last executing test programs:

3.957420364s ago: executing program 0 (id=978):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NFC_CMD_GET_TARGET(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x14, 0x0, 0x4}, 0x14}}, 0x0)
syz_genetlink_get_family_id$nfc(&(0x7f0000000140), r0)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000300), r0)
sendmsg$NL802154_CMD_NEW_INTERFACE(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000001c0)={0x14, r1, 0x1, 0x70bd2c, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x4000004}, 0x4000)

3.889018011s ago: executing program 0 (id=981):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20020844}, 0x0)
r0 = add_key$user(&(0x7f0000000200), &(0x7f0000000440), &(0x7f00000000c0), 0x14b, 0xfffffffffffffffd)
r1 = add_key(&(0x7f0000000200)='user\x00', &(0x7f0000000240)={'syz', 0x0}, &(0x7f00000002c0)='4', 0xba, 0xfffffffffffffffe)
keyctl$dh_compute(0x17, &(0x7f0000000080)={r1, r0, r1}, 0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={'blake2b-384-generic\x00'}})

3.831436107s ago: executing program 0 (id=983):
syz_emit_ethernet(0x66, &(0x7f0000000040)={@link_local, @dev, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "f53a04", 0x30, 0x3a, 0x0, @remote, @mcast2, {[], @param_prob={0x2, 0x0, 0x0, 0x500, {0x0, 0x6, "508359", 0x0, 0x0, 0x0, @private1, @mcast1}}}}}}}, 0x0)
r0 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="4800000010001fff0000056800080000faff0000", @ANYRES32=0x0, @ANYBLOB="c30c424700000000280012800a00010076786c616e00000018000280140010"], 0x48}}, 0x0)
sendmmsg$alg(r0, &(0x7f00000000c0), 0x492492492492627, 0x0)

3.751578863s ago: executing program 0 (id=984):
r0 = syz_open_dev$admmidi(&(0x7f0000000140), 0x20, 0x0)
ioctl$SNDRV_RAWMIDI_IOCTL_PARAMS(r0, 0xc0305710, &(0x7f0000000440)={0x1, 0x7f, 0x5, 0x0, 0x10001000})
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x80383, 0x0)
read$midi(r0, 0x0, 0x43)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0xe042, 0x0)

