriptor's value: 68
[  193.112592][ T5864] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  193.134128][ T5864] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  193.151133][ T5864] usb 3-1: Product: syz
[  193.155401][ T5864] usb 3-1: Manufacturer: syz
[  193.160569][ T5864] usb 3-1: SerialNumber: syz
[  193.597921][   T23] em28xx 1-1:0.0: reading from i2c device at 0xa0 failed (error=-5)
[  193.713116][   T23] em28xx 1-1:0.0: board has no eeprom
[  193.906829][   T23] em28xx 1-1:0.0: Identified as PCTV tripleStick (292e) (card=94)
[  193.936290][   T23] em28xx 1-1:0.0: dvb set to bulk mode.
[  193.954734][   T27] em28xx 1-1:0.0: Binding DVB extension
[  193.966112][ T5836] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  193.983548][ T5864] usb 3-1: USB disconnect, device number 7
[  194.008521][   T23] usb 1-1: USB disconnect, device number 9
[  194.015340][   T23] em28xx 1-1:0.0: Disconnecting em28xx
[  194.119224][   T27] em28xx 1-1:0.0: Registering input extension
[  194.136190][   T23] em28xx 1-1:0.0: Closing input extension
[  194.191434][   T23] em28xx 1-1:0.0: Freeing device
[  194.286586][ T5836] usb 4-1: Using ep0 maxpacket: 16
[  194.298507][ T5836] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  194.315608][ T5836] usb 4-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  194.325502][ T5836] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  194.343181][ T5836] usb 4-1: config 0 descriptor??
[  194.381742][ T6903] syzkaller0: entered promiscuous mode
[  194.401602][ T6903] syzkaller0: entered allmulticast mode
[  194.413836][ T6904] 9pnet_virtio: no channels available for device 127.0.0.1
[  194.573761][ T1279] ieee802154 phy0 wpan0: encryption failed: -22
[  194.581613][ T1279] ieee802154 phy1 wpan1: encryption failed: -22
[  194.832102][ T5836] mcp2221 0003:04D8:00DD.0001: USB HID v0.05 Device [HID 04d8:00dd] on usb-dummy_hcd.3-1/input0
[  194.881598][ T6910] netlink: 'syz.0.285': attribute type 10 has an invalid length.
[  195.759955][ T5836] usb 4-1: USB disconnect, device number 8
[  197.414009][ T6938] syzkaller0: entered promiscuous mode
[  197.425660][ T6940] binder: 6939:6940 ioctl c0306201 200000000300 returned -11
[  197.436061][   T27] usb 4-1: new full-speed USB device number 9 using dummy_hcd
[  197.446977][ T6938] syzkaller0: entered allmulticast mode
[  197.629410][   T27] usb 4-1: unable to get BOS descriptor or descriptor too short
[  197.654258][   T27] usb 4-1: not running at top speed; connect to a high speed hub
[  197.806712][   T27] usb 4-1: config index 0 descriptor too short (expected 33938, got 146)
[  197.837047][   T27] usb 4-1: config 234 has too many interfaces: 68, using maximum allowed: 32
[  197.850152][   T27] usb 4-1: config 234 has an invalid descriptor of length 0, skipping remainder of the config
[  197.864736][   T27] usb 4-1: config 234 has 1 interface, different from the descriptor's value: 68
[  197.883838][   T27] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  197.901431][   T27] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  197.911093][   T27] usb 4-1: Product: syz
[  197.932303][   T27] usb 4-1: Manufacturer: syz
[  197.951204][   T27] usb 4-1: SerialNumber: syz
[  199.000116][ T6955] netlink: 28 bytes leftover after parsing attributes in process `syz.0.297'.
[  199.025094][ T6955] nbd: must specify at least one socket
[  199.140205][   T27] usb 4-1: USB disconnect, device number 9
[  200.126363][ T6966] 9pnet_virtio: no channels available for device 127.0.0.1
[  201.801318][ T6975] binder: 6973:6975 ioctl c0306201 200000000300 returned -11
[  202.509917][ T6984] syzkaller0: entered promiscuous mode
[  202.529904][ T6984] syzkaller0: entered allmulticast mode
[  202.650809][ T6990] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  202.797198][ T6992] netlink: 28 bytes leftover after parsing attributes in process `syz.1.307'.
[  202.812790][ T6992] nbd: must specify at least one socket
[  204.634343][ T6986] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  205.043116][ T7006] binder: BINDER_SET_CONTEXT_MGR already set
[  205.055933][ T7006] binder: 7004:7006 ioctl 4018620d 200000000040 returned -16
[  205.070623][ T7006] binder: 7004:7006 ioctl c0306201 200000000300 returned -11
[  205.147469][ T7008] sd 0:0:1:0: device reset
[  205.784977][ T7007] loop1: detected capacity change from 0 to 8192
[  206.041538][   T28] audit: type=1800 audit(1769677516.687:6): pid=7007 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.312" name="file2" dev="loop1" ino=1048592 res=0 errno=0
[  206.065338][ T7007] FAT-fs (loop1): error, invalid access to FAT (entry 0x0000e1b1)
[  206.095462][ T7007] FAT-fs (loop1): Filesystem has been set read-only
[  206.109894][   T27] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  206.225639][ T7007] FAT-fs (loop1): error, invalid access to FAT (entry 0x0000e1b1)
[  206.407336][   T27] usb 3-1: unable to get BOS descriptor or descriptor too short
[  206.489411][   T27] usb 3-1: config 14 has an invalid interface number: 217 but max is 0
[  206.536716][   T27] usb 3-1: config 14 has no interface number 0
[  206.568673][   T27] usb 3-1: config 14 interface 217 has no altsetting 0
[  206.605639][   T27] usb 3-1: New USB device found, idVendor=0545, idProduct=800c, bcdDevice= 3.0a
[  206.623886][   T27] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  206.659442][   T27] usb 3-1: Product: syz
[  206.700510][   T27] usb 3-1: Manufacturer: syz
[  206.715418][   T27] usb 3-1: SerialNumber: syz
[  206.809031][ T7021] netlink: 28 bytes leftover after parsing attributes in process `syz.1.316'.
[  206.836611][ T7021] nbd: must specify at least one socket
[  206.905474][ T7023] syzkaller0: entered promiscuous mode
[  206.923475][ T7023] syzkaller0: entered allmulticast mode
[  206.990755][   T27] usb 3-1: USB disconnect, device number 8
[  207.322693][ T7027] hfs: can't find a HFS filesystem on dev nullb0
[  208.637984][ T7032] binder: 7031:7032 ioctl c0306201 200000000300 returned -11
[  210.994263][ T7052] netlink: 28 bytes leftover after parsing attributes in process `syz.1.326'.
[  211.017117][ T7052] nbd: must specify at least one socket
[  211.421354][ T7037] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  211.493545][ T7037] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  212.640768][ T7037] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  212.649971][ T7037] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  212.663653][ T7037] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  212.672702][ T7037] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  213.452358][ T7062] comedi comedi2: reset error (fatal)
[  213.475561][ T7073] 9pnet_virtio: no channels available for device 127.0.0.1
[  213.484426][ T7074] binder: BINDER_SET_CONTEXT_MGR already set
[  213.495464][ T7074] binder: 7071:7074 ioctl 4018620d 200000000040 returned -16
[  214.023871][ T7074] binder: 7071:7074 ioctl c0306201 200000000300 returned -11
[  214.531137][ T7082] netlink: 28 bytes leftover after parsing attributes in process `syz.2.335'.
[  214.560462][ T7082] nbd: must specify at least one socket
[  216.683288][ T7095] binder: 7093:7095 ioctl c0306201 200000000300 returned -11
[  216.821006][ T7104] bond0: (slave team0): Releasing backup interface
[  216.842161][ T7104] bridge_slave_0: left allmulticast mode
[  216.856487][ T7104] bridge_slave_0: left promiscuous mode
[  216.873809][ T7104] bridge0: port 1(bridge_slave_0) entered disabled state
[  216.943882][ T7104] bridge_slave_1: left allmulticast mode
[  216.959527][ T7104] bridge_slave_1: left promiscuous mode
[  216.980663][ T7104] bridge0: port 2(bridge_slave_1) entered disabled state
[  216.995498][ T7104] bond0: (slave bond_slave_0): Releasing backup interface
[  217.062826][ T7104] bond0: (slave bond_slave_1): Releasing backup interface
[  217.109823][ T7111] binder: 7110:7111 ioctl c0306201 200000000300 returned -11
[  217.126688][ T7104] team0: Port device team_slave_0 removed
[  217.143779][ T7104] team0: Port device team_slave_1 removed
[  217.179709][ T7104] batman_adv: batadv0: Removing interface: batadv_slave_0
[  217.201077][ T7104] batman_adv: batadv0: Removing interface: batadv_slave_1
[  217.316987][ T7108] loop1: detected capacity change from 0 to 40427
[  217.330488][ T7108] F2FS-fs (loop1): build fault injection attr: rate: 771, type: 0x7ffff
[  217.344068][ T7108] F2FS-fs (loop1): invalid crc value
[  217.370583][ T7108] F2FS-fs (loop1): Found nat_bits in checkpoint
[  217.427611][ T7108] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  217.454918][ T7106] team0: Mode changed to "loadbalance"
[  217.499667][ T5770] syz-executor: attempt to access beyond end of device
[  217.499667][ T5770] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  217.536534][ T7109] netlink: 4 bytes leftover after parsing attributes in process `syz.0.342'.
[  217.553713][ T5770] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  217.953812][ T7122] loop2: detected capacity change from 0 to 512
[  217.993515][ T7122] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  218.074633][ T7122] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  218.190508][ T5767] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  219.909660][ T7134] binder: BINDER_SET_CONTEXT_MGR already set
[  219.923709][ T7134] binder: 7133:7134 ioctl 4018620d 200000000040 returned -16
[  219.944762][ T7134] binder: 7133:7134 ioctl c0306201 200000000300 returned -11
[  220.291756][ T7144] 9pnet_virtio: no channels available for device 127.0.0.1
[  220.680632][ T7135] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  220.764798][ T7141] loop0: detected capacity change from 0 to 32768
[  220.846641][ T7141] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  221.078959][ T7141] XFS (loop0): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x51.