2.717812024s ago: executing program 0 (id=990):
socket$inet(0x2, 0x3, 0x6)
openat(0xffffffffffffff9c, &(0x7f0000000580)='./file0\x00', 0x842cc0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0x6, 0x4, &(0x7f0000000080)=ANY=[], 0x0, 0x9}, 0x94)
openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x8)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
syz_mount_image$xfs(&(0x7f0000009700), &(0x7f0000009740)='./file0\x00', 0x4000000, &(0x7f0000000800)={[{@filestreams}, {@noquota}, {@discard}, {@pquota}, {@dax}, {@dax}, {@gqnoenforce}, {@usrquota}, {@largeio}]}, 0x1, 0x9833, &(0x7f000001c740)="$eJzs3QWcrWWhsP3ZsIFNhyJYgJSYpIQo0qGIkqKEdEgKiIDSoYQKioACCiiIdHc3SHd3d3d8vw0bkO0Fh/N+5z3wcl3Xzz1rVsyae93/536cNc+w1pLzLjrnwMA4A2/05unbnbPb7csuNuaC6x27y+Dr9t5xoYeGXTzyGyfjzj7sdI5hp3MODAwMGnY/g964bPBsxxw7wsDggaH/e7sxRh1thDEGBkYbdnbY/QzM9MbJ6Ae8ebvXhosHOsnQb7fDG/9eb8yhdzL0k6WXe2XtgYGBIf/29UPHNc1/PFBpS84x37xvW73lNsKwqwe9fd3rp4Pf+Df6fgMDo+8z8O7bx9DbjvRvX/u/2dDvOc5kA4vf/gF87//nWnKO+RYYzn/oWhxx2GUzDV3jw69BY8Nv5zsuusYDw6Zw0LCJG/xv6+WD2O7/j1pyjnkXHHj3dTyw0Dyb3v/a6/vNwXMPDAyeZ2Bg8LwDA4Pn+6A96n+mD3Tjq6qqqg+kOeacfuhz9hGG+3lgyJs/19LPhRe8PO3dAwODF3rjeeLg5d58LlhVVVVVVVVVH87mmHP6ueD5/zjv9fx/kpO3Gfe9n/+P8gE8kqqqqqqqqqp6txaYY87phz7XH+75/4Tv9fz/8QcP3f+Nv/2ffaY3vurVD/ZBVFVVVVVVVdV7Nu8C+Px/kvd6/n/RMZNc2vP/qqqqqqqqqv93WuS1117b/N9eZ2/YxVO9ef3rz/8HBr/j+f+p9926zAc24Kqqqqqqqqr6b/fqIyed9vZrvk80MNzrvb/esN8LDDrijMsv/8AG+uFo0H/+PcQWH/SY/v821HnIQZMMDKy9+Ac9lPoA+n/mterr/0r5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+4dzn+/9br/5961Ipvvhf856eY/vqT3v7K19/7f/BCCzyy5Qc09A+ij+rx/4HVBw0MDPMdZ/WBgYGF5lhksakGBgZOun76KSYfeOu6mYdeN+t4I77+BvFv/mci84z7b/c24tufbjHpG6dDN5SBj791H0e8fv8LvLbviIOGG8S/Ne5x+++/2pLPzTD86ZTv/jhGeOuzMY998M3/lmWE4W405F2++M37f/OxDO88bOxTDR371Buste7U62+8yVdWX2v5VVdedeW1Z5luxmlnmGWWGWecepXV11x5mjc+vtucTfL6x7nG5XG8Y87GGH7OHpnj3+ds+Mf2bnM2yXvP2ev3uOuFQ7715pwN/m/O2VzvPWeTrD7sG407+0gDy70+N4MGBsade6SBjYaemXaUgYFx5xl22wmH3vYb440wMLDz2w900LB3FHnjNoO2GHqbJedddM43dlMDA2+fvt27vJ/9yMNGPvuw0zmGnc75xrcZZ+DtTXHwbMccO8LQuXjHdIwx6mgjjDEwMNqws8PuZ2CWN05GO/nN273L+6wPN9DXX2Zlhzf+vd6YAwMDow/9ZKLlT9126NT/L7xP+//R////h9fMg97aHgcN+zfsNm94zTHfAm9/r9enYfZhe4uhl8001OR/+K3t39F/jHeSIQOTvMd43+N1cV6Ptq81Txp/q/+p18Wh8U74HuN9j9fxfdfxLnH3Hg+8cVf/Y+Mdbl+34OsfZ38/+7qB997XjUh3sPIlnx1+X/eddx/iO3aXb87R8O9U9G77ugn3mniLofc/+3vv6xYcOvaR3rGvG2FgYNy53tzXDd3xzTvSwM5Dz0w39Mx8Iw0cOPTM9K+fGXXgjKFnvrriOmuuNPSC+f9zO5hq0Dv+QBPW2bzDrbNB//bYBw33952D3zgdfb8338PpXfabg4Y9rP9yX0Hb7TjvMd73eP8pnOehl6105JDx/6fef5rGO+S9x/tu75f9ruPd6dlTb/8fHu9b62ykf5uu+d/POpvknets6EMc8d9Wxvv9OWwluP0bn0/41r1tuNmDb/1MMdJw9/tf/Uwx/3uvs3FWH+7rtt9nYNB7zc1872duPvMf+6At/31u3u/PW1NN9sb1I77H3Iwyy7JTvjk3I/8352a+/+7czD4w4jvnZvDAPAMDA5MP2z/M+37mZsL3npv3u92MBrd/4/OV37po7h0POu/NuRl+Lv6ruZn3vzs3k7y13Uz++nWTjjAw8sgDGy2/wQbrTfvGxzfPTvfGx/deg3O/n7kc539mLj81+N3m8u1NdYy7L93vv1iD/7FPf/P+5/7vzuXAW3M5sPrwi6U+rPX7P3f5u8vfXf7u8neXv7v8xb3L8f+3Xv9/93Fm3WXYLzdGunTiCbb7oMf7AfeRPv4/zPcdx/+3m2DiS0cYeOu69zw++8ZtPpTHZ2d642T0A9683fDHB3mg7358dp9ZZtrmf+n47P9Rb67V9/F7uPb/7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3Hvcvx/mjf/DuC+aRd+ctiB0JEe2nqphT/o8X7AfaSP/w/zfcfx/4WX2vqhEQbeuu49j/+/cRvH8f87X5p3pw/z8f8312rH/+u/KH93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yF/cux/9nf/PvAA49dI9N3vx7gKvH3eGkD3q8H3Af1eP/vf+/t/b/7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3HDjv8PDPf2lt9vu8Dg+P//272L/8L5Yxb/RfLHLP6L5o9Z/BfLH7P4L54/ZvFfIn/M4v+D/DGL/5L5Yxb/H+aPWfx/lD9m8V8qf8ziv3T+mMV/mfwxi/+y+WMW/x/nj1n8l8sfs/gvnz9m8V8hf8ziv2L+mMV/pfwxi//K+WMW/1Xyxyz+q+aPWfxXyx+z+K+eP2bx/0n+mMV/jfwxi/+a+WMW/7UGBkb8gEb0oc7iv3brH7P4r5M/ZvFfN3/M4v/T/DGL/3r5Yxb/9fPHLP4b5I9Z/H+WP2bx3zB/zOL/8/wxi/9G+WMW/43zxyz+m+SPWfx/kT9m8f9l/pjFf9P8MYv/ZvljFv/N88cs/lvkj1n8t8wfs/hvlT9m8d86f8ziv03+mMV/2/wxi/92+WMW/1/lj1n8f50/ZvHfPn/M4r9D/pjFf8f8MYv/TvljFv/f5I9Z/H+bP2bx/13+mMV/5/wxi/8u+WMW/9/nj1n8/5A/ZvHfNX/M4v/H/DGL/275Yxb/3fPHLP575I9Z/P+UP2bx/3P+mMV/z/wxi/9e+WMW/73zxyz+f8kfs/j/NX/M4r9P/pjFf9/8MYv/fvljFv+/5Y9Z/P+eP2bx3z9/zOJ/QP6Yxf8f+WMW/wPzxyz+/8wfs/gflD9m8T84f8zif0j+mMX/0Pwxi/9h+WMW/8Pzxyz+R+SPWfyPzB+z+B+VP2bxPzp/zOJ/TP6Yxf/Y/DGL/3H5Yxb/4/PHLP4n5I9Z/E/MH7P4n5Q/ZvE/OX/M4n9K/pjF/9T8MYv/afljFv/T88cs/mfkj1n8z8wfs/iflT9m8T87f8zif07+mMX/3Pwxi/95+WMW//Pzxyz+F+SPWfwvzB+z+F+UP2bx/1f+mMX/4vwxi/8l+WMW/0vzxyz+l+WPWfwvzx+z+F+RP2bxvzJ/zOJ/Vf6Yxf/q/DGL/zX5Yxb/a/PHLP7X5Y9Z/K/PH7P435A/ZvG/MX/M4n9T/pjF/+b8MYv/LfljFv9b88cs/re9T/8V/i8N68Oaxf/21j9m8b8jf8zif2f+mMX/rvwxi//d+WMW/3vyxyz+9+aPWfzvyx+z+N+fP2bxfyB/zOL/YP6Yxf+h/DGL/8P5Yxb/R/LHLP6P5o9Z/B/LH7P4P54/ZvF/In/M4v9k/pjF/6n8MYv/0/ljFv9n8scs/s/mj1n8n8sfs/g/nz9m8X8hf8zi/2L+mMX/pfwxi//L+WMW/1fyxyz+r+aPWfxfyx+T+A8ayB+z+A/KH7P4j5A/ZvEfMX/M4j84f8ziP1L+mMV/5Pwxi/8o+WMW/yH5Yxb/UfPHLP6j5Y9Z/EfPH7P4j5E/ZvEfM3/M4j9W/pjFf+z8MYv/OPljFv9x88cs/uPlj1n8P5Y/ZvH/eP6YxX/8/DGL/yfyxyz+E+SPWfwnzB+z+H8yf8zi/6n8MYv/p/PHLP6fyR+z+H82f8ziP1H+mMV/4vwxi/8k+WMW/8/lj1n8J33Tf8gHNK4PaRb/yVr/mMV/8vwxi/8U+WMW/ynzxyz+n88fs/hPlT9m8f9C/pjF/4v5Yxb/L+WPWfy/nD9m8f9K/pjF/6v5Yxb/qfPHLP7T5I9Z/KfNH7P4T5c/ZvGfPn/M4j9D/pjF/2v5Yxb/GfPHLP4z5Y9Z/GfOH7P4z5I/ZvH/ev6YxX/W/DGL/zfyxyz+38wfs/jPlj9m8f9W/pjFf/b8MYv/HPljFv8588cs/nPlj1n8584fs/jPkz9m8Z83f8ziP1/+mMV//vwxi/8C+WMW/2/nj1n8v5M/ZvFfMH/M4v/d/DGL/0L5Yxb/7+WPWfy/nz9m8V84f8ziv0j+mMV/0fwxi/9i+WMW/8Xzxyz+S+SPWfx/kD9m8V8yf8zi/8P8MYv/j/LHLP5L5Y9Z/JfOH7P4L5M/ZvFfNn/M4v/j/DGL/3L5Yxb/5fPHLP4r5I9Z/FfMH7P4r5Q/ZvFfOX/M4r9K/pjFf9X8MYv/avljFv/V88cs/j/JH7P4r5E/ZvFfM3/M4r9W/pjFf+38MYv/OvljFv9188cs/j/NH7P4r5c/ZvFfP3/M4r9B/pjF/2f5Yxb/DfPHLP4/zx+z+G+UP2bx3zh/zOK/Sf6Yxf8X+WMW/1/mj1n8N80fs/hvlj9m8d88f8ziv0X+mMV/y/wxi/9W+WMW/63zxyz+2+SPWfy3zR+z+G+XP2bx/1X+mMX/1/ljFv/t88cs/jvkj1n8d8wfs/jvlD9m8f9N/pjF/7f5Yxb/3+WPWfx3zh+z+O+SP2bx/33+mMX/D/ljFv9d88cs/n/MH7P475Y/ZvHfPX/M4r9H/pjF/0/5Yxb/P+ePWfz3zB+z+O+VP2bx3zt/zOL/l/wxi/9f88cs/vvkj1n8980fs/jvlz9m8f9b/pjF/+/5Yxb//fPHLP4H5I9Z/P/xTv97/9fH9SHN4n9g6x+z+P8zf8zif1D+mMX/4Pwxi/8h+WMW/0Pzxyz+h+WPWfwPzx+z+B+RP2bxPzJ/zOJ/VP6Yxf/o/DGL/zH5Yxb/Y/PHLP7H5Y9Z/I/PH7P4n5A/ZvE/MX/M4n9S/pjF/+T8MYv/KfljFv9T88cs/qflj1n8T88fs/ifkT9m8T8zf8zif1b+mMX/7Pwxi/85+WMW/3Pzxyz+5+WPWfzPzx+z+F+QP2bxvzB/zOJ/Uf6YxP/18v/PJP6DLs4fs/hfkj9m8b80f8zif1n+mMX/8vwxi/8V+WMW/yvzxyz+V+WPWfyvzh+z+F+TP2bxvzZ/zOJ/Xf6Yxf/6/DGL/w35Yxb/G/PHLP435Y9Z/G/OH7P435I/ZvG/NX/M4n9b/pjF//b8MYv/HfljFv8788cs/nflj1n8784fs/jfkz9m8b83f8zif1/+mMX//vwxi/8D+WMW/wfzxyz+D+WPWfwfzh+z+D+SP2bxfzR/zOL/WP6Yxf/x/DGL/xP5Yxb/J/PHLP5P5Y9Z/J/OH7P4P5M/ZvF/Nn/M4v9c/pjF//n8MYv/C/mPTBda/F/MH7P4v5Q/ZvF/OX/M4v9K/pjF/9X8MYv/a/ljEv/XP83/P7P4D8ofs/iPkD9m8R8xf8ziPzh/zOI/Uv6YxX/k/DGL/yj5Yxb/IfljFv9R88cs/qPlj1n8R88fs/iPkT9m8R8zf8ziP1b+mMV/bLn/4He53OI/jtz/3bL4j5s/ZvEfL3/M4v+x/DGL/8fzxyz+4+ePWfw/kT9m8Z8gf8ziP2H+mMX/k/ljFv9P5Y9Z/D+dP2bx/0z+mMX/s/ljFv+J8scs/hPnj1n8J8kfs/h/Ln/M4j9p/pjFf7L8MYv/5PljFv8p8scs/lPmj1n8P58/ZvGfKn/M4v+F/DGL/xfzxyz+X8ofs/h/OX/M4v+V/DGL/1fzxyz+U+ePWfynyR8bdM5uIw0MDHzk/afNH7Os/+nyxyz+0+ePWfxnyB+z+H8tf8ziP2P+mMV/pvwxi//M+WMW/1nyxyz+X88fs/jPmj9m8f9G/pjF/5v5Yxb/2fLHLP7fyh+z+M+eP2bxnyN/zOI/Z/6YxX+u/DGL/9z5Yxb/efLHLP7z5o9Z/OfLH7P4z58/ZvFfIH/M4v/t/DGL/3fyxyz+C+aPWfy/mz9m8V8of8zi/738MYv/9/PHLP4L549Z/BfJH7P4L5o/ZvFfLH/M4r94/pjFf4n8MYv/D/LHLP5L5o9Z/H+YP2bx/1H+mMV/qfwxi//S+WMW/2Xyxyz+y+aPWfx/nD9m8V8uf8ziv3z+mMV/hfwxi/+K+WMW/5Xyxyz+K+ePWfxXyR+z+K+aP2bxXy1/zOK/ev6Yxf8n+WMW/zXyxyz+a+aPWfzXyh+z+K+dP2bxXyd/zOK/bv6Yxf+n+WMW//Xyxyz+6+ePWfw3yB+z+P8sf8ziv2H+mMX/5/ljFv+N8scs/hvnj1n8N8kfs/j/In/M4v/L/DGL/6b5Yxb/zfLHLP6b549Z/LfIH7P4b5k/ZvHfKn/M4r91/pjFf5v8MYv/tvljFv/t8scs/r/KH7P4/zp/zOK/ff6YxX+H/DGL/475Yxb/nfLHLP6/yR+z+P82f8zi/7v8MYv/zvljFv9d8scs/r/PH7P4/yF/zOK/a/6Yxf+P+WMW/93yxyz+u+ePWfz3yB+z+P8pf8zi/+f8MYv/nvljFv+98scs/nvnj1n8/5I/ZvH/a/6YxX+f/DGL/775Yxb//fLHLP5/yx+z+P89f8ziv3/+mMX/gPwxi/8/8scs/gfmj1n8/5k/ZvE/KH/M4n9w/pjF/5D8MYv/ofljFv/D8scs/ofnj1n8j8gfs/gfmT9m8T8qf8zif3T+mMX/mPwxi/+x+WMW/+Pyxyz+x+ePWfxPyB+z+J+YP2bxPyl/zOJ/cv6Yxf+U/DGL/6n5Yxb/0/LHLP6n549Z/M/IH7P4n5k/ZvE/K3/M4n92/pjF/5z8MYv/ufljFv/z8scs/ufnj1n8L8gfs/hfmD9m8b8of8zi/69/93/iAxjXhzSL/8Wtf8zif0n+mMX/0vwxi/9l+WMW/8vzxyz+V+SPWfyvzB+z+F+VP2bxvzp/zOJ/Tf6Yxf/a/DGL/3X5Yxb/6/PHLP435I9Z/G/MH7P435Q/ZvG/Gf2H/O+N60Oaxf+W1j9m8b81f8zif1v+mMX/9vwxi/8d+WMW/zvzxyz+d+WPWfzvzh+z+N+TP2bxvzd/zOJ/X/6Yxf/+/DGL/wP5Yxb/B/PHLP4P5Y9Z/B/OH7P4P5I/ZvF/NH/M4v9Y/pjF//H8MYv/E/ljFv8n88cs/k/lj1n8n84fs/g/kz9m8X82f8zi/1z+mMX/+fwxi/8L+WMW/xfzxyz+L+WPWfxfzh+z+L+SP2bxfzV/zOL/Wv6YxH/Egfwxi/+g/DGL/wj5Yxb/EfPHLP6D88cs/iPlj1n8R84fs/iPkj9m8R+SP2bxHzV/zOI/Wv6YxX/0/DGL/xj5Yxb/MfPHLP5j5Y9Z/MfOH7P4j6Pyf/+P1OI/rsr//WfxHy9/zOL/sfwxi//H88cs/uPnj1n8P5E/ZvGfIH/M4j9h/pjF/5P5Yxb/T+WPWfw/nT9m8f9M/pjF/7P5Yxb/ifLHLP4T549Z/CfJH7P4fy5/zOI/af6YxX+y/DGL/+T5Yxb/KfLHLP5T5o9Z/D+fP2bxnyp/zOL/hfwxi/8X88cs/l/KH7P4fzl/zOL/lfwxi/9X88cs/lPnj1n8p8kfs/hPmz9m8Z8uf8ziP33+mMV/hvwxi//X8scs/jPmj1n8Z8ofs/jPnD9m8Z8lf8zi//X8MYv/rPljFv9v5I9Z/L85MDAw6gc1pg9xFv/ZWv+Yxf9b+WMW/9nzxyz+c+SPWfznzB+z+M+VP2bxnzt/zOI/T/6YxX/e/DGL/3z5Yxb/+fPHLP4L5I9Z/L+dP2bx/07+mMV/wfwxi/9388cs/gvlj1n8v5c/ZvH/fv6YxX/h/DGL/yL5Yxb/RfPHLP6L5Y9Z/BfPH7P4L5E/ZvH/Qf6YxX/J/DGL/w/zxyz+P8ofs/gvlT9m8V86f8ziv0z+mMV/2fwxi/+P88cs/svlj1n8l88fs/ivkD9m8V8xf8ziv1L+mMV/5fwxi/8q+WMW/1Xzxyz+q+WPWfxXzx+z+P8kf8ziv0b+mMV/zfwxi/9a+WMW/7Xzxyz+6+SPWfzXzR+z+P80f8ziv17+mMV//fwxi/8G+WMW/5/lj1n8N8wfs/j/PH/M4r9R/pjFf+P8MYv/JvljFv9f5I9Z/H+ZP2bx3zR/zOK/Wf6YxX/z/DGL/xb5Yxb/LfPHLP5b5Y9Z/LfOH7P4b5M/ZvHfNn/M4r9d/pjF/1f5Yxb/X+ePWfy3zx+z+O+QP2bx3zF/zOK/U/6Yxf83+WMW/9/mj1n8f5c/ZvHfOX/M4r9L/pjF//f5Yxb/P+SPWfx3zR+z+P8xf8ziv1v+mMV/9/wxi/8e+WMW/z/lj1n8/5w/ZvHfM3/M4r9X/pjFf+/8MYv/X/LHLP5/zR+z+O+TP2bx3zd/zOK/X/6Yxf9v+WMW/7/nj1n8988fs/gfkD9m8f9H/pjF/8D8MYv/P/PHLP4H5Y9Z/A/OH7P4H5I/ZvE/NH/M4n9Y/pjF//D8MYv/EfljFv8j88cs/kflj1n8j7b4D/nv3dzif4zF/7+Zxf/Y/DGL/3H5Yxb/4/PHLP4n5I9Z/E/MH7P4n5Q/ZvE/OX/M4n9K/pjF/9T8MYv/afljFv/T88cs/mfkj1n8z8wfs/iflT9m8T87f8zif07+mMX/3Pwxi/95+WMW//Pzxyz+F+SPWfwvzB+z+F+UP2bx/1f+mMX/4vwxi/8l+WMW/0vzxyz+l+WPWfwvzx+z+F+RP2bxvzJ/zOJ/Vf6Yxf/q/DGL/zX5Yxb/a/PHLP7X5Y9Z/K/PH7P435A/ZvG/MX/M4n9T/pjF/+b8MYv/LfljFv9b88cs/rflj1n8b88fs/jfkT9m8b8zf8zif1f+mMX/7vwxi/89+WMW/3vzxyz+9+WPWfzvzx+z+D+QP2bxfzB/zOL/UP6Yxf/h/DGL/yP5Yxb/R/PHLP6P5Y9Z/B/PH7P4P5E/ZvF/Mn/M4v9U/pjF/+n8MYv/M/ljFv9n88cs/s/lj1n8n88fs/i/kD9m8X8xf8zi/1L+mMX/5fwxi/8r+WMW/1fzxyz+r+WPSfwHD+SPWfwH5Y9Z/EfIH7P4j5g/ZvEfnD9m8R8pf8ziP3L+mMV/lPwxi/+Q/DGL/6j5Yxb/0fLHLP6j549Z/MfIH7P4j5k/ZvEfK3/M4j92/pjFf5z8MYv/uPljFv/x8scs/h/LH7P4fzx/zOI/fv6Yxf8T+WMW/wnyxyz+E+aPWfw/mT9m8f9U/pjF/9P5Yxb/z+SPWfw/mz9m8Z8of8ziP3H+mMV/kvwxi//n8scs/pPmj1n8J8sfs/hPnj9m8Z8if8ziP2X+mMX/8/ljFv+p8scs/l/IH7P4fzF/zOL/pfwxi/+X88cs/l/JH7P4fzV/zOI/df6YxX+a/DGL/7T5Yxb/6fLHLP7T549Z/GfIH7P4fy1/zOI/Y/6YxX+m/DGL/8z5Yxb/WfLHLP5fzx+z+M+aP2bx/0b+mMX/m/m/1WuvvvZ6AyL/2fLHLP7fyh+z+M+eP2bxnyN/zOI/Z/6YxX+u/DGL/9z5Yxb/efLHLP7z5o9Z/OfLH7P4z58/ZvFfIH/M4v/t/DGL/3fyxyz+C+aPWfy/mz9m8V8of8zi/738MYv/9/PHLP4L549Z/BfJH7P4L5o/ZvFfLH/M4r94/pjFf4n8MYv/D/LHLP5L5o9Z/H+YP2bx/1H+mMV/qfwxi//S+WMW/2Xyxyz+y+aPWfx/nD9m8V8uf8ziv3z+mMV/hfwxi/+K+WMW/5Xyxyz+K+ePWfxXyR+z+K+aP2bxXy1/zOK/ev6Yxf8n+WMW/zXyxyz+a+aPWfzXyh+z+K+dP2bxXyd/zOK/bv6Yxf+n+WMW//Xyxyz+6+ePWfw3yB+z+P8sf8ziv2H+mMX/5/ljFv+N8scs/hvnj1n8N8kfs/j/In/M4v/L/DGL/6b5Yxb/zfLHLP6b549Z/LfIH7P4b5k/ZvHfKn/M4r91/pjFf5v8MYv/tvljFv/t8scs/r/KH7P4/zp/zOK/ff6YxX+H/DGL/475Yxb/nfLHLP6/yR+z+P82f8zi/7v8MYv/zvljFv9d8scs/r/PH7P4/yF/zOK/a/6Yxf+P+WMW/93yxyz+u+ePWfz3yB+z+P8pf8zi/+f8MYv/nvljFv+98scs/nvnj1n8/5I/ZvH/a/6YxX+f/DGL/775Yxb//fLHLP5/yx+z+P89f8ziv3/+mMX/gPwxi/8/8scs/gfmj1n8/5k/ZvE/KH/M4n9w/pjF/5D8MYv/ofljFv/D8scs/ofnj1n8j8gfs/gfmT9m8T8qf8zif3T+mMX/mPwxi/+x+WMW/+Pyxyz+x+ePWfxPyB+z+J+YP2bxPyl/zOJ/cv6Yxf+U/DGL/6n5Yxb/0/LHLP6n549Z/M/IH7P4n5k/ZvE/K3/M4n92/pjF/5z8MYv/ufljFv/z8scs/ufnj1n8L8gfs/hfmD9m8b8of8zi/6/8MYv/xfljFv9L8scs/pfmj1n8L8sfs/hfnj9m8b8if8zif2X+mMX/qvwxi//V+WMW/2vyxyz+1+aPWfyvyx+z+F+fP2bxvyF/zOJ/Y/6Yxf+m/DGL/835Yxb/W/LHLP635o9Z/G/LH7P4354/ZvG/I3/M4n9n/pjF/678MYv/3fljFv978scs/vfmj1n878sfs/jfnz9m8X8gf8zi/2D+mMX/ofwxi//D+WMW/0fyxyz+j+aPWfwfyx+z+D+eP2bxfyJ/zOL/ZP6Yxf+p/DGL/9P5Yxb/Z/LHLP7P5o9Z/J/LH7P4P58/ZvF/IX/M4v9i/pjF/6X8MYv/y/ljFv9X8scs/q/mj1n8X8sfk/iPNJA/ZvEflD9m8R8hf8ziP2L+mMV/cP6YxX+k/DGL/8j5Yxb/UfLHLP5D8scs/qPmj1n8R8sfs/iPnj9m8R8jf8ziP2b+mMV/rPwxi//Y+WMW/3Hyxyz+4+aPWfzHyx+z+H8sf8zi//H8MYv/+PljFv9P5I9Z/CfIH7P4T5g/ZvH/ZP6Yxf9T+WMW/0/nj1n8P5M/ZvH/bP6YxX+i/DGL/8T5Yxb/SfLHLP6fyx+z+E+aP2bxnyx/zOI/ef6YxX+K/DGL/5T5Yxb/z+ePWfynyh+z+H8hf8zi/8X8MYv/l/LHLP5fzh+z+H8lf8zi/9X8MYv/1PljFv9p8scs/tPmj1n8p8sfs/hPnz9m8Z8hf8zi/7X8MYv/jPljFv+Z8scs/jPnj1n8Z8kfs/h/PX/M4j9r/pjF/xv5Yxb/b+aPWfxnyx+z+H8rf8ziP3v+mMV/jvwxi/+c+WMW/7nyxyz+c+ePWfznyR+z+M+b/8DAkP+8yOI/X/6YxX/+/DGL/wL5Yxb/b+ePWfy/kz9m8V8wf8zi/938MYv/QvljFv/v5Y9Z/L+fP2bxXzh/zOK/SP6YxX/R/DGL/2L5Yxb/xfPHLP5L5I9Z/H+QP2bxXzJ/zOL/w/wxi/+P8scs/kvlj1n8l84fs/gvkz9m8V82f8zi/+P8MYv/cvljFv/l88cs/ivkj1n8V8wfs/ivlD9m8V85f8ziv0r+mMV/1fwxi/9q+WMW/9Xzxyz+P8kfs/ivkT9m8V8zf8ziv1b+mMV/7fwxi/86+WMW/3Xzxyz+P80fs/ivlz9m8V8/f8ziv0H+mMX/Z/ljFv8N88cs/j/PH7P4b5Q/ZvHfOH/M4r9J/pjF/xf5Yxb/X+aPWfw3zR+z+G+WP2bx3zx/zOK/Rf6YxX/L/DGL/1b5Yxb/rfPHLP7b5I9Z/LfNH7P4b5c/ZvH/Vf6Yxf/X+WMW/+3zxyz+O+SPWfx3zB+z+O+UP2bx/03+mMX/t/ljFv/f5Y9Z/HfOH7P475I/ZvH/ff6Yxf8P+WMW/13zxyz+f8wfs/jvlj9m8d89f8ziv0f+mMX/T/ljFv8/549Z/PfMH7P475U/ZvHfO3/M4v+X/DGL/1/zxyz+++SPWfz3zR+z+O+XP2bx/1v+mMX/7/ljFv/988cs/gfkj1n8/5E/ZvE/MH/M4v/P/DGL/0H5Yxb/g/PHLP6H5I9Z/A/NH7P4H5Y/ZvE/PH/M4n9E/pjF/8j8MYv/UfljFv+j88cs/sfkj1n8j80fs/gflz9m8T8+f8zif0L+mMX/xPwxi/9J+WMW/5Pzxyz+p+SPWfxPzR+z+J+WP2bxPz1/zOJ/Rv6Yxf/M/DGL/1n5Yxb/s/PHLP7n5I9Z/M/NH7P4n5c/ZvE/P3/M4n9B/pjF/8L8MYv/RfljFv9/5Y9Z/C/OH7P4X5I/ZvG/NH/M4n9Z/pjF//L8MYv/FfljFv8r88cs/lflj1n8r84fs/hfkz9m8b82f8zif13+mMX/+vwxi/8N+WMW/xvzxyz+N+WPWfxvzh+z+N+SP2bxvzV/zOJ/W/6Yxf/2/DGL/x35Yxb/O/PHLP535Y9Z/O/OH7P435M/ZvG/N3/M4n9f/pjF//78MYv/A/ljFv8H88cs/g/lj1n8H84fs/g/kj9m8X80f8zi/1j+mMX/8fwxi/8T+WMW/yfzxyz+T+WPWfyfzh+z+D+TP2bxfzZ/zOL/XP6Yxf/5/DGL/wv5Yxb/F/PHLP4v5Y9Z/F/OH7P4v5I/ZvF/NX/M4v9a/pjEf+SB/DGL/6D8MYv/CPljFv8R88cs/oPzxyz+I+WPWfxHzh+z+I+SP2bxH5I/ZvEfNX/M4j9a/pjFf/T8MYv/GPljFv8x88cs/mPlj1n8x84fs/iPkz9m8R83f8ziP17+mMX/Y/ljFv+P549Z/MfPH7P4fyJ/zOI/Qf6YxX/C/DGL/yfzxyz+n8ofs/h/On/M4v+Z/DGL/2fzxyz+E+WPWfwnzh+z+E+SP2bx/1z+mMV/0vwxi/9k+WMW/8nzxyz+U+SPWfynzB+z+H8+f8ziP1X+mMX/C/ljFv8v5o9Z/L+UP2bx/3L+mMX/K/ljFv+v5o9Z/KfOH7P4T5M/ZvGfNn/M4j9d/pjFf/r8MYv/DPljFv+v5Y9Z/GfMH7P4z5Q/ZvGfOX/M4j9L/pjF/+v5Yxb/WfPHLP7fyB+z+H8zf8ziP1v+mMX/W/ljFv/Z88cs/nPkj1n858wfs/jPlT9m8Z87f8ziP0/+mMV/3vwxi/98+WMW//nzxyz+C+SPWfy/nT9m8f9O/pjFf8mR8qcs/t9t/WMW/4Xyxyz+38sfs/h/P3/M4r9w/pjFf5H8MYv/ovljFv/F8scs/ovnj1n8l8gfs/j/IH/M4r9k/pjF/4f5Yxb/H+WPWfyXyh/7iPoPGs565KXzxz6i/q/37+t/mfwxi/+y+WMW/x/nj1n8l8sfs/gvnz9m8V8hf8ziv2L+2KBzBg2bmY+2/0r5Y5b1v3L+mMV/lfwxi/+q+WMW/9Xyxyz+q+ePWfx/kj9m8V8jf8ziv2b+mMV/rfwxi//a+WMW/3Xyxyz+6+aPWfx/mj9m8V8vf8ziv37+mMV/g/wxi//P8scs/hvmj1n8f54/ZvHfKH/M4r9x/pjFf5P8MYv/L/LHLP6/zB+z+G+aP2bx3yx/zOK/ef6YxX+L/DGL/5b5Yxb/rfLHLP5b549Z/LfJH7P4b5s/ZvHfLn/M4v+r/DGL/6/zxyz+2+ePWfx3yB+z+O+YP2bx3yl/zOL/m/wxi/9v88cs/r/LH7P475w/ZvHfJX/M4v/7/DGL/x/yxyz+u+aPWfz/mD9m8d8tf8ziv3v+mMV/j/wxi/+f8scs/n/OH7P475k/ZvHfK3/M4r93/pjF/y/5Yxb/v+aPWfz3yR+z+O+bP2bx3y9/zOL/t/wxi//f88cs/vvnj1n8D8gfs/j/I3/M4n9g/pjF/5/5Yxb/g/LHLP4H549Z/A/JH7P4H5o/ZvE/LH/M4n94/pjF/4j8MYv/kfljFv+j8scs/kfnj1n8j8kfs/gfmz9m8T8uf8zif3z+mMX/hPwxi/+J+WMW/5Pyxyz+J+ePWfxPyR+z+J+aP2bxPy1/zOJ/ev6Yxf+M/DGL/5n5Yxb/s/LHLP5n549Z/M/JH7P4n5s/ZvE/L3/M4n9+/pjF/4L8MYv/hfljFv+L8scs/v/KH7P4X5w/ZvG/JH/M4n9p/pjF/7L8MYv/5fljFv8r8scs/lfmj1n8r8ofs/hfnT9m8b8mf8zif23+mMX/uvwxi//1+WMW/xvyxyz+N+aPWfxvyh+z+N+cP2bxvyV/zOJ/a/6Yxf+2/DGL/+35Yxb/O/LHLP535o9Z/O/KH7P4350/ZvG/J3/M4n9v/pjF/z6V/4OD3+2akYc7b/G/X+X//rP4P5A/ZvF/MH/M4v9Q/pjF/+H8MYv/I/ljFv9H88cs/o/lj1n8H88fs/g/kT9m8X8yf8zi/1T+mMX/6fwHRoXLLP7P5I9Z/J/NH7P4P5c/ZvF/Pn/M4v9C/pjF/8X8MYv/S/ljFv+X88cs/q/kj1n8X80fs/i/lj8m8R9lIH/M4j8of8ziP0L+mMV/xPwxi//g/DGL/0j5Yxb/kfPHLP6j5I9Z/Ifkj1n8R80fs/iPlj9m8R89f8ziP0b+mMV/zPwxi/9Y+WMW/7Hzxyz+4+SPWfzHzX9YQ95xzuI/Xv6Yxf9j+WMW/4/nj1n8x88fs/h/In/M4j9B/pjFf8L8MYv/J/PHLP6fyh+z+H86f8zi/5n8MYv/Z/PHLP4T5Y9Z/CfOH7P4T5I/ZvH/XP6YxX/S/DGL/2T5Yxb/yfPHLP5T5I9Z/KfMH7P4fz5/zOI/Vf6Yxf8L+WMW/y/mj1n8v5Q/ZvH/cv6Yxf8r+WMW/6/mj1n8p84fs/hPkz9m8Z82f8ziP13+mMV/+vwxi/8M+WMW/6/lj1n8Z8wfs/jPlD9m8Z85f8ziP0v+mMX/6/ljFv9Z88cs/t/IH7P4fzN/zOI/W/6Yxf9b+WMW/9nzxyz+c+SPWfznzB+z+M+VP2bxnzt/zOI/T/6YxX/e/DGL/3z5Yxb/+fPHLP4L5I9Z/L/t8x/n/dzI4v8dn//7yuK/YP6Yxf+7+WMW/4Xyxyz+38sfs/h/P3/M4r9w/pjFf5H8MYv/ovljFv/F8scs/ovnj1n8l8gfs/j/IH/M4r9k/pjF/4f5Yxb/H+WPWfyXyh+z+C+dP2bxXyZ/zOK/bP6Yxf/H+WMW/+Xyxyz+y+ePWfxXyB+z+K+YP2bxXyl/zOK/cv6YxX+V/DGL/6r5Yxb/1fLHLP6r549Z/H+SP2bxXyN/zOK/Zv6YxX+t/DGL/9r5Yxb/dfLHLP7r5o9Z/H+aP2bxXy9/zOK/fv6YxX+D/DGL/8/yxyz+G+aPWfx/nj9m8d8of8ziv3H+mMV/k/wxi/8v8scs/r/MH7P4b5o/ZvHfLH/M4r95/pjFf4v8MYv/lvljFv+t8scs/lvnj1n8t8kfs/hvi/5tERb/7dLGLP6/yh+z+P86f8ziv33+mMV/h/wxi/+Ob/i/8toHNa4PaRb/nVr/mMX/N/ljFv/f5o9Z/H+XP2bx3zl/zOK/S/6Yxf/3+WMW/z/kj1n8d80fs/j/MX/M4r9b/pjFf/f8MYv/HvljFv8/5Y9Z/P+cP2bx3zN/zOK/V/6YxX/v/DGL/1/yxyz+f80fs/jvkz9m8d83f8ziv1/+mMX/b/ljFv+/549Z/PfPH7P4H5A/ZvH/R/6Yxf/A/DGL/z/zxyz+B+WPWfwPzh+z+B+SP2bxPzR/zOJ/WP6Yxf/w/DGL/xH5Yxb/I/PHLP5H5Y9Z/I/OH7P4H5M/ZvE/Nn/M4n9c/pjF//j8MYv/CfljFv8T88cs/iflj1n8T84fs/ifkj9m8T81f8zif1r+mMX/9Pwxi/8Z+WMW/zPzxyz+Z+WPWfzPtvq/tvl7Xm3xP8fq/19k8T83f8zif17+mMX//Pwxi/8F+WMW/wvzxyz+F+WPWfz/lT9m8b84f8zif0n+mMX/0vwxi/9l+WMW/8vzxyz+V+SPWfyvzB+z+F+VP2bxvzp/zOJ/Tf6Yxf/a/DGL/3X5Yxb/6/PHLP435I9Z/G/MH7P435Q/ZvG/OX/M4n9L/pjF/9b8MYv/bfljFv/b88cs/nfkj1n878wfs/jflT9m8b87f8zif0/+mMX/3vwxi/99+WMW//vzxyz+D+SPWfwfzB+z+D+UP2bxfzh/zOL/SP6Yxf/R/DGL/2P5Yxb/x/PHLP5P5I9Z/J/MH7P4P5U/ZvF/On/M4v9M/pjF/9n8MYv/c/ljFv/n88cs/i/kj1n8X8wfs/i/lD9m8X85f8zi/0r+mMX/