[  221.849099][ T7141] XFS (loop0): Starting recovery (logdev: internal)
[  221.959827][ T7141] XFS (loop0): Ending recovery (logdev: internal)
[  222.113760][   T28] audit: type=1800 audit(1769677532.757:7): pid=7141 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.353" name="file1" dev="loop0" ino=4422 res=0 errno=0
[  222.499109][ T7161] loop3: detected capacity change from 0 to 40427
[  222.537141][ T7161] F2FS-fs (loop3): build fault injection attr: rate: 771, type: 0x7ffff
[  222.569178][ T7161] F2FS-fs (loop3): invalid crc value
[  222.650643][ T7161] F2FS-fs (loop3): Found nat_bits in checkpoint
[  222.734295][ T7161] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  223.279289][ T7162] syz.0.353 (7162) used greatest stack depth: 20688 bytes left
[  223.698229][ T5768] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  224.388242][ T5766] syz-executor: attempt to access beyond end of device
[  224.388242][ T5766] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  224.437938][ T5766] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  224.975838][ T7179] binder: BINDER_SET_CONTEXT_MGR already set
[  224.996336][ T7179] binder: 7178:7179 ioctl 4018620d 200000000040 returned -16
[  225.025132][ T7179] binder: 7178:7179 ioctl c0306201 200000000300 returned -11
[  226.217051][ T7184] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  226.376108][ T7200] 9pnet_virtio: no channels available for device 127.0.0.1
[  229.662307][ T7219] loop0: detected capacity change from 0 to 40427
[  230.393968][ T7219] F2FS-fs (loop0): build fault injection attr: rate: 771, type: 0x7ffff
[  230.405694][ T7219] F2FS-fs (loop0): invalid crc value
[  230.453377][ T7219] F2FS-fs (loop0): Found nat_bits in checkpoint
[  230.516780][ T7219] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  231.007687][ T7230] random: crng reseeded on system resumption
[  231.708599][ T5768] syz-executor: attempt to access beyond end of device
[  231.708599][ T5768] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  231.799772][ T5768] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  234.605235][ T7257] 9pnet_virtio: no channels available for device 127.0.0.1
[  235.106538][    T8] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  235.319470][    T8] usb 2-1: Using ep0 maxpacket: 16
[  235.331063][    T8] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  235.359983][    T8] usb 2-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  235.376548][    T8] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  235.406008][    T8] usb 2-1: config 0 descriptor??
[  235.873645][ T7264] random: crng reseeded on system resumption
[  236.109462][    T8] mcp2221 0003:04D8:00DD.0002: USB HID v0.05 Device [HID 04d8:00dd] on usb-dummy_hcd.1-1/input0
[  236.561918][    T8] usb 2-1: USB disconnect, device number 7
[  238.291956][ T7292] netlink: 'syz.3.388': attribute type 10 has an invalid length.
[  238.370987][ T7294] 9pnet_virtio: no channels available for device 127.0.0.1
[  239.186737][ T7300] random: crng reseeded on system resumption
[  240.166671][    T8] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  240.973107][    T8] usb 3-1: Using ep0 maxpacket: 16
[  240.982322][    T8] usb 3-1: config 0 has an invalid interface number: 132 but max is 0
[  240.991288][    T8] usb 3-1: config 0 has no interface number 0
[  241.008827][    T8] usb 3-1: New USB device found, idVendor=05ac, idProduct=0291, bcdDevice=43.25
[  241.023817][    T8] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  241.041363][    T8] usb 3-1: Product: syz
[  241.045578][    T8] usb 3-1: Manufacturer: syz
[  241.060634][    T8] usb 3-1: SerialNumber: syz
[  241.095082][    T8] usb 3-1: config 0 descriptor??
[  241.118797][    T8] hub 3-1:0.132: bad descriptor, ignoring hub
[  241.135179][    T8] hub: probe of 3-1:0.132 failed with error -5
[  241.158439][    T8] input: bcm5974 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.132/input/input14
[  241.838156][ T5778] usb 3-1: reset high-speed USB device number 9 using dummy_hcd
[  242.080953][ T7325] netlink: 'syz.0.400': attribute type 10 has an invalid length.
[  242.318256][ T5809] usb 3-1: USB disconnect, device number 9
[  242.866128][ T7332] random: crng reseeded on system resumption
[  243.765225][ T7342] 9pnet_virtio: no channels available for device 127.0.0.1
[  245.037244][ T7353] binder: 7351:7353 ioctl c0306201 200000000300 returned -11
[  245.514823][ T7364] netlink: 'syz.2.411': attribute type 10 has an invalid length.
[  247.118177][ T7374] loop2: detected capacity change from 0 to 2048
[  247.334468][ T7374] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  247.347244][ T7374] ext4 filesystem being mounted at /105/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  248.504552][ T5767] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  249.112783][ T7384] random: crng reseeded on system resumption
[  251.154910][ T7398] binder: 7397:7398 ioctl c0306201 200000000300 returned -11
[  252.346722][ T7410] netlink: 'syz.1.421': attribute type 10 has an invalid length.
[  252.793551][ T7419] loop3: detected capacity change from 0 to 2048
[  252.834458][ T7419] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024)
[  252.865399][ T7419] NILFS (loop3): segment count 8142508126285856831 exceeds upper limit (1152921504606846975 segments)
[  253.033513][ T7424] binder_alloc: 7423: pid 7423 spamming oneway? 1 buffers allocated for a total size of 4096
[  254.287268][ T7436] random: crng reseeded on system resumption
[  254.755754][ T7440] binder: 7439:7440 ioctl c0306201 200000000300 returned -11
[  255.989641][ T1279] ieee802154 phy0 wpan0: encryption failed: -22
[  255.995989][ T1279] ieee802154 phy1 wpan1: encryption failed: -22
[  256.146335][ T7455] netlink: 'syz.3.435': attribute type 10 has an invalid length.
[  258.052343][ T7467] syzkaller0: entered promiscuous mode
[  258.092859][ T7467] syzkaller0: entered allmulticast mode
[  258.201883][ T7470] binder: 7469:7470 ioctl c0306201 200000000300 returned -11
[  258.358478][ T7457] loop2: detected capacity change from 0 to 32768
[  258.742952][ T7477] loop3: detected capacity change from 0 to 40427
[  258.763140][ T7477] F2FS-fs (loop3): build fault injection attr: rate: 771, type: 0x7ffff
[  258.791922][ T7477] F2FS-fs (loop3): invalid crc value
[  258.876652][ T7480] random: crng reseeded on system resumption
[  259.039215][ T7477] F2FS-fs (loop3): Found nat_bits in checkpoint
[  259.272010][ T7477] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  259.449006][ T5766] syz-executor: attempt to access beyond end of device
[  259.449006][ T5766] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  259.486834][ T5766] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  259.897514][ T7498] ufs: You didn't specify the type of your ufs filesystem
[  259.897514][ T7498] 
[  259.897514][ T7498] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  259.897514][ T7498] 
[  259.897514][ T7498] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  260.012083][ T7498] ufs: ufstype=old is supported read-only
[  260.057774][ T7498] syz.0.448: attempt to access beyond end of device
[  260.057774][ T7498] loop1: rw=0, sector=16, nr_sectors = 2 limit=0
[  260.396765][ T7512] binder: 7511:7512 ioctl c0306201 200000000300 returned -11
[  260.613145][ T7520] netlink: 'syz.3.446': attribute type 10 has an invalid length.
[  260.806494][ T5859] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  261.355598][    C0] raw-gadget.0 gadget.0: ignoring, device is not running
[  261.526512][ T5859] usb 1-1: device descriptor read/64, error -32
[  261.647263][ T7517] syzkaller0: entered promiscuous mode
[  261.671779][ T7517] syzkaller0: entered allmulticast mode
[  261.833370][ T5859] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[  262.378793][ T5859] usb 1-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  262.390661][ T5859] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  262.402612][ T5859] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  262.413161][ T5859] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  262.439825][ T5859] usb 1-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  262.449543][ T5859] usb 1-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  262.460485][ T5859] usb 1-1: Manufacturer: syz
[  262.487351][ T5859] usb 1-1: config 0 descriptor??
[  262.975383][ T5859] appleir 0003:05AC:8243.0003: unknown main item tag 0x0
[  263.000434][ T5859] appleir 0003:05AC:8243.0003: No inputs registered, leaving
[  263.041607][ T5859] appleir 0003:05AC:8243.0003: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.0-1/input0
[  263.483352][ T5809] usb 1-1: USB disconnect, device number 11
[  264.352805][ T7537] random: crng reseeded on system resumption
[  265.919751][ T7541] ufs: You didn't specify the type of your ufs filesystem
[  265.919751][ T7541] 
[  265.919751][ T7541] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  265.919751][ T7541] 
[  265.919751][ T7541] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  265.997170][ T7541] ufs: ufstype=old is supported read-only
[  266.015711][ T7546] binder: 7545:7546 ioctl c0306201 200000000300 returned -11
[  266.019371][ T7541] syz.3.458: attempt to access beyond end of device
[  266.019371][ T7541] loop7: rw=0, sector=16, nr_sectors = 2 limit=0
[  266.044960][ T7547] syzkaller0: entered promiscuous mode
[  266.060887][ T7547] syzkaller0: entered allmulticast mode
[  266.165671][ T7551] netlink: 'syz.1.461': attribute type 10 has an invalid length.
[  267.023060][ T7559] ufs: You didn't specify the type of your ufs filesystem
[  267.023060][ T7559] 
[  267.023060][ T7559] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  267.023060][ T7559] 
[  267.023060][ T7559] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  267.054572][ T7559] ufs: ufstype=old is supported read-only
[  267.062037][ T7559] syz.1.465: attempt to access beyond end of device
[  267.062037][ T7559] loop3: rw=0, sector=16, nr_sectors = 2 limit=0
[  267.257996][ T7563] random: crng reseeded on system resumption
[  267.826555][ T7570] netlink: 28 bytes leftover after parsing attributes in process `syz.0.466'.
[  268.879494][ T7581] binder: 7579:7581 ioctl c0306201 200000000300 returned -11
[  268.904614][ T7583] ufs: You didn't specify the type of your ufs filesystem
[  268.904614][ T7583] 
[  268.904614][ T7583] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  268.904614][ T7583] 
[  268.904614][ T7583] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  268.943198][ T7583] ufs: ufstype=old is supported read-only
[  268.949308][ T7583] syz.3.471: attempt to access beyond end of device
[  268.949308][ T7583] loop7: rw=0, sector=16, nr_sectors = 2 limit=0
[  269.404684][ T7591] syzkaller0: entered promiscuous mode
[  269.444064][ T7591] syzkaller0: entered allmulticast mode
[  269.605596][ T7593] netlink: 'syz.0.475': attribute type 10 has an invalid length.
[  270.737241][ T7602] random: crng reseeded on system resumption
[  272.262554][ T7614] binder: 7613:7614 ioctl 4018620d 0 returned -22
[  272.275709][ T7614] binder: 7613:7614 ioctl c0306201 200000000300 returned -11
[  272.526480][ T5859] usb 4-1: new full-speed USB device number 10 using dummy_hcd
[  273.862430][ T7626] syzkaller0: entered promiscuous mode
[  273.867994][ T5859] usb 4-1: unable to get BOS descriptor or descriptor too short
[  273.868502][ T5859] usb 4-1: not running at top speed; connect to a high speed hub
[  273.875838][ T7626] syzkaller0: entered allmulticast mode
[  273.977335][ T5859] usb 4-1: config index 0 descriptor too short (expected 33938, got 146)
[  274.003065][ T5859] usb 4-1: config 234 has too many interfaces: 68, using maximum allowed: 32
[  274.030848][ T5859] usb 4-1: config 234 has an invalid descriptor of length 0, skipping remainder of the config
[  274.055471][ T5859] usb 4-1: config 234 has 1 interface, different from the descriptor's value: 68
[  274.131635][ T5859] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  274.152974][ T5859] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  274.168738][ T5859] usb 4-1: Product: syz
[  274.172960][ T5859] usb 4-1: Manufacturer: syz
[  274.195577][ T5859] usb 4-1: SerialNumber: syz
[  274.418025][ T5859] usb 4-1: USB disconnect, device number 10
[  275.981816][ T7644] netlink: 'syz.1.488': attribute type 10 has an invalid length.