1fwxi/9r+WMS/yED+WMW/0H5Yxb/EfLHLP4j5o9Z/Afnj1n8R8ofs/iPnD9m8R8lf8ziPyR/zOI/av6YxX+0/DGL/+j5Yxb/MfLHLP5j5o9Z/MfKH7P4j50/ZvEfJ3/M4j9u/pjFf7z8MYv/x/LHLP4fzx+z+I+fP2bx/0T+mMV/gvwxi/+E+WMW/0/mj1n8P5U/ZvH/dP6Yxf8z+WMW/8/mj1n8J8ofs/hPnD9m8Z8kf8zi/7n8MYv/pPljFv/J8scs/pPnj1n8p8gfs/hPmT9m8f98/pjFf6r8MYv/F/LHLP5fzB+z+H8pf8zi/+X8MYv/V/LHLP5fzR+z+E+dP2bxnyZ/zOI/bf6YxX+6/DGL//T5Yxb/GfLHLP5fyx+z+M+YP2bxnyl/zOI/c/6YxX+W/DGL/9fzxyz+s+aPWfy/kT9m8f9m/pjFf7b8MYv/t/LHLP6z549Z/OfIH7P4z5k/ZvGfK3/M4j93/pjFf578MYv/vPljFv/58scs/vPnj1n8F8gfs/h/O3/M4v+d/DGL/4L5Yxb/7+aPWfwXyh+z+H8vf8zi//38MYv/wvljFv9F8scs/ovmj1n8F8sfs/gvnj9m8V8if8zi/4P8MYv/kvljFv8f5o9Z/H+UP2bxXyp/zOK/dP6YxX+Z/DGL/7L5Yxb/H+ePWfyXyx+z+C+fP2bxXyF/zOK/Yv6YxX+l/DGL/8r5Yxb/VfLHLP6r5o9Z/FfLH7P4r54/ZvH/Sf6YxX+N/DGL/5r5Yxb/tfLHLP5r549Z/NfJH7P4r5s/ZvH/af6YxX+9/DGL//r5Yxb/DfLHLP4/yx+z+G+YP2bx/3n+mMV/o/wxi//G+WMW/03yxyz+v8gfs/j/Mn/M4r9p/pjFf7P8MYv/5vljFv8t8scs/lvmj1n8t8ofs/hvnT9m8d8mf8ziv23+mMV/u/wxi/+v8scs/r/OH7P4b58/ZvHfIX/M4r9j/pjFf6f8MYv/b/LHLP6/zR+z+P8uf8ziv3P+mMV/l/wxi//v88cs/n/IH7P475o/ZvH/Y/6YxX+3/DGL/+75Yxb/PfLHLP5/yh+z+P85f8ziv2f+mMV/r/wxi//e+WMW/7/kj1n8/5o/ZvHfJ3/M4r9v/pjFf7/8MYv/3/LHLP5/zx+z+O+fP2bxPyB/zOL/j/wxi/+B+WMW/3/mj1n8D8ofs/gfnD9m8T8kf8zif2j+mMX/sPwxi//h+WMW/yPyxyz+R+aPWfyPyh+z+B+dP2bxPyZ/zOJ/bP6Yxf+4/DGL//H5Yxb/E/LHLP4n5o9Z/E/KH7P4n5w/ZvE/JX/M4n9q/pjF/7T8MYv/6fljFv8z8scs/mfmj1n8z8ofs/ifnT9m8T8nf8zif27+mMX/vPwxi//5+WMW/wvyxyz+F+aPWfwvyh+z+P8rf8zif3H+mMX/kvwxi/+l+WMW/8vyxyz+l+ePWfyvyB+z+F+ZP2bxvyp/zOJ/df6Yxf+a/DGL/7X5Yxb/6/LHLP7X549Z/G/IH7P43/gO/1H+98f1Ic3if1PrH7P435w/ZvG/JX/M4n9r/pjF/7b8MYv/7fljFv878scs/nfmj1n878ofs/jfnT9m8b8nf8zif2/+mMX/vvwxi//9+WMW/wfyxyz+D+aPWfwfyh+z+D+cP2bxfyR/zOA/aPDAkEfzxwz+Q9f/Y/ljFv/H88cs/k/kj1n8n8wfs/g/lT9m8X86f8zi/0z+mMX/2fwxi/9z+WMW/+fzxyz+L+SPWfxfzB+z+L+UP2bxfzl/zOL/Sv6Yxf/V/DGL/2v5YxL/UQfyxyz+g/LHLP4j5I9Z/EfMH7P4D84fs/iPlD9m8R85f8ziP0r+mMV/SP6YxX/U/DGL/2j5Yxb/0fPHLP5j5I9Z/MfMH7P4j5U/ZvEfO3/M4j9O/pjFf9z8MYv/ePljFv+P5Y9Z/D+eP2bxHz9/zOL/ifwxi/8E+WMW/wnzxyz+n8wfs/h/Kn/M4v/p/DGL/2fyxyz+n80fs/hPlD9m8Z84f8ziP0n+mMX/c17/Ie91pcV/Uq//e2bxnyx/zOI/ef6YxX+K/DGL/5T5Yxb/z+ePWfynyh+z+H8hf8zi/8X8MYv/l/LHLP5fzh+z+H8lf8zi/9X8MYv/1PljFv9pBgY2/6CG9GHuI+1/z8tvXjrqtK1/7CPt//alo06XP2bxnz5/zOI/Q/6Yxf9r+WMW/xnzxyz+M+WPWfxnzh+z+M+SP2bx/3r+mMV/1vwxi/838scs/t/MH7P4z5Y/ZvH/Vv6YxX/2/DGL/xz5Yxb/OfPHLP5z5Y9Z/OfOH7P4z5M/ZvGfN3/M4j9f/pjFf/78MYv/AvljFv9v549Z/L+TP2bxXzB/zOL/3fwxi/9C+WMW/+/lj1n8v58/ZvFfOH/M4r9I/pjFf9H8MYv/YvljFv/F88cs/kvkj1n8f5A/ZvFfMn/M4v/D/DGL/4/yxyz+S+WPWfyXzh+z+C+TP2bxXzZ/zOL/4/wxi/9y+WMW/+Xzxyz+K+SPWfxXzB+z+K+UP2bxXzl/zOK/Sv6YxX/V/DGL/2r5Yxb/1fPHLP4/yR+z+K+RP2bxXzN/zOK/Vv6YxX/t/DGL/zr5Yxb/dfPHLP4/zR+z+K+XP2bxXz9/zOK/Qf6Yxf9n+WMW/w3zxyz+P88fs/hvlD9m8d84f8ziv0n+mMX/F/ljFv9f5o9Z/DfNH7P4b5Y/ZvHfPH/M4r9F/pjFf8v8MYv/VvljFv+t88cs/tvkj1n8t80fs/hvlz9m8f9V/pjF/9f5Yxb/7fPHLP475I9Z/HfMH7P475Q/ZvH/Tf6Yxf+3+WMW/9/lj1n8d84f+yj7j/j2paPukj/2Ufb/9/X/+/wxi/8f8scs/rvmj1n8/5g/ZvHfLX/M4r97/pjFf4/8MYv/n/LHLP5/zh+z+O+ZP2bx3yt/zOK/d/6Yxf8v+WMW/7/mj1n898kfs/jvmz9m8d8vf8zi/7f8MYv/3/PHLP77549Z/A/IH7P4/yN/zOJ/YP6Yxf+f+WMW/4Pyxyz+B+ePWfwPyR+z+B+aP2bxPyx/zOJ/eP6Yxf+I/DGL/5H5Yxb/o/LHLP5H549Z/I/JH7P4H5s/ZvE/Ln/M4n98/pjF/4T8MYv/ifljFv+T8scs/ifnj1n8T8kfs/ifmj9m8T8tf8zif3r+mMX/jPwxi/+Z+WMW/7Pyxyz+Z+ePWfzPyR+z+J+bP2bxPy9/zOJ/fv6Yxf+C/DGL/4X5Yxb/i/LHLP7/yh+z+F+cP2bxvyR/zOJ/af6Yxf+y/DGL/+X5Yxb/K/LHLP5X5o9Z/K/KH7P4X50/ZvG/Jn/M4n9t/pjF/7r8MYv/9fljFv8b8scs/jfmj1n8b8ofs/jfnD9m8b8lf8zif2v+mMX/tvwxi//t+WMW/zvyxyz+d+aPWfzvyh+z+N+dP2bxvyd/zOJ/b/6Yxf++/DGL//35Yxb/B/LHLP4P5o9Z/B/KH7P4P5w/ZvF/JH/M4v9o/pjF/7H8MYv/4/ljFv8n8scs/k/mj1n8n8ofs/g/nT9m8X8mf8zi/2z+mMX/ufwxi//z+WMW/xfyxyz+L+aPWfxfyh+z+L+cP2bxfyV/zOL/av6Yxf+1/DGJ/2gD+WMW/0H5Yxb/EfLHLP4j5o9Z/Afnj1n8R8ofs/iPnD9m8R8lf8ziPyR/zOI/av6YxX+0/DGL/+j5Yxb/MfLHLP5j5o9Z/MfKH7P4j50/ZvEfJ3/M4j9u/pjFf7z8MYv/x/LHLP4fzx+z+I+fP2bx/0T+mMV/gvwxi/+E+WMW/0/mj1n8P5U/ZvH/dP6Yxf8z+WMW/8/mj1n8J8ofs/hPnD9m8Z8kf8zi/7n8MYv/pPljFv/J8scs/pPnj1n8p8gfs/hPmT9m8f98/pjFf6r8MYv/F/LHLP5fzB+z+H8pf8zi/+X8MYv/V/LHLP5fzR+z+E+dP2bxnyZ/zOI/bf6YxX+6/DGL//T5Yxb/GfLHLP5fyx+z+M+YP2bxnyl/zOI/c/6YxX+W/DGL/9fzxyz+s+aPWfy/kT9m8f9m/pjFf7b8MYv/t/LHLP6z549Z/OfIH7P4z5k/ZvGfK3/M4j93/pjFf578MYv/vPljFv/58scs/vPnj1n8F8gfs/h/O3/M4v+d/DGL/4L5Yxb/7+aPWfwXyh+z+H8vf8zi//38MYv/wvljFv9F8scs/ovmj1n8F8sfs/gvnj9m8V8if8zi/4P8MYv/kvljFv8f5o9Z/H+UP2bxXyp/zOK/dP6YxX+Z/DGL/7L5Yxb/H+ePWfyXyx+z+C+fP2bxXyF/zOK/Yv6YxX+l/DGL/8r5Yxb/VfLHLP6r5o9Z/FfLH7P4r54/ZvH/Sf6YxX+N/DGL/5r5Yxb/tfLHLP5r549Z/NfJH7P4r5s/ZvH/af6YxX+9/DGL//r5Yxb/DfLHLP4/yx+z+G+YP2bx/3n+mMV/o/wxi//G+WMW/03yxyz+v8gfs/j/Mn/M4r9p/pjFf7P8MYv/5vljFv8t8scs/lvmj1n8t8ofs/hvnT9m8d8mf8ziv23+mMV/u/wxi/+v8scs/r/OH7P4b58/ZvHfIX/M4r9j/pjFf6f8MYv/b/LHLP6/zR+z+P8uf8ziv3P+mMV/l/wxi//v88cs/n/IH7P475o/ZvH/Y/6YxX+3/DGL/+75Yxb/PfLHLP5/yh+z+P85f8ziv2f+mMV/r/wxi//e+WMW/7/kj1n8/5o/ZvHfJ3/M4r9v/pjFf7/8MYv/3/LHLP5/zx+z+O+fP2bxPyB/zOL/j/wxi/+B+WMW/3/mj1n8D8ofs/gfnD9m8T8kf8zif2j+mMX/sPwxi//h+WMW/yPyxyz+R+aPWfyPyh+z+B+dP2bxPyZ/zOJ/bP6Yxf+4/DGL//H5Yxb/E/LHLP4n5o9Z/E/KH7P4n5w/ZvE/JX/M4n9q/pjF/7T8MYv/6fljFv8z8scs/mfmj1n8z8ofs/ifnT9m8T8nf8zif27+mMX/vPwxi//5+WMW/wvyxyz+F+aPWfwvyh+z+P8rf8zif3H+mMX/kvwxi/+l+WMW/8vyxyz+l+ePWfyvyB+z+F+ZP2bxvyp/zOJ/df6Yxf+a/DGL/7X5Yxb/6/LHLP7X549Z/G/IH7P435g/ZvG/KX/M4n9z/pjF/5b8MYv/rfljFv/b8scs/rfnj1n878gfs/jfmT9m8b8rf8zif3f+mMX/nvwxi/+9+WMW//vyxyz+9+ePWfwfyB+z+D+YP2bxfyh/zOL/cP6Yxf+R/DGL/6P5Yxb/x/LHLP6P549Z/J/IH7P4P5k/ZvF/Kn/M4v90/pjF/5n8MYv/s/ljFv/n8scs/s/nj1n8X8gfs/i/mD9m8X8pf8zi/3L+mMX/lfwxi/+r+WMW/9fyxyT+ow/kj1n8B+WPWfxHyB+z+I+YP2bxH5w/ZvEfKX/M4j9y/pjFf5T8MYv/kPwxi/+o+WMW/9Hyxyz+o+ePWfzHyB+z+I+ZP2bxHyt/zOI/dv6YxX+c/DGL/7j5Yxb/8fLHLP4fyx+z+H88f8ziP37+mMX/E/ljFv8J8scs/hPmj1n8P5k/ZvH/VP6Yxf/T+WMW/8/kj1n8P5s/ZvGfKH/M4j9x/pjFf5L8MYv/5/LHLP6T5o9Z/CfLH7P4T54/ZvGfIn/M4j9l/pjF//P5Yxb/qfLHLP5fyB+z+H8xf8zi/6X8MYv/l/PHLP5fyR+z+H81f8ziP3X+mMV/mvwxi/+0+WMW/+nyxyz+0+ePWfxnyB+z+H8tf8ziP2P+mMV/pvwxi//M+WMW/1nyxyz+X88fs/jPmj9m8f9G/pjF/5v5Yxb/2fLHLP7fyh+z+M+eP2bxnyN/zOI/Z/6YxX+u/DGL/9z5Yxb/efLHLP7z5o9Z/OfLH7P4z58/ZvFfIH/M4v/t/DGL/3fyxyz+C+aPWfy/mz9m8V8of8zi/738MYv/9/PHLP4L549Z/BfJH7P4L5o/ZvFfLH/M4r94/pjFf4n8MYv/D/LHLP5L5o9Z/H+YP2bx/1H+mMV/qfwxi//S+WMW/2Xyxyz+y+aPWfx/nD9m8V8uf8ziv3z+mMV/hfwxi/+K+WMW/5Xyxyz+K+ePWfxXyR+z+K+aP2bxXy1/zOK/ev6Yxf8n+WMW/zXyxyz+a+aPWfzXyh+z+K+dP2bxXyd/zOK/bv6Yxf+n+WMW//Xyxyz+6+ePWfw3yB+z+P8sf8ziv2H+mMX/5/ljFv+N8scs/hvnj1n8N8kfs/j/YuD51/L/zyz+v2z9Yxb/TfPHLP6b5Y9Z/DfPH7P4b5E/ZvHfMn/M4r9V/pjFf+v8MYv/NvljFv9t88cs/tvlj1n8f5U/ZvH/df6YxX/7/DGL/w75Yxb/HfPHLP475Y9Z/H+TP2bx/23+mMX/d/ljFv+d88cs/rvkj1n8f58/ZvH/Q/6YxX/X/DGL/x/zxyz+u+WPWfx3zx+z+O+RP2bx/1P+mMX/z/ljFv8988cs/nvlj1n8984fs/j/JX/M4v/X/DGL/z75Yxb/ffPHLP775Y9Z/P+WP2bx/3v+mMV///wxi/8B+WMW/3/kj1n8D8wfs/j/M3/M4n9Q/pjF/+D8MYv/IfljFv9D88cs/oflj1n8D88fs/gfkT9m8T8yf8zifxT6t0VY/I9OG7P4H5M/ZvE/Nn/M4n9c/pjF//j8MYv/CfljFv8T88cs/iflj1n8T84fe9N/YMjAwEfZ/5T8Mcv6PzV/zOJ/Wv6Yxf/0N/33/IDG9SHN4n9G6x+z+J+ZP2bxPyt/zOJ/dv6Yxf+c/DGL/7n5Yxb/8/LHLP7n549Z/C/IH7P4X5g/ZvG/KH/M4v+v/DGL/8X5Yxb/S/LHLP6X5o9Z/C/LH7P4X54/ZvG/In/M4n9l/pjF/6r8MYX/KB/ccD7sKfwHBka/pvWPWfyvzR+z+F+XP2bxvz5/zOJ/Q/6Yxf/G/DGL/035Yxb/m/PHLP635I9Z/G/NH7P435Y/ZvG/PX/M4n9H/pjF/878MYv/XfljFv+788cs/vfkj1n8780fs/jflz9m8b8/f8zi/0D+mMM/+XfL4T8w+kNtBZjF/+H8MYv/I/ljFv9H88cs/o/lj1n8H88fs/g/kT9m8X8yf8zi/1T+mMX/6fwxi/8z+WMW/2fzxyz+z+WPWfyfzx+z+L+QP2bxfzF/zOL/Uv6Yxf/l/DGL/yv5Yxb/V/PHLP6v5Y9J/McYyB+z+A/KH7P4j5A/ZvEfMX/M4j84f8ziP1L+mMV/5Pwxi/8o+WMW/yH5Yxb/UfPHLP6j5Y9Z/EfPH7P4j5E/ZvEfM3/M4j9W/pjFf+z8MYv/OPljFv9x88cs/uPlj1n8P5Y/ZvH/eP6YxX/8/DGL/yfyxyz+E+SPWfwnzB+z+H8yf8zi/6n8MYv/p/PHLP6fyR+z+H82f8ziP1H+mMV/4vwxi/8k+WMW/8/lj1n8J80fs/hPlj9m8Z88f8ziP0X+mMV/yvwxi//n88cs/lPlj1n8v5A/ZvH/Yv6Yxf9L+WMW/y/nj1n8v5I/ZvH/av6YxX/q/DGL/zT5Yxb/afPHLP7T5Y9Z/KfPH7P4z5A/ZvH/Wv6YxX/G/DGL/0z5Yxb/mfPHLP6z5I9Z/L+eP2bxnzV/zOL/jfwxi/8388cs/rPlj1n8v5U/ZvGfPX/M4j9H/pjFf878MYv/XPljFv+588cs/vPkj1n8580fs/jPlz9m8Z8/f8ziv0D+mMX/2/ljFv/v5I9Z/BfMH7P4fzd/zOK/UP6Yxf97+WMW/+/nj1n8F84fs/gvkj9m8V80f8ziv1j+mMV/8fwxi/8S+WMW/x/kj1n8l8wfs/j/MH/M4v+j/DGL/1L5Yxb/pfPHLP7L5I9Z/JfNH7P4/zh/zOK/XP6YxX/5/DGL/wr5Yxb/FfPHLP4rGf3fxwO2+K9s9H8fWfxXyR+z+K+aP2bxXy1/zOK/ev6Yxf8n+WMW/zXyxyz+a+aPWfzXyh+z+K+dP2bxXyd/zOK/bv6Yxf+n+WMW//Xyxyz+6+ePWfw3yB+z+P8sf8ziv2H+mMX/5/ljFv+N8scs/hvnj1n8N8kfs/j/In/M4v/L/DGL/6b5Yxb/zfLHLP6b549Z/LfIH7P4b5k/ZvHfKn/M4r91/pjFf5v8MYv/tvljFv/t8scs/r/KH7P4/zp/zOK/ff6YxX+H/DGL/475Yxb/nfLHLP6/yR+z+P82f8zi/7v8MYv/zvljFv9d8scs/r/PH7P4/yF/zOK/a/6Yxf+P+WMW/93yxyz+u+ePWfz3yB+z+P8pf8zi/+f8MYv/nvljFv+98scs/nvnj1n8/5I/ZvH/a/6YxX+f/DGL/775Yxb//fLHLP5/yx+z+P89f8ziv3/+mMX/gPwxi/8/8scs/gfmj1n8/5k/ZvE/KH/M4n9w/pjF/5D8MYv/ofljFv/D8scs/ofnj1n8j8gfs/gfmT9m8T8qf8zif3T+mMX/mPwxi/+x+WMW/+Pyxyz+x+ePWfxPyB+z+J+YP2bxPyl/zOJ/cv6Yxf+U/DGL/6n5Yxb/0/LHLP6n549Z/M/IH7P4n5k/ZvE/K3/M4n92/pjF/5z8MYv/ufljFv/z8scs/ufnj1n8L8gfs/hfmD9m8b8of8zi/6/8MYv/xfljFv9L8scs/pfmj1n8L8sfs/hfnj9m8b8if8zif2X+mMX/qvwxi//V+WMW/2vyxyz+1+aPWfyvyx+z+F+fP2bxvyF/zOJ/Y/6Yxf+m/DGL/835Yxb/W/LHLP635o9Z/G/LH7P4354/ZvG/I3/M4n9n/pjF/678MYv/3fljFv978scs/vfmj1n878sfs/jfnz9m8X8gf8zi/2D+mMX/ofwxi//D+WMW/0fyxyz+j+aPWfwfyx+z+D+eP2bxfyJ/zOL/ZP6Yxf+p/DGL/9P5Yxb/Z/LHLP7P5o9Z/J/Lf7hWe/2jxf/5/DGL/wv5Yxb/F/PHLP4v5Y9Z/F/OH7P4v5I/ZvF/NX/M4v9a/pjEf8yB/DGL/6D8MYv/CPljFv8R88cs/oPzxyz+I+WPWfxHzh+z+I+SP2bxH5I/9tH3f/3jmKPmj330/V9vzNHyxyz+o+ePWfzHyB+z+I+ZP2bxHyt/zOI/dv6YxX+c/DGL/7j5Yxb/8fLHLP4fyx+z+H88f8ziP37+mMX/E/ljFv8J8scs/hPmj1n8P5k/ZvH/VP6Yxf/T+WMW/8/kj1n8P5s/ZvGfKH/M4j9x/pjFf5L8MYv/5/LHLP6T5o9Z/CfLH7P4T54/ZvGfIn/M4j9l/pjF//P5Yxb/qfLHLP5fyB+z+H8xf8zi/6X8MYv/l/PHLP5fyR+z+H81f8ziP3X+mMV/mvwxi/+0+WMW/+nyxyz+0+ePWfxnyB+z+H8tf8ziP2P+mMV/pvwxi//M+WPv8B922Tgf8Jj+f/Uu/rPkj1nW/9fzxyz+s+aPWfy/kT9m8f9m/pjFf7b8MYv/t/LHLP6z549Z/OfIH7P4z5k/ZvGfK3/M4j93/pjFf578MYv/vPljFv/58scs/vPnj1n8F8gfs/h/O3/M4v+d/DGL/4L5Yxb/7+aPWfwXyh+z+H8vf8zi//38MYv/wvljFv9F8scs/ovmj1n8F8sfs/gvnj9m8V8if8zi/4P8MYv/kvljFv8f5o9Z/H+UP2bxXyp/zOK/dP6YxX+Z/DGL/7L5Yxb/H+ePWfyXyx+z+C//X/jf+Nob/d8e3octi/8KrX/M4r9i/pjFf6X8MYv/yvljFv9V8scs/qvmj1n8V8sfs/ivnj9m8f9J/pjFf438MYv/mvljFv+18scs/mvnj1n818kfs/ivmz9m8f9p/pjFf738MYv/+vljFv8N8scs/j/LH7P4b5g/ZvH/ef6YxX+j/DGL/8b5Yxb/TfLHLP6/yB+z+P8yf8ziv2n+mMV/s/wxi//m+WMW/y3yxyz+W+aPWfy3yh+z+G+dP2bx3yZ/zOK/bf6YxX+7/DGL/6/yxyz+v84fs/hvnz9m8d8hf8ziv2P+mMV/p/wxi/9v8scs/r/NH7P4/y5/zOK/c/6YxX+X/LGPqv+Q4fx/nz/2UfUfGM7/D/ljFv9d88cs/n/MH7P475Y/ZvHfPX/M4r9H/pjF/0/5Yxb/P+ePWfz3zB+z+O+VP2bx3zt/zOL/l/wxi/9f88cs/vvkj1n8980fs/jvlz9m8f9b/pjF/+/5Yxb//fPHLP4H5I9Z/P+RP2bxPzB/zOL/z/wxi/9B+WMW/4Pzxyz+h+SPWfwPzR+z+B+WP2bxPzx/zOJ/RP6Yxf/I/DGL/1H5Yxb/o/PHLP7H5I9Z/I/NH7P4H5c/ZvE/Pn/M4n9C/pjF/8T8MYv/SfljFv+T88cs/qfkj1n8T80fs/iflj9m8T89f8zif0b+mMX/zPwxi/9Z+WMW/7Pzxyz+5+SPWfzPzR+z+J+XP2bxPz9/zOJ/Qf6Yxf/C/DGL/0X5Yxb/f+WPWfwvzh+z+F+SP2bxvzR/zOJ/Wf6Yxf/y/DGL/xX5Yxb/K/PHLP5X5Y9Z/K/OH7P4X5M/ZvG/Nn/M4n9d/pjF//r8MYv/DfljFv8b88cs/jflj1n8b84fs/jfkj9m8b81f8zif1v+mMX/9vwxi/8d+WMW/zvzxyz+d+WPWfzvzh+z+N+TP2bxvzd/zOJ/3/D+W/wvj+tDmsX//tY/ZvF/IH/M4v9g/pjF/6H8MYv/w/ljFv9H8scs/o/mj1n8H8sfs/g/nj9m8X8if8zi/2T+mMX/qfwxi//T+WMW/2fyxyz+z+aPWfyfyx+z+D+fP2bxfyF/zOL/Yv6Yxf+l/DGL/8v5Yxb/V/LHLP6v5o9Z/F/LH5P4jzWQP2bxH5Q/ZvEfIX/M4j9i/pjFf3D+mMV/pPwxi//I+WMW/1Hyxyz+Q/LHLP6j5o9Z/EfLH7P4j54/ZvEfI3/M4j9m/pjFf6z8MYv/2PljFv9x8scs/uPmj1n8x8sfs/h/LH/M4v/x/DGL//j5Yxb/T+SPWfwnyB+z+E+YP2bx/2T+mMX/U/ljFv9P549Z/D+TP2bx/2z+mMV/ovwxi//E+WMW/0nyxyz+n8sfs/hPmj9m8Z8sf8ziP3n+mMV/ivwxi/+U+WMW/8/nj1n8p8ofs/h/IX/M4v/F/DGL/5fyxyz+X84fs/h/JX/M4v/V/DGL/9T5Yxb/afLHLP7T5o9Z/KfLH7P4T58/ZvGfIX/M4v+1/DGL/4z5Yxb/mfLHLP4z549Z/GfJH7P4fz1/zOI/a/6Yxf8b+WMW/2/mj1n8Z8sfs/h/K3/M4j97/pjFf478MYv/nPljFv+58scs/nPnj1n858kfs/jPmz9m8Z8vf8ziP3/+mMV/gfwxi/+388cs/t/JH7P4L5g/ZvH/bv6YxX+h/DGL//fyxyz+388fs/gvnD9m8V8kf8ziv2j+mMV/sfwxi//i+WMW/yXyxyz+P8gfs/gvmT9m8f9h/pjF/0f5Yxb/pfLHLP5L549Z/JfJH7P4L5s/ZvH/cf6YxX+5/DGL//L5Yxb/FfLHLP4r5o9Z/FfKH7P4r5w/ZvFfJX/M4r9q/pjFf7X8MYv/6vljFv+f5I9Z/NfIH7P4r5k/ZvFfK3/M4r92/pjFf538MYv/uvljFv+f5o9Z/NfLH7P4r58/ZvHfIH/M4v+z/DGL/4b5Yxb/n+ePWfw3yh+z+G+cP2bx3yR/zOL/i/wxi/8v88cs/pvmj1n8N8sfs/hvnj9m8d8if8ziv2X+mMV/q/wxi//W+WMW/23yxyz+2+aPWfy3yx+z+P8qf8zi/+v8MYv/9vljFv8d8scs/jvmj1n8d8ofs/j/Jn/M4v/b/DGL/+/yxyz+O+ePWfx3yR+z+P8+f8zi/4f8MYv/rvljFv8/5o9Z/HfLH7P4754/ZvHfI3/M4v+n/DGL/5/zxyz+e+aPWfz3yh+z+O+dP2bx/0v+mMX/r/ljFv998scs/vvmj1n898sfs/j/LX/M4v/3/DGL//75Yxb/A/LHLP7/yB+z+B+YP2bx/2f+mMX/oPwxi//B+WMW/0Pyxyz+h+aPWfwPyx+z+B+eP2bxPyJ/zOJ/ZP6Yxf+o/DGL/9H5Yxb/Y/LHLP7H5o9Z/I/LH7P4H58/ZvE/IX/M4n9i/pjF/6T8MYv/yfljFv9T8scs/qfmj1n8T8sfs/ifnj9m8T8jf8zif2b+mMX/rPwxi//Z+WMW/3Pyxyz+5+aPWfzPyx+z+J+fP2bxvyB/zOJ/Yf6Yxf+i/DGL/7/yxyz+F+ePWfwvyR+z+F+aP2bxvyx/zOJ/ef6Yxf+K/DGL/5X5Yxb/q/LHLP5X549Z/K/JH7P4X5s/ZvG/Ln/M4n99/pjF/4b8MYv/jfljFv+b8scs/jfnj1n8b8kfs/jfmj9m8b8tf8zif3v+mMX/jvwxi/+d+WMW/7vyxyz+d+ePWfzvyR+z+N+bP2bxvy9/zOJ/f/6Yxf+B/DGL/4P5Yxb/h/LHLP4P549Z/B/JH7P4P5o/ZvF/LH/M4v94/pjF/4n8MYv/k/ljFv+n8scs/k/nj1n8n8kfs/g/mz9m8X8uf8zi/3z+mMX/hfwxi/+L+WMW/5fyxyz+L+ePWfxfyR+z+L+aP2bxfy1/TOI/9kD+mMV/UP6YxX+E/DGL/4j5Yxb/wfljFv+R8scs/iPnj1n8R8kfs/gPyR+z+I+aP2bxHy1/zOI/ev6YxX+M/DGL/5j5Yxb/sfLHLP5j54/9f+zcf7jWdX3H8ZvfZDn92KYubTg05tqMREajFqKiePxxykQzf6MegQSRH5JgKm60UsemS90s2cTCMWerljjcXL9WNCxrtkZsrXKKa2GMOVhkTs+uA+cQnL09l+fLvl8334/HH3Du+/C+U57Xy/vm4rrK0n9f/UNZ+hf9Q1n676d/KEv/V+sfytL/p/UPZen/M/qHsvTfX/9Qlv4H6B/K0v9A/UNZ+v+s/qEs/V+jfyhL/4P0D2Xpf7D+oSz9X6t/KEv/n9M/lKX/CP1DWfofon8oS/+f1z+Upf9I/UNZ+h+qfyhL/8P0D2Xp/zr9Q1n6j9I/lKX/L+gfytL/cP1DWfr/ov6hLP1fr38oS/9f0j+Upf8v6x/K0v8I/UNZ+r9B/1CW/qP1D2Xp/0b9Q1n6H6l/KEv/MfqHsvQ/Sv9Qlv5j9Q9l6f8r+oey9B+nfyhL/zfpH8rS/1f1D2XpP17/UJb+b9Y/lKX/W/QPZen/a/qHsvR/q/6hLP0n6B/K0v9o/UNZ+k/UP5Sl/zH6h7L0P1b/UJb+x+kfytJ/kv6hLP2P1z+Upf8J+oey9J+sfyhL/xP1D2Xp36Z/KEv/k/QPZel/sv6hLP1P0T+Upf+p+oey9G/XP5Sl/9v0D2Xp/3b9Q1n6n6Z/KEv/d+gfytL/dP1DWfpP0T+Upf8Z+oey9D9T/1CW/u/UP5Sl/1n6h7L0f5f+oSz9z9Y/lKX/OfqHsvQ/V/9Qlv7n6R/K0v98/UNZ+l+gfyhL/wv1D2XpP1X/UJb+F+kfytL/Yv1DWfpfon8oS/8O/UNZ+l+qfyhL/2n6h7L0n65/KEv/GfqHsvR/t/6hLP0v0z+Upf9M/UNZ+s/SP5Sl/+X6h7L0n61/KEv/K/QPZek/R/9Qlv5z9Q9l6T9P/1CW/vP1D2Xpf6X+oSz9F+gfytL/PfqHsvS/Sv9Qlv4L9Q9l6b9I/1CW/lfrH8rS/736h7L0v0b/UJb+1+ofytL/Ov1DWfov1j+Upf/1+oey9P91/UNZ+v+G/qEs/ZfoH8rS/336h7L0/039Q1n6v1//UJb+H9A/lKX/DfqHsvS/Uf9Qlv436R/K0v+39A9l6b9U/1CW/r+dqv/znZ2dL+5XZun/O6n6v3hZ+t+sfyhL/1v0D2Xp/7v6h7L0/6D+oSz9b9U/lKX/bfqHsvS/Xf9Qlv6/p38oS//f1z+Upf8d+oey9P+Q/qEs/T+sfyhL/zv1D2Xpv0z/UJb+f6B/KEv/P9Q/lKX/XfqHsvRfrn8oS/+79Q9l6f8R/UNZ+n9U/1CW/iv0D2Xpf4/+oSz9/0j/UJb+K/UPZen/x/qHsvS/V/9Qlv5/on8oS//79A9l6f8x/UNZ+v+p/qEs/T+ufyhL/0/oH8rS/5P6h7L0/zP9Q1n6f0r/UJb+9+sfytJ/lf6hLP0f0D+Upf+f6x/K0n+1/qEs/R/UP5Sl/1/oH8rS/y/1D2Xp/5D+oSz9/0r/UJb+n9Y/lKX/Z/QPZen/Wf1DWfp/Tv9Qlv6f1z+Upf9f6x/K0v8L+oey9P+i/qEs/dfoH8rS/0v6h7L0/xv9Q1n6r9U/lKX/w/qHsvT/sv6hLP2/on8oS/9H9A9l6f9V/UNZ+n9N/1CW/n+rfyhL/0f1D2Xp/3X9Q1n6/53+oSz9v6F/KEv/v9c/lKX/Ov1DWfp/U/9Qlv7r9Q9l6f8P+oey9P9H/UNZ+n9L/1CW/v+kfyhL/2/rH8rS/zv6h7L0/67+oSz9H9M/lKX/P+sfytL/cf1DWfo/oX8oS/8N+oey9H9S/1CW/v+ifyhL/+/pH8rS/1/1D2Xp/339Q1n6b9Q/lKX/U/qHsvT/gf6hLP036R/K0v/f9A9l6b9Z/1CW/v+ufyhL/6f1D2Xp/x/6h7L036J/KEv/rfqHsvT/T/1DWfr/UP9Qlv7b9A9l6f8j/UNZ+j+jfyhL/x/rH8rS/1n9Q1n6/5f+oSz9n9M/lKX/8/qHsvTv1D+UpP++Lf1DWfoP0D+Upf9A/UNZ+g/SP5Sl/2D9Q1n6D9E/lKX/UP1DWfoP0z+Upf9w/UNZ+r9C/1CW/nvpH8rS/5X6h7L0f5X+oSz999Y/lKX/T+kfytJ/H/1DL7v+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/9fMW7josqkzZ3bM9YUvfOGLnV+81P9lAgAA/rf95EP/S/1PAgAAAAAAAAAAAAAAAAAAAHk18X8n9lL/OwIAAAAAAAAAAAAAwP93be3HbBo0YLenBu364LWPdGz/eey2s6avWPFA6fm5+9snBy85cNcHnZ2dncuenjCp++GwVqvV9b+2b/fj4b2Pu15/8Yg7D9zxqEz8wu2PnT9l71Pmrrpl8DeX3dT+1JDtzw5pXXjpjJkdbxzYapXjhrSu6npw5IBWq5wwpHVz14MxXQ8mD2mt7Hpw1PYHr2h9tuvBGy6ePfOSridOrPx7Bi8Xbe2LW4N2W2xrt/8a7Lr/xSMen97zcx8v2fNqg1vd+x+56ssH9PpejxfYf8/rl2N677/f/4LAC+rf/p9Z3/NzHy/5P97/P7J226Loey+8/57XL8faP9Qn+Py/20Z7f+7v9fn/kOAld94fPXztrV37bzvj3oO7nxr8Yj7//+T1y3G99z9wt8//XZ/jJ/V8/h/WapXj9/C3A1Jpa79+U1/v/33vf/Bret0M2HX/d391w6u69n/Ps60l3U8N6ef+J/X1/n9Dr39WoH/a2pd39nr/78f+W6OCl9y5/42r9t7++X/DfRfvv8v3+rP/43vvf/T8WVeMnrdw0REzZk2d1jGt4/LxY8YdOXb8+HHjRm//RLDjxz38TYEk9uz9v7VXr5sBrVbHzvs19940qWv/mx9c8tHup4b3c/8n9Pn+f4j3fwiNHNgaOrR11dT58+ceuePHnodjdvy445cF++/Hn/8PPbz7l/X8neGAVuvAnfejzh8/rGv/V88pq7ufGtrP/U/uc/8Td/+7SqB/9vD9/5JeN7vt/+iN1y7o2v9hP9xvQ/dT/f3z/4l97v8u7/+wJ9raW7W+iXbt/6hh159U7bq0+fs/qE8T+x+x5eat1a7LSfYP9Wli/1OWvuWiatflZPuH+jSx/wdmXbC02nU5xf6hPk3s/7lXbz2o2nU51f6hPk3s/9HvPbmi2nVpt3+oTxP7/9Ad7UdVuy5vs3+oTxP7P+LKH02odl3ebv9Qnyb2f+krT19Z7bqcZv9Qnyb2f1LnsftXuy7vsH+oTxP7H3D99xdXuy6n2z/Up4n9PzF16exq12WK/UN9mtj/yhGjnql2Xc6wf6hPE/tf8tSbJle7LmfaP9Snif1/7bY7H612Xd5p/1CfJvb/yXP3u7PadTnL/qE+Tez/xyMf3KvadXmX/UN9mtj/unUr7692Xc62f6hPE/tftnLQyGrX5Rz7h/o0sf/rTpz2SLXrcq79Q32a2P/YcV85p9p1Oc/+oT5N7P/Az3/7yWrX5Xz7h/o0sf/TH1owr9p1ucD+oT5N7H/BQZ94vtp1udD+oT5N7P+tHQdNr3Zdpto/1KeJ/Zdb9lpX7bpcZP9Qnyb2f/bm5ROrXZeL7R/q08T+V+/zxY9Xuy6X2D/Up4n9b5lz+fhq16XD/qE+Tez/u++77v3Vrsul9g/1aWL/tz77jVLtukyzf6hPE/vfOObsc6tdl+n2D/VpYv/LT3n64WrXZYb9Q32a2P/S1Y/Nr3Zd3m3/UJ8m9r9mzcmPV7sul9k/1KeJ/R82avTe1a7LTPuH+jSx/9lnLflwtesyy/6hPk3s/7j7bntdtetyuf1DfZrY//CvT/hUtesy2/6hPk3s/zMTPvDpatflCvuH+jSx/60TDz282nWZY/9Qnyb2v/7+MbdXuy5z7R/q08T+P/jwHRWvyzz7h/o0sf85r39uc7XrMt/+oT5N7P/NU85cWO26XGn/UJ8m9r//XZO/VO26LLB/qE8T+z/vOz84rdp1eY/9Q32a2P+hB1x0cLXrcpX9Q32a2P/0GWtvrHZdFto/1KeJ/U9atn5steuyyP6hPk3sf58n5t1d7bpcbf9Qnyb2v2nQAadWuy7vtX+oTxP7v+eah75V7bpcY/9Qnyb2f+MNH+uodl2utX+oTxP7/9y2oVuqXZfr7B8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+G924EAAAAAAAMj/tRGqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsAMHAgAAAABA/q+NUFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYUdOBYAAAAAEOZvHUTvBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEcBAAD//6OCBHY=")