[  276.883515][ T7648] random: crng reseeded on system resumption
[  277.482153][ T7651] binder: 7650:7651 ioctl 4018620d 0 returned -22
[  277.549581][ T7651] binder: 7650:7651 ioctl c0306201 200000000300 returned -11
[  277.678405][ T7653] syzkaller0: entered promiscuous mode
[  277.684061][ T7653] syzkaller0: entered allmulticast mode
[  278.896643][    T8] usb 3-1: new full-speed USB device number 10 using dummy_hcd
[  279.180443][    T8] usb 3-1: unable to get BOS descriptor or descriptor too short
[  279.209817][    T8] usb 3-1: not running at top speed; connect to a high speed hub
[  279.239754][    T8] usb 3-1: config index 0 descriptor too short (expected 33938, got 146)
[  279.266593][    T8] usb 3-1: config 234 has too many interfaces: 68, using maximum allowed: 32
[  279.283644][    T8] usb 3-1: config 234 has an invalid descriptor of length 0, skipping remainder of the config
[  279.310078][    T8] usb 3-1: config 234 has 1 interface, different from the descriptor's value: 68
[  279.346928][    T8] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  279.362374][    T8] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  279.384617][    T8] usb 3-1: Product: syz
[  279.391621][    T8] usb 3-1: Manufacturer: syz
[  279.405234][    T8] usb 3-1: SerialNumber: syz
[  279.718795][    T8] usb 3-1: USB disconnect, device number 10
[  282.056755][ T5809] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  282.373856][ T5809] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  282.395574][ T5809] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  282.890183][ T5809] usb 3-1: New USB device found, idVendor=050d, idProduct=3201, bcdDevice= 0.00
[  282.900028][ T5809] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  283.023943][ T5809] usb 3-1: config 0 descriptor??
[  283.190328][ T7689] random: crng reseeded on system resumption
[  283.685662][ T5809] belkin 0003:050D:3201.0004: item fetching failed at offset 2/5
[  283.699194][ T5809] belkin 0003:050D:3201.0004: parse failed
[  283.705283][ T5809] belkin: probe of 0003:050D:3201.0004 failed with error -22
[  283.774064][ T5809] usb 3-1: USB disconnect, device number 11
[  285.728115][ T7712] loop1: detected capacity change from 0 to 512
[  285.728699][ T7711] loop3: detected capacity change from 0 to 1024
[  285.746752][ T7712] EXT4-fs: Ignoring removed i_version option
[  285.764929][ T7712] EXT4-fs: Ignoring removed oldalloc option
[  285.778528][ T7712] EXT4-fs (loop1): Test dummy encryption mode enabled
[  285.818856][ T7712] EXT4-fs (loop1): 1 truncate cleaned up
[  285.827280][ T7712] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  285.843108][ T7711] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  286.004548][ T7711] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  286.619718][ T7711] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1231: group 0, block bitmap and bg descriptor inconsistent: 25 vs 1305 free clusters
[  286.698147][ T5770] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  286.721370][ T7711] EXT4-fs warning (device loop3): ext4_expand_extra_isize_ea:2852: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  287.033809][ T5766] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  288.913083][ T5816] usb 2-1: new full-speed USB device number 8 using dummy_hcd
[  289.223985][ T5816] usb 2-1: unable to get BOS descriptor or descriptor too short
[  289.256879][ T5816] usb 2-1: not running at top speed; connect to a high speed hub
[  289.394904][ T5816] usb 2-1: config index 0 descriptor too short (expected 33938, got 146)
[  289.456038][ T5816] usb 2-1: config 234 has too many interfaces: 68, using maximum allowed: 32
[  289.526921][ T5816] usb 2-1: config 234 has an invalid descriptor of length 0, skipping remainder of the config
[  289.579867][ T5816] usb 2-1: config 234 has 1 interface, different from the descriptor's value: 68
[  289.595098][ T7741] random: crng reseeded on system resumption
[  289.679259][ T5816] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  289.696547][ T5816] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  289.704725][ T5816] usb 2-1: Product: syz
[  289.705215][ T7738] binder: 7735:7738 ioctl c0306201 200000000300 returned -11
[  289.709774][ T5816] usb 2-1: Manufacturer: syz
[  289.721872][ T5816] usb 2-1: SerialNumber: syz
[  290.279657][ T5816] usb 2-1: can't set config #234, error -71
[  290.300919][ T5816] usb 2-1: USB disconnect, device number 8
[  292.084812][ T7760] geneve2: entered promiscuous mode
[  292.090221][ T7760] geneve2: entered allmulticast mode
[  297.487440][ T7788] random: crng reseeded on system resumption
[  299.387960][ T7801] loop0: detected capacity change from 0 to 128
[  301.753931][    T9] usb 3-1: new full-speed USB device number 12 using dummy_hcd
[  301.909837][   T28] audit: type=1326 audit(1769677612.477:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7817 comm="syz.2.532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff04599aeb9 code=0x7ffc0000
[  302.205247][   T28] audit: type=1326 audit(1769677612.477:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7817 comm="syz.2.532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff04599aeb9 code=0x7ffc0000
[  302.431437][   T28] audit: type=1326 audit(1769677612.487:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7817 comm="syz.2.532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7ff04599aeb9 code=0x7ffc0000
[  302.453892][   T28] audit: type=1326 audit(1769677612.487:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7817 comm="syz.2.532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff04599aeb9 code=0x7ffc0000
[  302.506659][   T28] audit: type=1326 audit(1769677612.487:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7817 comm="syz.2.532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff04599aeb9 code=0x7ffc0000
[  302.528964][   T28] audit: type=1326 audit(1769677612.487:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7817 comm="syz.2.532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7ff04599aeb9 code=0x7ffc0000
[  302.552831][   T28] audit: type=1326 audit(1769677612.487:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7817 comm="syz.2.532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff04599aeb9 code=0x7ffc0000
[  302.578721][   T28] audit: type=1326 audit(1769677612.497:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7817 comm="syz.2.532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff04599aeb9 code=0x7ffc0000
[  302.605007][   T28] audit: type=1326 audit(1769677612.497:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7817 comm="syz.2.532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=88 compat=0 ip=0x7ff04599aeb9 code=0x7ffc0000
[  302.633935][   T28] audit: type=1326 audit(1769677612.497:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7817 comm="syz.2.532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff04599aeb9 code=0x7ffc0000
[  302.684971][ T7824] binder: BINDER_SET_CONTEXT_MGR already set
[  302.691556][ T7824] binder: 7823:7824 ioctl 4018620d 200000000040 returned -16
[  302.705024][ T7824] binder: 7823:7824 ioctl c0306201 200000000300 returned -11
[  304.895641][ T7846] random: crng reseeded on system resumption
[  305.167261][   T27] usb 2-1: new full-speed USB device number 9 using dummy_hcd
[  305.384771][   T27] usb 2-1: unable to get BOS descriptor or descriptor too short
[  305.394346][   T27] usb 2-1: not running at top speed; connect to a high speed hub
[  305.405601][   T27] usb 2-1: config index 0 descriptor too short (expected 33938, got 146)
[  305.414489][   T27] usb 2-1: config 234 has too many interfaces: 68, using maximum allowed: 32
[  305.423501][   T27] usb 2-1: config 234 has an invalid descriptor of length 0, skipping remainder of the config
[  305.434034][   T27] usb 2-1: config 234 has 1 interface, different from the descriptor's value: 68
[  305.446873][   T27] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  305.455999][   T27] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  305.464461][   T27] usb 2-1: Product: syz
[  305.468764][   T27] usb 2-1: Manufacturer: syz
[  305.473433][   T27] usb 2-1: SerialNumber: syz
[  305.626684][    T8] usb 1-1: new high-speed USB device number 12 using dummy_hcd
[  305.834408][   T27] usb 2-1: USB disconnect, device number 9
[  305.835751][    T8] usb 1-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  305.855293][    T8] usb 1-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  305.869052][    T8] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  305.878939][    T8] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  305.893077][ T7850] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  305.914027][    T8] usb 1-1: Quirk or no altest; falling back to MIDI 1.0
[  306.347517][   T27] usb 1-1: USB disconnect, device number 12
[  308.495918][ T7864] binder: 7863:7864 ioctl c0306201 0 returned -14
[  308.506255][ T7864] binder: 7863:7864 ioctl c0306201 200000000300 returned -11
[  308.878544][ T7871] ufs: You didn't specify the type of your ufs filesystem
[  308.878544][ T7871] 
[  308.878544][ T7871] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  308.878544][ T7871] 
[  308.878544][ T7871] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  308.909467][ T7871] ufs: ufstype=old is supported read-only
[  308.916693][ T7871] syz.0.547: attempt to access beyond end of device
[  308.916693][ T7871] loop1: rw=0, sector=16, nr_sectors = 2 limit=0
[  310.336650][ T7877] random: crng reseeded on system resumption
[  311.015672][ T7887] loop3: detected capacity change from 0 to 40427
[  311.709808][ T7888] fuse: Bad value for 'fd'
[  311.743811][ T7887] F2FS-fs (loop3): build fault injection attr: rate: 771, type: 0x7ffff
[  311.762173][ T7887] F2FS-fs (loop3): invalid crc value
[  312.520769][ T7887] F2FS-fs (loop3): Found nat_bits in checkpoint
[  313.446555][ T7887] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  313.808363][ T5766] syz-executor: attempt to access beyond end of device
[  313.808363][ T5766] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  313.866545][ T5766] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  314.020250][ T7895] binder: 7894:7895 ioctl c0306201 0 returned -14
[  314.051133][ T7895] binder: 7894:7895 ioctl c0306201 200000000300 returned -11
[  315.336707][ T7911] ufs: You didn't specify the type of your ufs filesystem
[  315.336707][ T7911] 
[  315.336707][ T7911] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  315.336707][ T7911] 
[  315.336707][ T7911] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  315.367974][ T7911] ufs: ufstype=old is supported read-only
[  315.373856][ T7911] syz.1.560: attempt to access beyond end of device
[  315.373856][ T7911] loop3: rw=0, sector=16, nr_sectors = 2 limit=0
[  316.771466][ T7924] loop0: detected capacity change from 0 to 40427