1.541577787s ago: executing program 1 (id=997):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000240), r0)
sendmsg$IEEE802154_START_REQ(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x14, r1, 0x1, 0x70bd31}, 0x14}, 0x1, 0x0, 0x0, 0x18000}, 0x0)

1.468958454s ago: executing program 1 (id=998):
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='ns\x00')
fchdir(r0)
umount2(&(0x7f0000000040)='./cgroup\x00', 0x8)

1.41099929s ago: executing program 1 (id=999):
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f0000000180)={0x7, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)=ANY=[@ANYBLOB="020100090a000000007fffffff0000000200100000e9000000e9000000000000030005000000000002000000ac1414000000000000000000030006"], 0x50}}, 0x0)
sendmmsg(r0, &(0x7f0000000180), 0x40000000000007b, 0x4004)

1.321167888s ago: executing program 1 (id=1001):
capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000180))
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000002500)=ANY=[@ANYBLOB="b7000000010003c3bfa30000000000000703000020feffff720af0fff8ffffff71a4f0ff0000000065040200000000ff2d400500000000002000000001ed00007b030000000000001d440000000000007a0a00fe00ffffffdb03000000000000b5000000000000009500000000000000023bc065b78111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e51815548000000000000000275daf51efd601b6bf01c8e8b1b526375ee4dd6fcd82e4fee5bef7af9aa0d7f300c095199fe3ff3128e599b0eaebbdbd732c9cc00eec36574a8f6456e2ccae25ea21714eca8cf5d803e04d83b46e21557c0afc646cb7790b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2400000000000000800643a98d9ec21ead2ed51b104d4d91af25b845b9f75dd08d123deda8ebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987af1714e72ba7616536fd9aa58f2477184b6a89adaf17b0baf587aef370a2d426a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d64364c82770c8204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee7d26b34381fcb59b854e9d5a17f4720082f13d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67051d355d84ce97bb0c6b4a595e487efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599ddd71063be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d96c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d38df9ba60248d9a0d61282dfb15eb6841bb64a1b3045024a982f3c48153baae2c4e7bf37548c7f1a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c3560811ea6c3560a43364d402ccdd9069bd50b994fd6a34ee18022a579dfc0229cc0dc9881610270928eaeb883418f562ae00003ea96d10f172c0374d6eed826407000000000000004a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f5c0b000000000000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea52acb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d851680f6f2f9a6a8906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f4ca2195234648e0a1ca50db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145eb6dc5f6a9037d2283c42efc54fa84323a3304f41ff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f928ba7554ba583fef3ec7932f5954f31a878e2fae6691df8b4b7ecd27ce82f7df3e7d1daac43738612e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e96753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e96735600000554f327a353511ccedde99493c31ac05a7b57f03ca91a01ba2c60ca99e8ebc15ecb4d91675767999d146aef7799738b292fd64bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d40460780000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120968308c31db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd0000000069ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a003fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b393cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9e0600f86909bc90addb7b9aee813df534aac4b32fd691b8068cd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a000000000000000000000000000006acc19808d7cf29bc974b0ea92499a419aa095e203c1bafbb9b9a7c2bca3f0a18ee4952f2d325a56390578f12205db653a536f0100e0eda300a43a13bd1b9f3322405d1efd78e578dc6b3fb84f3738a4b6caa84feda91f3edb32231ec75300000000000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf79a43746979f99f6a1527f004f1e37a3926937e84fb478199dc1020f4beb98b88b5e7885e9a617aa6c8e10d4202c5afeb06e2f9115558ea12f92d7ae633d44086b3f03b20d546fa66a72e38207c9d20035ab63de71a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80eba439772bf60a1db1829f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a4443440dc65600e64a6a2744c46570e8f46da1ab990ca053cbfe801000000000000000000000000000000d55d7182af2ea5f8d0ad495e3eb9421963a5a683c3dcb2d300aa3b2cfe946d2348c35f5d67d68ac07c8f84b3679e77c2e629ecec7c12c35d6b6971b8ae13cc00956d2227db60c0a461ed2b3ecfb16d19037c8c88c91dda1f904fbbc864e95ad43d6dd6d5eadbcea25682ba4b91e14c3fbfdfd1d680aa1af102d97681656bf56ff0674237ce097d39008cc3257778de878bcd37467386f993be6d20c93a7791e7f2a155ce379b4cda2500108052aeb9bd03ff6d4c5dbda9ff485d6576a492d436d52edcd420e7deaa4343a0add3941ae7c5f58af43866ca64750f43e583ca1ceb3a805e46beef9dca77a4edcbb42aa0caf0bbd6cec72d85540293cb4849b0610800000000000000000000000000000000f9814d5f6c8673c143ff2f901e71b8818665b56f7a03afe3d900007656859db4cb06aaaf9f02cfab5b9e61cc00e8e19429921b8df4c4c53bddea4cc48737842952ff08aeac15685df194ca89da8cf6d29a2be9779181fd5d105af5786094d9130f5826b18b9667b971a994f3fd069629a1052f441e96884f90c91f4a974242aabfc8adbadc9ca27955b5c90f0bd9a46ed044272383d3768871a9c8cfd7948aea445c55684351002ed4a4af45341de8e5e1f33624bd2ec1591dd00bbe05000000f89a928662e9b9449db34394fc5e946fadaee576e28ac0feab4e3585ed43d206218f524083840a78b7236bb7f5e42b5376642f8ad4028d4ead407240e7467d1b37afe20690d7672c7e926fded95cf805516ad836eb730619a05af36fb28329d6feb33219cc9164461a8ba3afd5949b9a6046c53663df30a049414089c1ae8f3476236b05dde8dda4843a62c591f8d2b1a62d0db8dc826219bd87398b33e140792297d023ef52de2e75b9dbbfb8712ccc15c69cfb4c6c1bc2ae74621e536b9d3f09a15dada1561a8192d65cc59d7ed5a6bd61000000000000000000000000000000000000000000000000000000000000000000000000f637782e317d492b2392fd0ea81397a80227f271bad21d688af35a2bd02c15d20f3d62a50e20260642c25f304c8034a5f4d8e45e701dbd84294d1096e715662b8223e10e98c4c38451fc5c702084e3fa9b184e0d0fba44acf3bb8a846cf680dfbf312cddfdb2043288fa6b67fa762c8b75d4478756ef240f2b314e4d77a3afb4fcec92248327004d1dac7ac87a6f8cb04d82acc307d60e4713bd9a8f29091d3048c669a5f5439e0a906ce098d177b9579882586511cfe6a23e57c44d1654899f077b5636e4181f3de6b814bedcac5290ad8018bbe4424edc6d9b0e61b404bb7a2d4883bbc200de8332029cbc04a0bc52"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd00}, 0x48)

1.139517839s ago: executing program 1 (id=1004):
socket$tipc(0x1e, 0x2, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000840), r0)
sendmsg$TIPC_CMD_GET_NODES(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000480)={0x1c, r1, 0x1, 0x0, 0x0, {{}, {0x0, 0x6}}}, 0x1c}, 0x1, 0x0, 0x0, 0x8010}, 0x0)

1.107929141s ago: executing program 0 (id=1005):
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
syz_mount_image$ext4(&(0x7f0000000400)='ext4\x00', &(0x7f0000000440)='./bus\x00', 0x890, &(0x7f0000000080)={[{@noload}, {@resgid}, {@discard}]}, 0x1, 0x3db, &(0x7f00000004c0)="$eJzs3F1rHFUfAPD/TN6epo9u1OqFFowUMfiSl6bEBgsqeOmV9QusSVqi28Y2K9iSCwWxH0D9AOJl/QheiHeC4E3x2julUCTJtazMZnYzbnZj3pbR7u8HB86Z2eGc/8zsnpNzDglgYE1GxCcRMRoR70dEJT+e5Cne2EnZ57Y3N5aylESjcfmPpHl+a3NjKQrXZE7nhak0Iv0siWe61Lt+6/YH1Vpt5WZenqlf+3Bm/dbtV1avVa+uXF25Pj+7uDg7f3FhceHEYv0t7vx66d5blS9+OvfLD++9s5C1N83PFeM4KZMx2b4nnaZPurKS/a+QT4ZLbAiHkr3/QxEx3Pz+V2Iodh9eJb6rlNo4AKAvGo3XO8oAwMMv0ecDwIBp/d2/tbmx1EplzEOU5cGbO4tXW/na5nY7/uH2SshIx/rWSZqMiG+/evXZLEWf1iEBAIq+z8Y/F7uN/9I4W/jcqYgYz/d2/T8iHomIRwv7xY5qsqO8d/yT3j9mFfvKxn+XCnvbtgvx5yaG8lIW80SMJFdWayuzefxTMTKWlef2qePs5af+7HWuOP7LUlZ/ayyYt+P+8Njfr1mu1qvHibnowacRTw93iz9pj3+TZtxH99qNu0/2OvfP8fdX4+uIF7o+/92de8n++xNnmu/DTOut2OvOi8/f6FV/2fFnz398//gnkuJ+zfXD1/HjhdWfe5076vs/mrzbzI/mxz6u1us35yJGk7f3Hj+/e22r3Pp8Fv/Uue7f/zOxeycei4jHI+KJiObxni90Fy/Xvnnu6PH3Vxb/8qGe/+Ez45/fvder/oM9/wvN3FR+5CC/fwdt4HHuHQAAAPxXpM353CSdbufTdHp6Z573TIyntbX1+ktX1j66vrwz7zsRI2lrpqtSmA+dy+cIW+XzHeX5fA7ly7FTzfL00lptuezgAWBAne7R/2d+Hyu7dQBA3/RrczsA8O+l/weAwaP/B4DBo/8HgMGj/weAwaP/B4CBcpz/6ycjI/OwZsr+ZQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKNdfAQAA//+h6NU1")
r0 = creat(&(0x7f0000000280)='./bus\x00', 0x2)
pwritev2(r0, &(0x7f0000000180)=[{&(0x7f0000000080)='l7', 0x2}], 0x1, 0xfffff, 0x6, 0x1b)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000500)='.\x00', 0x0, 0x0)
fsetxattr$system_posix_acl(r1, &(0x7f0000000000)='system.posix_acl_access\x00', &(0x7f0000001100)=ANY=[@ANYBLOB="020000000100060000000000140005000000000010000300000000002000070000000000"], 0x24, 0x1)
setreuid(0xffffffffffffffff, 0xee01)
symlink(&(0x7f0000000080)='.\x00', &(0x7f0000000240)='./file0\x00')
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r2, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r2, 0x6, 0x14, &(0x7f0000000140)=0x2, 0x4)
shutdown(r2, 0x1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000100)='mm_vmscan_lru_shrink_inactive\x00', r0, 0x0, 0x5}, 0x18)
connect$inet(r2, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
sendto$inet(r2, 0x0, 0x0, 0x40, 0x0, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000008c0)={0x18, 0x4, &(0x7f0000000100)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x3, 0x0, 0x0, 0x41100, 0x84, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, r3}, 0x18)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0x13, &(0x7f0000000e40)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000040000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000100000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000180)='sys_enter\x00', r4}, 0x10)
syz_usb_disconnect(0xffffffffffffffff)
setreuid(0x0, 0xee00)
request_key(&(0x7f0000000440)='rxrpc_s\x00', &(0x7f0000000480)={'syz', 0x3}, &(0x7f0000000500)='/dev/vcsu#\x00', 0xffffffffffffffff)

1.099403293s ago: executing program 1 (id=1006):
r0 = syz_usb_connect(0x3, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000ffd26f10cb060600eb9a0102030109022400010000000009040001020a16d1000905078302"], 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)

280.374912ms ago: executing program 2 (id=1013):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f00000008c0)=ANY=[@ANYBLOB="6c0000001000010400d201000072f60000020000", @ANYRES32=0x0, @ANYBLOB="0524060000000000300012800b0001006272696467650000200002800c002e00fffff6ffff"], 0x6c}}, 0x0)
r0 = socket(0x10, 0x3, 0x0)
sendmmsg$alg(r0, &(0x7f0000000140), 0x4924b68, 0x0)