[  317.441111][ T1279] ieee802154 phy0 wpan0: encryption failed: -22
[  317.457901][ T1279] ieee802154 phy1 wpan1: encryption failed: -22
[  319.790366][ T7924] F2FS-fs (loop0): build fault injection attr: rate: 771, type: 0x7ffff
[  319.805779][ T7924] F2FS-fs (loop0): invalid crc value
[  319.812166][ T7924] F2FS-fs (loop0): Failed to start F2FS issue_checkpoint_thread (-4)
[  320.429168][ T7931] random: crng reseeded on system resumption
[  321.025787][ T7936] binder: 7935:7936 ioctl c0306201 0 returned -14
[  321.050054][ T7936] binder: 7935:7936 ioctl c0306201 200000000300 returned -11
[  324.554293][ T7959] ufs: You didn't specify the type of your ufs filesystem
[  324.554293][ T7959] 
[  324.554293][ T7959] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  324.554293][ T7959] 
[  324.554293][ T7959] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  324.585231][ T7959] ufs: ufstype=old is supported read-only
[  324.594989][ T7959] syz.0.571: attempt to access beyond end of device
[  324.594989][ T7959] loop1: rw=0, sector=16, nr_sectors = 2 limit=0
[  326.047374][ T7960] loop3: detected capacity change from 0 to 40427
[  327.448534][ T7960] F2FS-fs (loop3): build fault injection attr: rate: 771, type: 0x7ffff
[  327.477679][ T7960] F2FS-fs (loop3): invalid crc value
[  327.483109][ T7960] F2FS-fs (loop3): Failed to start F2FS issue_checkpoint_thread (-4)
[  328.286211][ T7971] binder: 7970:7971 ioctl c0306201 200000000300 returned -11
[  328.491391][ T7975] random: crng reseeded on system resumption
[  332.336447][ T7996] ufs: You didn't specify the type of your ufs filesystem
[  332.336447][ T7996] 
[  332.336447][ T7996] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  332.336447][ T7996] 
[  332.336447][ T7996] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  332.369216][ T7996] ufs: ufstype=old is supported read-only
[  332.393588][ T7996] syz.3.584: attempt to access beyond end of device
[  332.393588][ T7996] loop7: rw=0, sector=16, nr_sectors = 2 limit=0
[  334.016310][ T7997] loop0: detected capacity change from 0 to 40427
[  334.104712][ T7997] F2FS-fs (loop0): build fault injection attr: rate: 771, type: 0x7ffff
[  334.116695][ T7997] F2FS-fs (loop0): invalid crc value
[  334.133197][ T7997] F2FS-fs (loop0): Found nat_bits in checkpoint
[  334.465489][ T7997] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  335.017119][ T5768] syz-executor: attempt to access beyond end of device
[  335.017119][ T5768] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  335.076555][ T5768] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  335.839315][ T8011] binder: 8010:8011 ioctl c0306201 200000000300 returned -11
[  336.047383][ T8006] syz.2.587: vmalloc error: size 2768896, failed to allocated page array size 5408, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=syz2,mems_allowed=0-1
[  336.065696][ T8006] CPU: 0 PID: 8006 Comm: syz.2.587 Not tainted syzkaller #0
[  336.072986][ T8006] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  336.083049][ T8006] Call Trace:
[  336.086332][ T8006]  <TASK>
[  336.089261][ T8006]  dump_stack_lvl+0x18c/0x250
[  336.093950][ T8006]  ? show_regs_print_info+0x20/0x20
[  336.099152][ T8006]  ? load_image+0x400/0x400
[  336.103655][ T8006]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  336.110076][ T8006]  ? cpuset_print_current_mems_allowed+0x2e7/0x360
[  336.116592][ T8006]  warn_alloc+0x246/0x340
[  336.120965][ T8006]  ? zone_watermark_ok_safe+0x230/0x230
[  336.126517][ T8006]  ? _raw_spin_unlock+0x28/0x40
[  336.131365][ T8006]  ? __vb2_queue_alloc+0x794/0x1410
[  336.136569][ T8006]  __vmalloc_node_range+0x662/0x1330
[  336.141919][ T8006]  ? free_vm_area+0x50/0x50
[  336.146463][ T8006]  vmalloc_user+0x74/0x80
[  336.150807][ T8006]  ? vb2_vmalloc_alloc+0xef/0x330
[  336.155833][ T8006]  vb2_vmalloc_alloc+0xef/0x330
[  336.160688][ T8006]  ? __copy_timestamp+0x1f0/0x1f0
[  336.165803][ T8006]  __vb2_queue_alloc+0x794/0x1410
[  336.170849][ T8006]  vb2_core_reqbufs+0xa74/0x1180
[  336.175800][ T8006]  ? asm_sysvec_call_function_single+0x1a/0x20
[  336.181958][ T8006]  ? vb2_verify_memory_type+0x570/0x570
[  336.187508][ T8006]  ? vb2_reqbufs+0x360/0x5a0
[  336.192105][ T8006]  v4l2_m2m_ioctl_reqbufs+0x16c/0x230
[  336.197488][ T8006]  __video_do_ioctl+0xc30/0xd50
[  336.202362][ T8006]  ? video_ioctl2+0x30/0x30
[  336.206873][ T8006]  ? __might_fault+0xc6/0x120
[  336.211552][ T8006]  ? __might_fault+0xaa/0x120
[  336.216227][ T8006]  video_usercopy+0x89f/0x1380
[  336.221002][ T8006]  ? video_ioctl2+0x30/0x30
[  336.225507][ T8006]  ? v4l_printk_ioctl+0x160/0x160
[  336.230552][ T8006]  v4l2_ioctl+0x18a/0x1e0
[  336.234887][ T8006]  ? v4l2_poll+0x2b0/0x2b0
[  336.239372][ T8006]  __se_sys_ioctl+0xfd/0x170
[  336.243964][ T8006]  do_syscall_64+0x55/0xa0
[  336.248385][ T8006]  ? clear_bhb_loop+0x40/0x90
[  336.253059][ T8006]  ? clear_bhb_loop+0x40/0x90
[  336.257737][ T8006]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  336.263629][ T8006] RIP: 0033:0x7ff04599aeb9
[  336.268146][ T8006] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  336.287766][ T8006] RSP: 002b:00007ff043bd5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  336.296184][ T8006] RAX: ffffffffffffffda RBX: 00007ff045c16090 RCX: 00007ff04599aeb9
[  336.304177][ T8006] RDX: 0000200000000000 RSI: 00000000c0145608 RDI: 0000000000000007
[  336.312160][ T8006] RBP: 00007ff045a08c1f R08: 0000000000000000 R09: 0000000000000000
[  336.320135][ T8006] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  336.328108][ T8006] R13: 00007ff045c16128 R14: 00007ff045c16090 R15: 00007ffc272dd178
[  336.336096][ T8006]  </TASK>
[  336.340102][ T8006] Mem-Info:
[  336.343224][ T8006] active_anon:21276 inactive_anon:0 isolated_anon:0
[  336.343224][ T8006]  active_file:10854 inactive_file:40037 isolated_file:0
[  336.343224][ T8006]  unevictable:768 dirty:176 writeback:0
[  336.343224][ T8006]  slab_reclaimable:10415 slab_unreclaimable:91135
[  336.343224][ T8006]  mapped:24750 shmem:14342 pagetables:618
[  336.343224][ T8006]  sec_pagetables:0 bounce:0
[  336.343224][ T8006]  kernel_misc_reclaimable:0
[  336.343224][ T8006]  free:1298079 free_pcp:9892 free_cma:0
[  336.388683][ T8006] Node 0 active_anon:85104kB inactive_anon:0kB active_file:43416kB inactive_file:159944kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:99000kB dirty:704kB writeback:0kB shmem:55832kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11588kB pagetables:2472kB sec_pagetables:0kB all_unreclaimable? no
[  336.421674][ T8006] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  336.452398][ T8006] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  336.479530][ T8006] lowmem_reserve[]: 0 2521 2522 2522 2522
[  336.485293][ T8006] Node 0 DMA32 free:1281976kB boost:0kB min:34644kB low:43304kB high:51964kB reserved_highatomic:0KB active_anon:85064kB inactive_anon:0kB active_file:43416kB inactive_file:159124kB unevictable:1536kB writepending:704kB present:3129332kB managed:2586972kB mlocked:0kB bounce:0kB free_pcp:20796kB local_pcp:18996kB free_cma:0kB
[  336.516424][ T8006] lowmem_reserve[]: 0 0 0 0 0
[  336.521161][ T8006] Node 0 Normal free:4kB boost:0kB min:8kB low:8kB high:8kB reserved_highatomic:0KB active_anon:40kB inactive_anon:0kB active_file:0kB inactive_file:820kB unevictable:0kB writepending:0kB present:1048576kB managed:872kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:0kB free_cma:0kB
[  336.547986][ T8006] lowmem_reserve[]: 0 0 0 0 0
[  336.552701][ T8006] Node 1 Normal free:3894976kB boost:0kB min:55244kB low:69052kB high:82860kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB writepending:0kB present:4194304kB managed:4117312kB mlocked:0kB bounce:0kB free_pcp:18764kB local_pcp:11852kB free_cma:0kB
[  336.582268][ T8006] lowmem_reserve[]: 0 0 0 0 0
[  336.587038][ T8006] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  336.599803][ T8006] Node 0 DMA32: 2*4kB (UM) 2*8kB (ME) 0*16kB 5*32kB (UME) 2*64kB (E) 3*128kB (UME) 11*256kB (ME) 15*512kB (UME) 9*1024kB (UM) 8*2048kB (UME) 304*4096kB (M) = 1281976kB
[  336.617227][ T8006] Node 0 Normal: 1*4kB (M) 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 4kB
[  336.629276][ T8006] Node 1 Normal: 174*4kB (UE) 35*8kB (UME) 33*16kB (UME) 45*32kB (UME) 15*64kB (UE) 3*128kB (UME) 2*256kB (UE) 2*512kB (UM) 2*1024kB (UE) 2*2048kB (UE) 948*4096kB (M) = 3894976kB
[  336.647229][ T8006] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  336.656814][ T8006] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  336.666192][ T8006] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  336.675778][ T8006] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  336.685118][ T8006] 65233 total pagecache pages
[  336.689863][ T8006] 0 pages in swap cache
[  336.694007][ T8006] Free swap  = 124400kB
[  336.698186][ T8006] Total swap = 124996kB
[  336.702331][ T8006] 2097051 pages RAM
[  336.706126][ T8006] 0 pages HighMem/MovableOnly
[  336.711308][ T8006] 416922 pages reserved
[  336.715455][ T8006] 0 pages cma reserved
[  343.198444][ T8036] loop2: detected capacity change from 0 to 40427
[  343.276587][ T8036] F2FS-fs (loop2): build fault injection attr: rate: 771, type: 0x7ffff
[  343.288919][ T8036] F2FS-fs (loop2): invalid crc value
[  343.494076][ T8036] F2FS-fs (loop2): Found nat_bits in checkpoint
[  343.615841][ T8036] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  344.166772][ T8043] ufs: You didn't specify the type of your ufs filesystem
[  344.166772][ T8043] 
[  344.166772][ T8043] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  344.166772][ T8043] 
[  344.166772][ T8043] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  344.202159][ T8043] ufs: ufstype=old is supported read-only
[  344.208640][ T8043] syz.0.595: attempt to access beyond end of device
[  344.208640][ T8043] loop1: rw=0, sector=16, nr_sectors = 2 limit=0
[  350.016645][ T8065] binder: 8062:8065 ioctl c0306201 200000000300 returned -11
[  352.441730][ T8081] ufs: You didn't specify the type of your ufs filesystem
[  352.441730][ T8081] 
[  352.441730][ T8081] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  352.441730][ T8081] 
[  352.441730][ T8081] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  352.472992][ T8081] ufs: ufstype=old is supported read-only
[  352.480256][ T8081] syz.2.605: attempt to access beyond end of device
[  352.480256][ T8081] loop5: rw=0, sector=16, nr_sectors = 2 limit=0
[  353.815744][ T8086] loop2: detected capacity change from 0 to 40427
[  354.479843][ T8086] F2FS-fs (loop2): build fault injection attr: rate: 771, type: 0x7ffff
[  354.516480][ T8086] F2FS-fs (loop2): invalid crc value
[  355.512533][ T8086] F2FS-fs (loop2): Found nat_bits in checkpoint
[  355.642037][ T8086] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  356.836065][ T8093] netlink: 8 bytes leftover after parsing attributes in process `syz.3.608'.
[  356.854596][ T8093] net_ratelimit: 2742 callbacks suppressed
[  356.854613][ T8093] netlink: set zone limit has 8 unknown bytes
[  357.523124][ T5087] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  357.540080][ T5087] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  357.663240][ T5087] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  357.692538][ T5087] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  357.701038][ T5087] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  357.708871][ T5087] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  357.741235][ T5859] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  357.936414][ T5859] usb 3-1: Using ep0 maxpacket: 8
[  359.483162][ T5859] usb 3-1: config index 0 descriptor too short (expected 301, got 45)
[  359.492309][ T5859] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  359.502544][ T5859] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  359.512936][ T5859] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  359.523264][ T5859] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  360.466544][ T5859] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  360.475696][ T5859] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  360.920461][   T12] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  360.945894][    C0] raw-gadget.0 gadget.2: ignoring, device is not running
[  360.953679][ T5859] usb 3-1: can't set config #16, error -32
[  360.994715][ T5809] usb 3-1: USB disconnect, device number 13
[  361.045941][ T8112] binder: 8109:8112 ioctl c0306201 200000000300 returned -11
[  361.343772][   T12] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  361.571279][ T5087] Bluetooth: hci3: command tx timeout
[  361.952222][ T8121] ufs: You didn't specify the type of your ufs filesystem
[  361.952222][ T8121] 
[  361.952222][ T8121] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  361.952222][ T8121] 
[  361.952222][ T8121] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  361.983078][ T8121] ufs: ufstype=old is supported read-only
[  361.989121][ T8121] syz.3.614: attempt to access beyond end of device
[  361.989121][ T8121] loop7: rw=0, sector=16, nr_sectors = 2 limit=0
[  362.174872][   T12] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  362.692587][   T12] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  363.586593][ T5087] Bluetooth: hci3: command tx timeout
[  363.644052][ T8096] chnl_net:caif_netlink_parms(): no params data found
[  363.877831][ T8147] binder: 8146:8147 ioctl c0306201 200000000300 returned -11
[  363.931701][   T12] tipc: Left network mode
[  364.064877][ T8096] bridge0: port 1(bridge_slave_0) entered blocking state
[  364.091408][ T8096] bridge0: port 1(bridge_slave_0) entered disabled state
[  364.116622][ T8096] bridge_slave_0: entered allmulticast mode
[  364.134265][ T8096] bridge_slave_0: entered promiscuous mode
[  364.167929][ T8096] bridge0: port 2(bridge_slave_1) entered blocking state
[  364.195501][ T8096] bridge0: port 2(bridge_slave_1) entered disabled state
[  364.225999][ T8096] bridge_slave_1: entered allmulticast mode
[  364.241368][ T8096] bridge_slave_1: entered promiscuous mode
[  364.619348][ T8096] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  364.622335][ T8144] loop3: detected capacity change from 0 to 32768
[  364.709733][ T8144] (syz.3.620,8144,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  364.763806][ T8096] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  364.786251][ T8144] (syz.3.620,8144,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  364.922276][ T8096] team0: Port device team_slave_0 added
[  364.934452][ T8096] team0: Port device team_slave_1 added
[  364.964224][ T8144] JBD2: Ignoring recovery information on journal
[  365.100200][ T8144] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  365.114070][ T8096] batman_adv: batadv0: Adding interface: batadv_slave_0
[  365.126370][ T8096] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  365.180911][ T8096] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  365.271492][ T8096] batman_adv: batadv0: Adding interface: batadv_slave_1
[  365.296228][ T8096] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  365.366425][ T8096] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  365.547065][ T8096] hsr_slave_0: entered promiscuous mode
[  365.557459][ T8096] hsr_slave_1: entered promiscuous mode
[  365.584917][ T8096] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  365.620561][ T8096] Cannot create hsr debugfs directory
[  365.693030][ T5087] Bluetooth: hci3: command tx timeout
[  366.186878][ T8181] ufs: You didn't specify the type of your ufs filesystem
[  366.186878][ T8181] 
[  366.186878][ T8181] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  366.186878][ T8181] 
[  366.186878][ T8181] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  366.218547][ T8181] ufs: ufstype=old is supported read-only
[  366.224502][ T8181] syz.2.623: attempt to access beyond end of device
[  366.224502][ T8181] loop5: rw=0, sector=16, nr_sectors = 2 limit=0
[  366.505640][ T5766] ocfs2: Unmounting device (7,3) on (node local)
[  367.563534][ T8202] ufs: You didn't specify the type of your ufs filesystem
[  367.563534][ T8202] 
[  367.563534][ T8202] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  367.563534][ T8202] 
[  367.563534][ T8202] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  367.595973][ T8202] ufs: ufstype=old is supported read-only
[  367.602017][ T8202] syz.3.624: attempt to access beyond end of device
[  367.602017][ T8202] loop7: rw=0, sector=16, nr_sectors = 2 limit=0
[  367.695743][   T12] hsr_slave_0: left promiscuous mode
[  367.712879][   T12] hsr_slave_1: left promiscuous mode
[  367.746477][ T5087] Bluetooth: hci3: command tx timeout
[  367.756939][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  367.764458][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  367.773904][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  367.781515][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  367.789550][   T12] bridge_slave_1: left allmulticast mode
[  367.795227][   T12] bridge_slave_1: left promiscuous mode
[  367.803233][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  367.815905][   T12] bridge_slave_0: left allmulticast mode
[  367.821706][   T12] bridge_slave_0: left promiscuous mode
[  367.828820][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  367.870221][   T12] veth1_macvtap: left promiscuous mode
[  367.883460][   T12] veth0_macvtap: left promiscuous mode
[  367.891434][   T12] veth1_vlan: left promiscuous mode
[  367.903939][   T12] veth0_vlan: left promiscuous mode
[  368.199301][ T8193] loop2: detected capacity change from 0 to 40427
[  368.248474][ T8193] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  368.284379][ T8193] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  368.317445][ T8193] F2FS-fs (loop2): invalid crc value
[  368.362062][ T8193] F2FS-fs (loop2): Found nat_bits in checkpoint
[  368.535490][ T8213] binder: 8212:8213 ioctl c0306201 200000000300 returned -11
[  368.574850][ T8193] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  368.584935][ T8193] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  369.426155][   T12] team0 (unregistering): Port device team_slave_1 removed
[  369.525728][   T12] team0 (unregistering): Port device team_slave_0 removed
[  369.628852][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  369.697690][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  370.367130][   T12] bond0 (unregistering): (slave team0): Releasing backup interface
[  370.455660][   T12] bond0 (unregistering): Released all slaves
[  370.853266][ T8096] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  370.937308][ T8096] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  371.028854][ T8096] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  371.084089][ T8096] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  371.420338][ T8096] 8021q: adding VLAN 0 to HW filter on device bond0
[  371.483733][ T8096] 8021q: adding VLAN 0 to HW filter on device team0
[  371.541379][   T49] bridge0: port 1(bridge_slave_0) entered blocking state
[  371.548614][   T49] bridge0: port 1(bridge_slave_0) entered forwarding state
[  371.613962][   T49] bridge0: port 2(bridge_slave_1) entered blocking state
[  371.621194][   T49] bridge0: port 2(bridge_slave_1) entered forwarding state
[  371.911556][ T8249] ufs: You didn't specify the type of your ufs filesystem
[  371.911556][ T8249] 
[  371.911556][ T8249] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  371.911556][ T8249] 
[  371.911556][ T8249] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  371.943024][ T8249] ufs: ufstype=old is supported read-only
[  371.949692][ T8249] syz.2.633: attempt to access beyond end of device
[  371.949692][ T8249] loop5: rw=0, sector=16, nr_sectors = 2 limit=0
[  372.520899][ T8096] 8021q: adding VLAN 0 to HW filter on device batadv0
[  373.949244][ T8096] veth0_vlan: entered promiscuous mode
[  374.000421][ T8096] veth1_vlan: entered promiscuous mode
[  374.100116][ T8096] veth0_macvtap: entered promiscuous mode
[  374.132455][ T8096] veth1_macvtap: entered promiscuous mode
[  374.210205][ T8096] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  374.253822][ T8096] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  374.289589][ T8096] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  374.329986][ T8096] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  374.372546][ T8096] batman_adv: batadv0: Interface activated: batadv_slave_0
[  374.415078][ T8096] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  374.442620][ T8096] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  374.481443][ T8096] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  374.512807][ T8096] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  374.548285][ T8096] batman_adv: batadv0: Interface activated: batadv_slave_1
[  374.569993][ T8096] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  374.602564][ T8096] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  374.631166][ T8096] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  374.664929][ T8096] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  374.883899][ T1138] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  374.909661][ T1138] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  375.013356][   T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  375.036267][   T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  376.073227][ T8322] ufs: You didn't specify the type of your ufs filesystem
[  376.073227][ T8322] 
[  376.073227][ T8322] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  376.073227][ T8322] 
[  376.073227][ T8322] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  376.104043][ T8322] ufs: ufstype=old is supported read-only
[  376.110011][ T8322] syz.0.646: attempt to access beyond end of device
[  376.110011][ T8322] loop1: rw=0, sector=16, nr_sectors = 2 limit=0
[  377.300464][ T8337] iommufd_mock iommufd_mock1: Adding to iommu group 0
[  378.252149][ T8318] bridge0: port 2(bridge_slave_1) entered disabled state
[  378.260249][ T8318] bridge0: port 1(bridge_slave_0) entered disabled state
[  378.870579][ T1279] ieee802154 phy0 wpan0: encryption failed: -22
[  378.877250][ T1279] ieee802154 phy1 wpan1: encryption failed: -22
[  379.467270][ T8318] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  379.560711][ T8318] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  380.528418][ T8318] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  380.556405][ T8318] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  380.583051][ T8318] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  380.595246][ T8318] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  383.346343][ T8371] comedi comedi2: reset error (fatal)
[  384.629581][ T8388] Bluetooth: MGMT ver 1.22
[  387.546477][ T5859] usb 1-1: new full-speed USB device number 13 using dummy_hcd
[  387.644774][ T8417] binder: 8416:8417 ioctl 4018620d 0 returned -22
[  387.682564][ T8417] binder: 8416:8417 ioctl c0306201 200000000300 returned -11
[  388.069358][ T8425] loop4: detected capacity change from 0 to 1024
[  388.109428][ T8425] EXT4-fs: Ignoring removed nomblk_io_submit option
[  388.201638][ T8425] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  388.296868][ T8425] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003]
[  388.356784][ T8425] System zones: 0-1, 3-36
[  388.416084][ T5859] usb 1-1: device descriptor read/all, error -71
[  388.433777][ T8425] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  389.552681][ T8096] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  389.555546][ T8438] loop0: detected capacity change from 0 to 512
[  389.626656][ T8438] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  389.823737][ T8438] EXT4-fs error (device loop0): ext4_orphan_get:1398: inode #15: comm syz.0.672: iget: bogus i_mode (5)
[  389.940975][ T8438] EXT4-fs error (device loop0): ext4_orphan_get:1403: comm syz.0.672: couldn't read orphan inode 15 (err -117)
[  390.020117][ T8438] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  390.133246][ T8438] ext2 filesystem being mounted at /175/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  392.332221][ T5768] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  392.477351][ T8471] binder: 8469:8471 ioctl 4018620d 0 returned -22
[  392.595701][ T8471] binder: 8469:8471 ioctl c0306201 200000000300 returned -11
[  395.426268][ T8492] ufs: You didn't specify the type of your ufs filesystem
[  395.426268][ T8492] 
[  395.426268][ T8492] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  395.426268][ T8492] 
[  395.426268][ T8492] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  395.457330][ T8492] ufs: ufstype=old is supported read-only
[  395.464196][ T8492] syz.0.684: attempt to access beyond end of device
[  395.464196][ T8492] loop1: rw=0, sector=16, nr_sectors = 2 limit=0
[  395.531551][ T8494] netlink: 'syz.2.683': attribute type 10 has an invalid length.
[  397.296956][ T8488] loop3: detected capacity change from 0 to 32768
[  397.411950][ T8513] ufs: You didn't specify the type of your ufs filesystem
[  397.411950][ T8513] 
[  397.411950][ T8513] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  397.411950][ T8513] 
[  397.411950][ T8513] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  397.443196][ T8513] ufs: ufstype=old is supported read-only
[  397.449470][ T8513] syz.0.688: attempt to access beyond end of device
[  397.449470][ T8513] loop1: rw=0, sector=16, nr_sectors = 2 limit=0
[  397.464203][ T8488] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 scanned by syz.3.682 (8488)
[  397.616450][ T8488] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  397.637757][ T8488] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm
[  397.666685][ T8488] BTRFS info (device loop3): using free space tree
[  397.686602][ T8523] loop2: detected capacity change from 0 to 512
[  397.721647][ T8523] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  397.786497][ T8523] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0102]
[  397.794634][ T8488] BTRFS info (device loop3): enabling ssd optimizations
[  397.814303][ T8538] binder: 8528:8538 ioctl 4018620d 0 returned -22
[  397.837270][ T8488] BTRFS info (device loop3): auto enabling async discard
[  397.896510][ T8523] EXT4-fs error (device loop2): ext4_iget_extra_inode:4732: inode #15: comm syz.2.689: corrupted in-inode xattr: e_value size too large
[  397.975720][ T8523] EXT4-fs error (device loop2): ext4_orphan_get:1403: comm syz.2.689: couldn't read orphan inode 15 (err -117)
[  398.033452][ T8548] loop4: detected capacity change from 0 to 512
[  398.071912][ T8523] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  398.078203][ T5766] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  398.126519][ T8548] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  398.228342][ T8548] EXT4-fs (loop4): orphan cleanup on readonly fs
[  398.248046][ T8548] EXT4-fs error (device loop4): ext4_ext_check_inode:520: inode #3: comm syz.4.691: pblk 0 bad header/extent: invalid eh_max - magic f30a, entries 7, max 0(0), depth 0(0)
[  398.337301][ T8548] EXT4-fs error (device loop4): ext4_quota_enable:7143: comm syz.4.691: Bad quota inode: 3, type: 0
[  398.393109][ T8548] EXT4-fs warning (device loop4): ext4_enable_quotas:7184: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[  398.425887][ T5767] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  398.475997][ T8548] EXT4-fs (loop4): Cannot turn on quotas: error -117
[  398.486491][ T5816] usb 1-1: new full-speed USB device number 15 using dummy_hcd
[  398.564411][ T8559] loop3: detected capacity change from 0 to 512
[  398.568321][ T8548] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  398.631813][ T8559] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  398.799810][ T8564] netlink: 'syz.2.694': attribute type 10 has an invalid length.
[  399.480940][ T8559] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  399.522648][ T5816] usb 1-1: unable to get BOS descriptor or descriptor too short
[  399.553198][ T5816] usb 1-1: not running at top speed; connect to a high speed hub
[  399.613990][ T8559] EXT4-fs (loop3): 1 truncate cleaned up
[  399.652969][ T5816] usb 1-1: config index 0 descriptor too short (expected 33938, got 146)
[  399.741692][ T8559] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  399.779020][ T5816] usb 1-1: config 234 has too many interfaces: 68, using maximum allowed: 32
[  399.806119][ T5816] usb 1-1: config 234 has an invalid descriptor of length 0, skipping remainder of the config
[  399.819023][ T8096] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  399.829446][ T5816] usb 1-1: config 234 has 1 interface, different from the descriptor's value: 68
[  399.897358][ T5816] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  399.921172][ T5816] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  399.966369][ T5816] usb 1-1: Product: syz
[  399.970702][ T5816] usb 1-1: Manufacturer: syz
[  399.975309][ T5816] usb 1-1: SerialNumber: syz
[  400.720098][ T5766] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  401.819848][ T5816] usb 1-1: USB disconnect, device number 15
[  402.244781][ T8600] ufs: You didn't specify the type of your ufs filesystem
[  402.244781][ T8600] 
[  402.244781][ T8600] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  402.244781][ T8600] 
[  402.244781][ T8600] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  402.276642][ T8600] ufs: ufstype=old is supported read-only
[  402.282596][ T8600] syz.2.699: attempt to access beyond end of device
[  402.282596][ T8600] loop5: rw=0, sector=16, nr_sectors = 2 limit=0
[  402.308191][ T8602] binder: 8601:8602 ioctl c0306201 0 returned -14
[  402.335871][ T8602] binder: 8601:8602 ioctl c0306201 200000000300 returned -11
[  402.724242][ T8610] loop0: detected capacity change from 0 to 128
[  402.794173][ T8610] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  402.801213][ T8612] loop4: detected capacity change from 0 to 512
[  402.817073][ T8610] hpfs: filesystem error: improperly stopped
[  402.823115][ T8610] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  402.838113][ T8610] hpfs: You really don't want any checks? You are crazy...
[  402.868116][ T8610] hpfs: hpfs_map_sector(): read error
[  402.874063][ T8612] EXT4-fs (loop4): failed to initialize system zone (-117)
[  402.883025][ T8612] EXT4-fs (loop4): mount failed
[  402.890237][ T8610] hpfs: code page support is disabled
[  402.904284][ T8610] hpfs: hpfs_map_4sectors(): unaligned read
[  402.911323][ T8610] hpfs: hpfs_map_4sectors(): unaligned read
[  402.919269][ T8610] hpfs: filesystem error: unable to find root dir
[  404.123585][ T8630] netlink: 'syz.0.704': attribute type 10 has an invalid length.
[  405.856508][ T5864] usb 1-1: new high-speed USB device number 16 using dummy_hcd
[  406.147736][ T5864] usb 1-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  406.182673][ T5864] usb 1-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  406.277984][ T5864] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 66
[  406.313219][ T5864] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9
[  406.364993][ T5864] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024
[  406.426175][ T5864] usb 1-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  406.446106][ T5864] usb 1-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  406.456411][ T5859] usb 5-1: new full-speed USB device number 2 using dummy_hcd
[  406.474077][ T5864] usb 1-1: Product: syz
[  406.484224][ T5864] usb 1-1: Manufacturer: syz
[  406.507338][ T5864] cdc_wdm 1-1:1.0: skipping garbage
[  406.534186][ T5864] cdc_wdm 1-1:1.0: skipping garbage
[  406.569934][ T5864] cdc_wdm 1-1:1.0: cdc-wdm0: USB WDM device
[  406.586490][ T5864] cdc_wdm 1-1:1.0: Unknown control protocol
[  406.677925][ T5859] usb 5-1: unable to get BOS descriptor or descriptor too short
[  406.707134][ T5859] usb 5-1: not running at top speed; connect to a high speed hub
[  406.736803][ T5859] usb 5-1: config index 0 descriptor too short (expected 33938, got 146)
[  406.806382][ T5859] usb 5-1: config 234 has too many interfaces: 68, using maximum allowed: 32
[  406.816039][    C1] cdc_wdm 1-1:1.0: nonzero urb status received: -71
[  406.822936][    C1] cdc_wdm 1-1:1.0: wdm_int_callback - 0 bytes
[  406.834184][ T5859] usb 5-1: config 234 has an invalid descriptor of length 0, skipping remainder of the config
[  406.836652][    C1] cdc_wdm 1-1:1.0: nonzero urb status received: -71
[  406.851079][    C1] cdc_wdm 1-1:1.0: wdm_int_callback - 0 bytes
[  406.858342][    C1] cdc_wdm 1-1:1.0: nonzero urb status received: -71
[  406.864984][    C1] cdc_wdm 1-1:1.0: wdm_int_callback - 0 bytes
[  406.871792][    C1] cdc_wdm 1-1:1.0: nonzero urb status received: -71
[  406.878418][    C1] cdc_wdm 1-1:1.0: wdm_int_callback - 0 bytes
[  406.884861][    C1] cdc_wdm 1-1:1.0: nonzero urb status received: -71
[  406.886428][ T5859] usb 5-1: config 234 has 1 interface, different from the descriptor's value: 68
[  406.891465][    C1] cdc_wdm 1-1:1.0: wdm_int_callback - 0 bytes
[  406.908418][    C1] cdc_wdm 1-1:1.0: nonzero urb status received: -71
[  406.915072][    C1] cdc_wdm 1-1:1.0: wdm_int_callback - 0 bytes
[  406.921580][    C1] cdc_wdm 1-1:1.0: nonzero urb status received: -71
[  406.928239][    C1] cdc_wdm 1-1:1.0: wdm_int_callback - 0 bytes
[  406.934680][    C1] cdc_wdm 1-1:1.0: nonzero urb status received: -71
[  406.941316][    C1] cdc_wdm 1-1:1.0: wdm_int_callback - 0 bytes
[  406.947745][    C1] cdc_wdm 1-1:1.0: nonzero urb status received: -71
[  406.954379][    C1] cdc_wdm 1-1:1.0: wdm_int_callback - 0 bytes
[  406.960858][    C1] cdc_wdm 1-1:1.0: nonzero urb status received: -71
[  406.967488][    C1] cdc_wdm 1-1:1.0: wdm_int_callback - 0 bytes
[  406.974399][   T27] usb 1-1: USB disconnect, device number 16
[  406.974461][    C1] cdc_wdm 1-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19
[  407.030015][ T5859] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  407.068068][ T5859] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  407.076123][ T5859] usb 5-1: Product: syz
[  407.106392][ T5859] usb 5-1: Manufacturer: syz
[  407.111093][ T5859] usb 5-1: SerialNumber: syz
[  407.364834][   T28] kauditd_printk_skb: 16 callbacks suppressed
[  407.364848][   T28] audit: type=1326 audit(1769677718.007:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8675 comm="syz.2.711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff04599aeb9 code=0x7ffc0000
[  407.436397][   T28] audit: type=1326 audit(1769677718.007:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8675 comm="syz.2.711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7ff04599aeb9 code=0x7ffc0000
[  407.478814][   T28] audit: type=1326 audit(1769677718.007:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8675 comm="syz.2.711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff04599aeb9 code=0x7ffc0000
[  407.530986][   T28] audit: type=1326 audit(1769677718.007:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8675 comm="syz.2.711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff04599aeb9 code=0x7ffc0000
[  407.554878][ T5859] usb 5-1: USB disconnect, device number 2
[  407.600117][   T28] audit: type=1326 audit(1769677718.007:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8675 comm="syz.2.711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=20 compat=0 ip=0x7ff04599aeb9 code=0x7ffc0000
[  407.892620][ T8686] sd 0:0:1:0: device reset
[  408.916493][   T28] audit: type=1326 audit(1769677718.007:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8675 comm="syz.2.711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff04599aeb9 code=0x7ffc0000
[  408.916551][   T28] audit: type=1326 audit(1769677718.007:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8675 comm="syz.2.711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff04599aeb9 code=0x7ffc0000
[  408.993755][ T8685] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  409.176835][ T8687] tty tty2: ldisc open failed (-12), clearing slot 1
[  409.555287][ T8701] netlink: 'syz.0.717': attribute type 10 has an invalid length.
[  411.676513][ T5087] Bluetooth: hci3: command tx timeout
[  412.035427][ T8726] loop2: detected capacity change from 0 to 256
[  412.821219][ T8726] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  412.887131][   T28] audit: type=1800 audit(1769677723.537:41): pid=8726 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.721" name="file1" dev="loop2" ino=1048603 res=0 errno=0
[  412.959341][   T28] audit: type=1800 audit(1769677723.557:42): pid=8726 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.721" name="file1" dev="loop2" ino=1048603 res=0 errno=0
[  413.200768][ T8731] FAT-fs (loop2): error, corrupted file size (i_pos 196, 16779008)
[  413.305382][ T8737] sd 0:0:1:0: device reset
[  413.892250][ T8731] FAT-fs (loop2): Filesystem has been set read-only
[  414.155125][ T8731] FAT-fs (loop2): error, corrupted file size (i_pos 196, 16779008)
[  414.816581][ T5809] usb 1-1: new high-speed USB device number 17 using dummy_hcd
[  415.036136][ T5809] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  415.346818][ T5864] usb 4-1: new full-speed USB device number 11 using dummy_hcd
[  415.819493][ T5809] usb 1-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  415.846457][ T5809] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  415.894102][ T5809] usb 1-1: config 0 descriptor??
[  415.980037][ T5864] usb 4-1: unable to get BOS descriptor or descriptor too short
[  415.992165][ T5864] usb 4-1: not running at top speed; connect to a high speed hub
[  416.022647][ T5864] usb 4-1: config index 0 descriptor too short (expected 33938, got 146)
[  416.059660][ T5864] usb 4-1: config 234 has too many interfaces: 68, using maximum allowed: 32
[  416.133216][ T5864] usb 4-1: config 234 has an invalid descriptor of length 0, skipping remainder of the config
[  416.269306][ T8783] netlink: 'syz.2.729': attribute type 10 has an invalid length.
[  416.334239][ T5864] usb 4-1: config 234 has 1 interface, different from the descriptor's value: 68
[  416.514619][ T5864] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  416.618225][ T5864] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  416.713744][ T5864] usb 4-1: Product: syz
[  416.755905][ T5864] usb 4-1: Manufacturer: syz
[  416.811747][ T5864] usb 4-1: SerialNumber: syz
[  416.842505][ T5809] keytouch 0003:0926:3333.0005: fixing up Keytouch IEC report descriptor
[  416.852122][ T8787] ufs: You didn't specify the type of your ufs filesystem
[  416.852122][ T8787] 
[  416.852122][ T8787] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  416.852122][ T8787] 
[  416.852122][ T8787] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  416.902859][ T5809] input: HID 0926:3333 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:0926:3333.0005/input/input15
[  416.924601][ T8787] ufs: ufstype=old is supported read-only
[  416.934069][ T8787] syz.4.730: attempt to access beyond end of device
[  416.934069][ T8787] loop9: rw=0, sector=16, nr_sectors = 2 limit=0
[  417.041529][ T8790] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  417.083452][ T5809] keytouch 0003:0926:3333.0005: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.0-1/input0
[  417.096840][ T8790] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  417.177175][ T5809] usb 1-1: USB disconnect, device number 17
[  417.352214][ T5864] usb 4-1: USB disconnect, device number 11
[  417.452386][ T8796] fido_id[8796]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/report_descriptor': No such file or directory
[  419.934792][ T8830] netlink: 'syz.2.739': attribute type 10 has an invalid length.
[  421.327096][ T8833] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  423.325868][ T8841] loop3: detected capacity change from 0 to 32768
[  423.405404][ T8841] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  423.441242][ T5809] usb 1-1: new full-speed USB device number 18 using dummy_hcd
[  423.679741][ T8841] XFS (loop3): Ending clean mount
[  423.698563][ T5809] usb 1-1: unable to get BOS descriptor or descriptor too short
[  423.748193][ T5809] usb 1-1: not running at top speed; connect to a high speed hub
[  423.785195][ T8841] XFS (loop3): Quotacheck needed: Please wait.
[  423.800753][ T5809] usb 1-1: config index 0 descriptor too short (expected 33938, got 146)
[  423.855739][ T5809] usb 1-1: config 234 has too many interfaces: 68, using maximum allowed: 32
[  423.916669][ T5809] usb 1-1: config 234 has an invalid descriptor of length 0, skipping remainder of the config
[  423.969085][ T5809] usb 1-1: config 234 has 1 interface, different from the descriptor's value: 68
[  423.983312][ T8841] XFS (loop3): Quotacheck: Done.
[  424.091718][ T5809] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  424.153841][ T5809] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  424.196586][ T5809] usb 1-1: Product: syz
[  424.200818][ T5809] usb 1-1: Manufacturer: syz
[  424.262026][ T5809] usb 1-1: SerialNumber: syz
[  424.586263][ T5766] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  425.032598][ T5809] usb 1-1: USB disconnect, device number 18
[  425.152096][ T8896] loop2: detected capacity change from 0 to 32768
[  425.247684][ T8908] netlink: 'syz.4.750': attribute type 10 has an invalid length.
[  425.262318][ T8908] 8021q: adding VLAN 0 to HW filter on device team0
[  425.276639][ T8908] bond0: (slave team0): Enslaving as an active interface with an up link
[  425.782830][ T8896] JBD2: Ignoring recovery information on journal
[  426.084676][ T8908] syz.4.750 (8908) used greatest stack depth: 20168 bytes left
[  426.154651][ T8896] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  426.592063][ T8917] 
[  426.594420][ T8917] ======================================================
[  426.601442][ T8917] WARNING: possible circular locking dependency detected
[  426.609004][ T8917] syzkaller #0 Not tainted
[  426.613434][ T8917] ------------------------------------------------------
[  426.620464][ T8917] syz.2.747/8917 is trying to acquire lock:
[  426.626374][ T8917] ffff888059a94da0 (&oi->ip_alloc_sem){+.+.}-{3:3}, at: ocfs2_try_remove_refcount_tree+0xb7/0x340
[  426.637015][ T8917] 
[  426.637015][ T8917] but task is already holding lock:
[  426.644397][ T8917] ffff888059a94e38 (&oi->ip_xattr_sem){++++}-{3:3}, at: ocfs2_try_remove_refcount_tree+0xa5/0x340
[  426.655045][ T8917] 
[  426.655045][ T8917] which lock already depends on the new lock.
[  426.655045][ T8917] 
[  426.665459][ T8917] 
[  426.665459][ T8917] the existing dependency chain (in reverse order) is:
[  426.674487][ T8917] 
[  426.674487][ T8917] -> #3 (&oi->ip_xattr_sem){++++}-{3:3}:
[  426.682335][ T8917]        down_read+0x46/0x2e0
[  426.687038][ T8917]        ocfs2_init_acl+0x30a/0x770
[  426.692267][ T8917]        ocfs2_mknod+0x140f/0x2300
[  426.697394][ T8917]        ocfs2_create+0x196/0x430
[  426.702438][ T8917]        path_openat+0x12a0/0x3230
[  426.707567][ T8917]        do_filp_open+0x1f5/0x430
[  426.712615][ T8917]        do_sys_openat2+0x134/0x1d0
[  426.717847][ T8917]        __x64_sys_openat+0x139/0x160
[  426.723237][ T8917]        do_syscall_64+0x55/0xa0
[  426.728200][ T8917]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  426.734642][ T8917] 
[  426.734642][ T8917] -> #2 (&journal->j_trans_barrier){.+.+}-{3:3}:
[  426.743190][ T8917]        down_read+0x46/0x2e0
[  426.747897][ T8917]        ocfs2_start_trans+0x3a8/0x6f0
[  426.753386][ T8917]        ocfs2_modify_bh+0xe4/0x4c0
[  426.758605][ T8917]        ocfs2_local_read_info+0x1445/0x1800
[  426.764609][ T8917]        dquot_load_quota_sb+0x757/0xb80
[  426.770272][ T8917]        dquot_load_quota_inode+0x2dc/0x5d0
[  426.776187][ T8917]        ocfs2_enable_quotas+0x1c9/0x490
[  426.781848][ T8917]        ocfs2_fill_super+0x417d/0x5010
[  426.787412][ T8917]        mount_bdev+0x221/0x2d0
[  426.792282][ T8917]        legacy_get_tree+0xea/0x180
[  426.797499][ T8917]        vfs_get_tree+0x8c/0x280
[  426.802454][ T8917]        do_new_mount+0x24b/0xa40
[  426.807506][ T8917]        __se_sys_mount+0x2e7/0x3d0
[  426.812726][ T8917]        do_syscall_64+0x55/0xa0
[  426.817702][ T8917]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  426.818147][   T28] audit: type=1326 audit(1769677737.457:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8928 comm="syz.0.753" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdaa3d9aeb9 code=0x7ffc0000
[  426.824115][ T8917] 
[  426.824115][ T8917] -> #1 (sb_internal#4){.+.+}-{0:0}:
[  426.824147][ T8917]        ocfs2_start_trans+0x2a9/0x6f0
[  426.824165][ T8917]        ocfs2_truncate_file+0x631/0x1440
[  426.824184][ T8917]        ocfs2_setattr+0x158d/0x1bc0
[  426.824204][ T8917]        notify_change+0xb0d/0xe10
[  426.824221][ T8917]        do_truncate+0x1b0/0x240
[  426.824236][ T8917]        path_openat+0x2a32/0x3230
[  426.824250][ T8917]        do_filp_open+0x1f5/0x430
[  426.824261][ T8917]        do_sys_openat2+0x134/0x1d0
[  426.824278][ T8917]        __x64_sys_openat+0x139/0x160
[  426.824294][ T8917]        do_syscall_64+0x55/0xa0
[  426.824314][ T8917]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  426.824330][ T8917] 
[  426.824330][ T8917] -> #0 (&oi->ip_alloc_sem){+.+.}-{3:3}:
[  426.824354][ T8917]        __lock_acquire+0x2df1/0x7d40
[  426.824370][ T8917]        lock_acquire+0x19e/0x420
[  426.824385][ T8917]        down_write+0x97/0x200
[  426.824406][ T8917]        ocfs2_try_remove_refcount_tree+0xb7/0x340
[  426.824423][ T8917]        ocfs2_truncate_file+0xde5/0x1440
[  426.909915][   T28] audit: type=1326 audit(1769677737.457:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8928 comm="syz.0.753" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdaa3d9aeb9 code=0x7ffc0000
[  426.912401][ T8917]        ocfs2_setattr+0x158d/0x1bc0
[  426.930518][   T28] audit: type=1326 audit(1769677737.457:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8928 comm="syz.0.753" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fdaa3d9aeb9 code=0x7ffc0000
[  426.930742][ T8917]        notify_change+0xb0d/0xe10
[  426.946694][   T28] audit: type=1326 audit(1769677737.457:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8928 comm="syz.0.753" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdaa3d9aeb9 code=0x7ffc0000
[  426.947679][ T8917]        do_truncate+0x1b0/0x240
[  427.021276][   T28] audit: type=1326 audit(1769677737.467:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8928 comm="syz.0.753" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fdaa3d9aeb9 code=0x7ffc0000
[  427.024139][ T8917]        path_openat+0x2a32/0x3230
[  427.056186][ T8917]        do_filp_open+0x1f5/0x430
[  427.056430][   T28] audit: type=1326 audit(1769677737.467:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8928 comm="syz.0.753" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdaa3d9aeb9 code=0x7ffc0000
[  427.061204][ T8917]        do_sys_openat2+0x134/0x1d0
[  427.061226][ T8917]        __x64_sys_openat+0x139/0x160
[  427.093833][ T8917]        do_syscall_64+0x55/0xa0
[  427.098789][ T8917]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  427.105227][ T8917] 
[  427.105227][ T8917] other info that might help us debug this:
[  427.105227][ T8917] 
[  427.115463][ T8917] Chain exists of:
[  427.115463][ T8917]   &oi->ip_alloc_sem --> &journal->j_trans_barrier --> &oi->ip_xattr_sem
[  427.115463][ T8917] 
[  427.129755][ T8917]  Possible unsafe locking scenario:
[  427.129755][ T8917] 
[  427.137211][ T8917]        CPU0                    CPU1
[  427.142583][ T8917]        ----                    ----
[  427.146500][   T28] audit: type=1326 audit(1769677737.467:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8928 comm="syz.0.753" exe="/root/syz-executor" sig=0 arch=c000003e syscall=20 compat=0 ip=0x7fdaa3d9aeb9 code=0x7ffc0000
[  427.147936][ T8917]   lock(&oi->ip_xattr_sem);
[  427.174501][ T8917]                                lock(&journal->j_trans_barrier);
[  427.182325][ T8917]                                lock(&oi->ip_xattr_sem);
[  427.189453][ T8917]   lock(&oi->ip_alloc_sem);
[  427.194055][ T8917] 
[  427.194055][ T8917]  *** DEADLOCK ***
[  427.194055][ T8917] 
[  427.202210][ T8917] 3 locks held by syz.2.747/8917:
[  427.207246][ T8917]  #0: ffff888023ae2418 (sb_writers#23){.+.+}-{0:0}, at: mnt_want_write+0x41/0x90
[  427.216514][ T8917]  #1: ffff888059a95118 (&sb->s_type->i_mutex_key#29){+.+.}-{3:3}, at: do_truncate+0x19c/0x240
[  427.226422][   T28] audit: type=1326 audit(1769677737.467:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8928 comm="syz.0.753" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdaa3d9aeb9 code=0x7ffc0000
[  427.226875][ T8917]  #2: ffff888059a94e38 (&oi->ip_xattr_sem){++++}-{3:3}, at: ocfs2_try_remove_refcount_tree+0xa5/0x340
[  427.260074][ T8917] 
[  427.260074][ T8917] stack backtrace:
[  427.265975][ T8917] CPU: 1 PID: 8917 Comm: syz.2.747 Not tainted syzkaller #0
[  427.273279][ T8917] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  427.283353][ T8917] Call Trace:
[  427.286644][ T8917]  <TASK>
[  427.289584][ T8917]  dump_stack_lvl+0x18c/0x250
[  427.294284][ T8917]  ? load_image+0x400/0x400
[  427.298801][ T8917]  ? show_regs_print_info+0x20/0x20
[  427.298927][   T28] audit: type=1326 audit(1769677737.467:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8928 comm="syz.0.753" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdaa3d9aeb9 code=0x7ffc0000
[  427.304006][ T8917]  ? print_circular_bug+0x12b/0x1a0
[  427.304029][ T8917]  check_noncircular+0x2fc/0x400
[  427.336266][ T8917]  ? print_deadlock_bug+0x5d0/0x5d0
[  427.341495][ T8917]  ? lockdep_lock+0xf5/0x230
[  427.346111][ T8917]  ? lockdep_unlock+0x146/0x2e0
[  427.350983][ T8917]  ? _find_first_zero_bit+0xd3/0x100
[  427.356287][ T8917]  __lock_acquire+0x2df1/0x7d40
[  427.361165][ T8917]  ? verify_lock_unused+0x140/0x140
[  427.366390][ T8917]  lock_acquire+0x19e/0x420
[  427.370913][ T8917]  ? ocfs2_try_remove_refcount_tree+0xb7/0x340
[  427.377077][ T8917]  ? __might_sleep+0xe0/0xe0
[  427.381657][ T8917]  ? read_lock_is_recursive+0x20/0x20
[  427.387023][ T8917]  down_write+0x97/0x200
[  427.391254][ T8917]  ? ocfs2_try_remove_refcount_tree+0xb7/0x340
[  427.397396][ T8917]  ? down_read_killable+0x340/0x340
[  427.402609][ T8917]  ? ocfs2_truncate_file+0xd0b/0x1440
[  427.407967][ T8917]  ? __lock_acquire+0x7d40/0x7d40
[  427.412976][ T8917]  ocfs2_try_remove_refcount_tree+0xb7/0x340
[  427.418991][ T8917]  ? ocfs2_remove_refcount_tree+0xe50/0xe50
[  427.424974][ T8917]  ? up_write+0x1c3/0x410
[  427.429330][ T8917]  ocfs2_truncate_file+0xde5/0x1440
[  427.434565][ T8917]  ? ocfs2_simple_size_update+0x4a0/0x4a0
[  427.440327][ T8917]  ? do_raw_spin_unlock+0x121/0x230
[  427.445550][ T8917]  ? _raw_spin_unlock+0x28/0x40
[  427.450430][ T8917]  ? ocfs2_inode_lock_tracker+0x437/0x700
[  427.456180][ T8917]  ? ocfs2_inode_lock_atime+0x530/0x530
[  427.461753][ T8917]  ? ocfs2_rw_lock+0x138/0x250
[  427.466541][ T8917]  ? dquot_initialize+0x20/0x20
[  427.471424][ T8917]  ? ocfs2_create_new_inode_locks+0x690/0x690
[  427.477511][ T8917]  ? setattr_prepare+0x1e6/0xac0
[  427.482471][ T8917]  ? jbd2_journal_begin_ordered_truncate+0xbb/0x150
[  427.489087][ T8917]  ocfs2_setattr+0x158d/0x1bc0
[  427.493886][ T8917]  ? ocfs2_extend_allocation+0x1840/0x1840
[  427.499718][ T8917]  ? ktime_get_coarse_real_ts64+0x3a/0x120
[  427.505546][ T8917]  ? seqcount_lockdep_reader_access+0x191/0x1d0
[  427.511821][ T8917]  ? ktime_get_coarse_real_ts64+0x110/0x120
[  427.517743][ T8917]  ? current_time+0x195/0x280
[  427.522442][ T8917]  ? inode_set_ctime_current+0x2e0/0x2e0
[  427.528094][ T8917]  ? evm_inode_setattr+0x94/0x6a0
[  427.533146][ T8917]  ? bpf_lsm_inode_setattr+0x9/0x10
[  427.538363][ T8917]  ? try_break_deleg+0x79/0x120
[  427.543234][ T8917]  ? ocfs2_extend_allocation+0x1840/0x1840
[  427.549065][ T8917]  notify_change+0xb0d/0xe10
[  427.553771][ T8917]  do_truncate+0x1b0/0x240
[  427.558209][ T8917]  ? put_page_bootmem+0x2c0/0x2c0
[  427.563248][ T8917]  ? apparmor_file_truncate+0x24a/0x2e0
[  427.568818][ T8917]  ? ima_bprm_check+0x200/0x200
[  427.573700][ T8917]  path_openat+0x2a32/0x3230
[  427.578322][ T8917]  ? verify_lock_unused+0x140/0x140
[  427.583544][ T8917]  ? do_filp_open+0x430/0x430
[  427.588246][ T8917]  ? __virt_addr_valid+0x18c/0x540
[  427.593387][ T8917]  do_filp_open+0x1f5/0x430
[  427.597914][ T8917]  ? vfs_tmpfile+0x490/0x490
[  427.602535][ T8917]  ? _raw_spin_unlock+0x28/0x40
[  427.607409][ T8917]  ? alloc_fd+0x58f/0x630
[  427.611760][ T8917]  do_sys_openat2+0x134/0x1d0
[  427.616455][ T8917]  ? do_sys_open+0xe0/0xe0
[  427.620935][ T8917]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  427.626943][ T8917]  ? lock_chain_count+0x20/0x20
[  427.631817][ T8917]  __x64_sys_openat+0x139/0x160
[  427.636699][ T8917]  do_syscall_64+0x55/0xa0
[  427.641137][ T8917]  ? clear_bhb_loop+0x40/0x90
[  427.645835][ T8917]  ? clear_bhb_loop+0x40/0x90
[  427.650536][ T8917]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  427.656466][ T8917] RIP: 0033:0x7ff04599aeb9
[  427.660900][ T8917] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  427.680613][ T8917] RSP: 002b:00007ff043bd5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  427.689047][ T8917] RAX: ffffffffffffffda RBX: 00007ff045c16090 RCX: 00007ff04599aeb9
[  427.697032][ T8917] RDX: 000000000000275a RSI: 0000200000000140 RDI: ffffffffffffff9c
[  427.705018][ T8917] RBP: 00007ff045a08c1f R08: 0000000000000000 R09: 0000000000000000
[  427.712997][ T8917] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  427.720977][ T8917] R13: 00007ff045c16128 R14: 00007ff045c16090 R15: 00007ffc272dd178
[  427.728963][ T8917]  </TASK>
[  427.821388][ T5767] ocfs2: Unmounting device (7,2) on (node local)