131.375388ms ago: executing program 2 (id=1014):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe3}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4)
sendmmsg$inet(r0, &(0x7f0000004a80)=[{{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000040)="4fa3176756113369df8b913f2c0f5bc12e941d00", 0x14}, {&(0x7f0000000180)="55c0cc0ba6f3b908ecb5c6e93e4dc70ed9c875dd444569fab05e32a08e71d1c480fa1ada9e6f952dea418e2eb2dd8dcdd18f82c2be42e92405d2eccae94e713594f13ebfe37be3cb7ce0eb237d63f25744e42baf027055a65359c121788ba610f7df23b902755c5771d93efedd8252aca1dda5efe1493ec0a5a9e965666d1afe33b384953a9102b3f1e446aea391ccff253fccc951d4091f1d6b69faee7e7d4b669c48b70ef01c3879af3f35e0682a49", 0xb0}], 0x2}}, {{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000007c0)="16ecaaaeb69ec105e9dd534f1bd77f8051db33a07055391264d230088248daa370b0bc75883a507be52e9744ca1479096e0a1d347324d779b5fe3167e722437570ee9c472c6399c49d1473a32016f512dee12a2f9dc3bd6060001c8139ae43a3cbf08d05c66712c9a0b2994264c8614da6c0251fdeb06bcb94139d6b3df7bd60ac9d53ac834c97388aa638bb50457e57f90b3e8e11975ebd2c81a2a13cb5dc9b7fae4411137ad278cf52dd8d32de5b07a396cd19a242b247d2ca16ce1a663064abfc1ba416f7b1fc251409afd53815f775ab04810637bd8c9b2606a8512ee5622829a369d77900cfc7987f950003fb657f4c17131695efdcead8816ddae634049c3dab49a0ca36b1d5d93c8dac8fa0ba2a74f55d159667e3b52ec903f439a21a023b4bc7bf4463d73f5ae46a680f138c34f0ab2e8503ce342bfb26e481f087a08d410a8886335ac1fda0df344dfbb68b6bb8fcc2bf9a85fe835f350fb281e1159b093d52c519a3d61cd4979941c87ebf52404bdb04ebce4e1980314c1b03a674a86d6cf027b9076559eecadd6cbc5daab4002468d3653a11bbcb9cf625b1e4fe49a398e63200944d4ecee2741a09daf3650edb6a8dca6dc705873b78767c0e942a766c8be2bf425eeba3c277f09332f84fe9f24272059625703661763ed5efd08af27a1b6ccc3a7ae63ff339676e5caa6447e4a0575131495bc643681ca8e18b95bc7db66366c50cd89c9a59746da83dcced2526003b48e250bb7a20eabaf34e950fd1eeb6cce37de630e51a067e786dc3ecde5d2218962d33adde6734636adcf597b93be0cc3f307127d2b0df08a75d14f41ed41237db5e7b10fdacd56231cd781566b26080a06edbd7af51e6310233f0cea9aea8fe2c08a94cdc1ae11c6bef6f0fb5d4155567b47db0c4fc61940d157fc5a1df14ff33bd638b56b200b032cd99504751cb6c29d8252e6ebd0c1ac4c3df73d335aaf060f54d6a4f1c225eaca5e3f313a1d29f940d7a9fcaa040d7cab55550954a3c4d8bd772890fff6eadf3de96a396758e0a3d21cba8f2b1bbbc2ce9dbc8818bb3ca8967fc89e130ef4409db59a858f81b29c9019c3954754777af852162d61ff916ad98d6ee6ab4c0a5d25339e7923c1db2386df6596a5059ffb169fa9991d82573587fa4edd83649ece1a1976755b6d622e75ec6b342df6b30c8ea280daacfd1cfa82909f295ad96130d439abf3ebf9f48e8b138b89ea93c751c5c416e727c49c764559ca5dba38a894b056e3c9569f20bd56c638eb74429f5a89fdf1b3d3bd7e38993b0a39446ece8359a57894e28136fc0305e43bfa4adb63c9d85951207eb506bac375a3e203eed305fcd1cc6984f4dc67dc9e50391e4a01effe62fce188da0eead8dabebe5a3e74c7223c240bc0443b3e4c53d677bbccc58a7dfbb0b69dac81cf9ec689f1762a0ba768d73aeb38b4718d735defdfc3ac9376eea3412e5c388f1cf89d7b1caf2550cdafb8deeb8df3b75993b98665b47f29e213c2b2a0541b4d7a8a458cfa92548d03c5b74b5fda560ee3fbf972640a5a59645e87b08ad07086c4324091b5e874cbb5ea7a5c30e3596db80c6a44c091a3e51d931bfe63efae82a396cb2d8886430c4b26b135c29492d454b8582bfe12203f70ff24d9ab7818939091941f5eca793d19e3799571e071614fabb8254744f94454a8f755e605feece3c415bef9506de83b4b3ec4873888bbf4784e6ac25524120212d77ca6f977b5670caa6ffe5ad508f8e0f9c03e36df4556b5e52a74c7ab0fdcb38c4a154bb370117701cef672bee99f1f8270cd7d604a141275a25ab3226639aea60a958a3ec3c664285fb205be76f1b61fdd6e58557966b6e5377f2a2bc0a622a90d82a066a12e7224a98d5093bd134c5d3a1b8107fd6a35196098a655231ab04dcff68c82fc7eac9a0c81584ae81f0ee407423d6d10a087c787f63d536d1ddc07dc5bd24e32eb26f31580cafec928ac1c3fb03f032562192d70331881599be4bfcec829da2ace9385db908cd03a48e76470471da69e700bc5b20601c707df9abe26828edb0401eed502feb885cd7df09cd34fda8489f06f4df052c0b233bc5232668913aede05bec5f8a36ae9e478f5dc3e0bd7a6de8b9fe81eb29da56f06fa94cd7dbc7f787050ff3989435af4b545587edb4c47c68605a30c09d1e678c1f870a2ef82841b1d89c667b6499638630b6b0f9f8a66a69064b4616dfc079e6564b301663857305231759391bd9ee2f2d246a4ddd6eb94fd8258ac655a161e2b0f0d13c7c812c78c20bf0ae6c2a20c9be1fb2908bb0e107fdc9c79d02dfbc1d6b24002637acc8a093e02d4372b8e211cc6baf36a5f8997c694bd68ca0fe4d0eceb6ebc93db8c8dbfa796280287a5851f53201fa91e38be16c815f9d5ead64488c0a7ef40c7946ac0c0ad8baa8add8ce249f6ff09ebfc93106c239594a2ad935099fef0c2fe5d3820cb9cc676a5ccfd5a7d87f4fb1be803866deab41ac39a5ad39ddf87b6246b47702fbf46e93bcacf52809006adef2dcf242886367e7297af9dacab3e74ca392b9a9bc4ac6c77ca11c400bcf7db683e78835bf488bcea5", 0x72d}], 0x1}}], 0x2, 0x400c0)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000480)=0x1df9, 0x4)
sendto$inet(r0, &(0x7f0000000580)="17", 0x1d4c, 0x10048095, 0x0, 0x0)

71.207542ms ago: executing program 2 (id=1015):
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$SO_J1939_PROMISC(r0, 0x6b, 0x2, 0x0, 0x0)

71.06749ms ago: executing program 2 (id=1016):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x20, 0x3, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000002c0)={r0, 0xffffffffffffffff, 0x2d, 0x0, @void}, 0x10)

242.644µs ago: executing program 2 (id=1017):
r0 = syz_open_dev$cec(&(0x7f0000000000), 0x0, 0x0)
ioctl$CEC_ADAP_S_LOG_ADDRS(r0, 0xc05c6104, &(0x7f00000000c0)={'\x00', 0x0, 0x5, 0x1, 0x0, 0x7f, "4041836dc400", '\x00\x00\a\x00', "0300", "185aad13", ["d5c2a7cdaeea2c6f8e00b600", "807fb3eacf821b00", "2971088d544f005a4e5200", "ff812500004000"]})
ioctl$CEC_TRANSMIT(r0, 0xc0386105, &(0x7f0000000200)={0x8, 0x101, 0x9, 0x0, 0x7, 0x9, "b87fe12d00b800f6d72a89fea221d1af", 0x7, 0x6, 0x8e, 0x6, 0x7, 0x8})

0s ago: executing program 2 (id=1018):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=@updpolicy={0xfc, 0x19, 0x1, 0xfffffffc, 0x0, {{@in=@dev={0xac, 0x14, 0x14, 0x23}, @in6=@local, 0x4e22, 0x0, 0x4e24, 0x0, 0xa, 0x0, 0x60, 0x0, 0x0, 0xee01}, {0x0, 0x1000000000000401, 0x0, 0x40000000, 0x0, 0x1a, 0x1, 0xfffffffffffffffe}, {0x77, 0x3, 0x0, 0x100000000007fff}, 0x1, 0x6e6bb1, 0x1, 0x0, 0x3}, [@tmpl={0x44, 0x5, [{{@in6=@private1={0xfc, 0x1, '\x00', 0x1}, 0x4d2, 0x33}, 0xa, @in6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x3502, 0x3, 0x1, 0xe8, 0x400, 0xfffffffe, 0xb8f}]}]}, 0xfc}}, 0x0)
sendto$inet6(r0, &(0x7f0000000240)="8a", 0x1, 0x51, &(0x7f0000000080)={0xa, 0x3, 0x1, @local, 0x9}, 0x1c)

kernel console output (not intermixed with test programs):

Warning: Permanently added '[localhost]:3473' (ED25519) to the list of known hosts.
syzkaller login: [   48.324241][ T5834] cgroup: Unknown subsys name 'net'
[   48.425970][ T5834] cgroup: Unknown subsys name 'cpuset'
[   48.431378][ T5834] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   49.771094][ T5834] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   53.289266][ T5847] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   53.293102][ T5847] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   53.296579][ T5847] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   53.299853][ T5847] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   53.302996][ T5847] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   53.308098][ T5851] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   53.310632][ T5851] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   53.314403][ T5851] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   53.317410][ T5851] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   53.319922][ T5851] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   53.322935][ T5851] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   53.325890][ T5851] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   53.329301][ T5851] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   53.348674][ T5851] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   53.352961][ T5851] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   53.636495][ T5849] chnl_net:caif_netlink_parms(): no params data found
[   53.663913][ T5853] chnl_net:caif_netlink_parms(): no params data found
[   53.679958][ T5845] chnl_net:caif_netlink_parms(): no params data found
[   53.792656][ T5849] bridge0: port 1(bridge_slave_0) entered blocking state
[   53.796283][ T5849] bridge0: port 1(bridge_slave_0) entered disabled state
[   53.799395][ T5849] bridge_slave_0: entered allmulticast mode
[   53.803245][ T5849] bridge_slave_0: entered promiscuous mode
[   53.808854][ T5849] bridge0: port 2(bridge_slave_1) entered blocking state
[   53.811887][ T5849] bridge0: port 2(bridge_slave_1) entered disabled state
[   53.815024][ T5849] bridge_slave_1: entered allmulticast mode
[   53.818938][ T5849] bridge_slave_1: entered promiscuous mode
[   53.862354][ T5845] bridge0: port 1(bridge_slave_0) entered blocking state
[   53.864936][ T5845] bridge0: port 1(bridge_slave_0) entered disabled state
[   53.867335][ T5845] bridge_slave_0: entered allmulticast mode
[   53.870049][ T5845] bridge_slave_0: entered promiscuous mode
[   53.873242][ T5845] bridge0: port 2(bridge_slave_1) entered blocking state
[   53.876669][ T5845] bridge0: port 2(bridge_slave_1) entered disabled state
[   53.879129][ T5845] bridge_slave_1: entered allmulticast mode
[   53.882008][ T5845] bridge_slave_1: entered promiscuous mode
[   53.885071][ T5853] bridge0: port 1(bridge_slave_0) entered blocking state
[   53.887382][ T5853] bridge0: port 1(bridge_slave_0) entered disabled state
[   53.889761][ T5853] bridge_slave_0: entered allmulticast mode
[   53.892587][ T5853] bridge_slave_0: entered promiscuous mode
[   53.920611][ T5853] bridge0: port 2(bridge_slave_1) entered blocking state
[   53.922994][ T5853] bridge0: port 2(bridge_slave_1) entered disabled state
[   53.925823][ T5853] bridge_slave_1: entered allmulticast mode
[   53.928435][ T5853] bridge_slave_1: entered promiscuous mode
[   53.940323][ T5849] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   53.960281][ T5845] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   53.966661][ T5849] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   53.971153][ T5845] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   53.976607][ T5853] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   54.000370][ T5853] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   54.010974][ T5845] team0: Port device team_slave_0 added
[   54.022268][ T5849] team0: Port device team_slave_0 added
[   54.025253][ T5845] team0: Port device team_slave_1 added
[   54.034426][ T5849] team0: Port device team_slave_1 added
[   54.037307][ T5853] team0: Port device team_slave_0 added
[   54.048280][ T5853] team0: Port device team_slave_1 added
[   54.074127][ T5845] batman_adv: batadv0: Adding interface: batadv_slave_0
[   54.076628][ T5845] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   54.086919][ T5845] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   54.106680][ T5853] batman_adv: batadv0: Adding interface: batadv_slave_0
[   54.109350][ T5853] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   54.119166][ T5853] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   54.123399][ T5845] batman_adv: batadv0: Adding interface: batadv_slave_1
[   54.127801][ T5845] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   54.138728][ T5845] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   54.143983][ T5849] batman_adv: batadv0: Adding interface: batadv_slave_0
[   54.146717][ T5849] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   54.157318][ T5849] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   54.168185][ T5853] batman_adv: batadv0: Adding interface: batadv_slave_1
[   54.171120][ T5853] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   54.182159][ T5853] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   54.187676][ T5849] batman_adv: batadv0: Adding interface: batadv_slave_1
[   54.190548][ T5849] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   54.201273][ T5849] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   54.261982][ T5849] hsr_slave_0: entered promiscuous mode
[   54.265350][ T5849] hsr_slave_1: entered promiscuous mode
[   54.322244][ T5845] hsr_slave_0: entered promiscuous mode
[   54.325573][ T5845] hsr_slave_1: entered promiscuous mode
[   54.328382][ T5845] debugfs: 'hsr0' already exists in 'hsr'
[   54.330829][ T5845] Cannot create hsr debugfs directory
[   54.345653][ T5853] hsr_slave_0: entered promiscuous mode
[   54.348739][ T5853] hsr_slave_1: entered promiscuous mode
[   54.351733][ T5853] debugfs: 'hsr0' already exists in 'hsr'
[   54.355918][ T5853] Cannot create hsr debugfs directory
[   54.555820][ T5849] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   54.569616][ T5849] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   54.576161][ T5849] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   54.602793][ T5849] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   54.622582][ T5845] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   54.639092][ T5845] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   54.644052][ T5845] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   54.648441][ T5845] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   54.684566][ T5853] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   54.690707][ T5853] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   54.696232][ T5853] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   54.702860][ T5853] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   54.759590][ T5849] 8021q: adding VLAN 0 to HW filter on device bond0
[   54.784174][ T5849] 8021q: adding VLAN 0 to HW filter on device team0
[   54.790884][ T5845] 8021q: adding VLAN 0 to HW filter on device bond0
[   54.806129][   T26] bridge0: port 1(bridge_slave_0) entered blocking state
[   54.808561][   T26] bridge0: port 1(bridge_slave_0) entered forwarding state
[   54.812085][   T26] bridge0: port 2(bridge_slave_1) entered blocking state
[   54.814510][   T26] bridge0: port 2(bridge_slave_1) entered forwarding state
[   54.822667][ T5845] 8021q: adding VLAN 0 to HW filter on device team0
[   54.837301][   T26] bridge0: port 1(bridge_slave_0) entered blocking state
[   54.839722][   T26] bridge0: port 1(bridge_slave_0) entered forwarding state
[   54.855327][   T36] bridge0: port 2(bridge_slave_1) entered blocking state
[   54.857771][   T36] bridge0: port 2(bridge_slave_1) entered forwarding state
[   54.874035][ T5853] 8021q: adding VLAN 0 to HW filter on device bond0
[   54.904396][ T5853] 8021q: adding VLAN 0 to HW filter on device team0
[   54.914981][ T1088] bridge0: port 1(bridge_slave_0) entered blocking state
[   54.917379][ T1088] bridge0: port 1(bridge_slave_0) entered forwarding state
[   54.936084][   T26] bridge0: port 2(bridge_slave_1) entered blocking state
[   54.938573][   T26] bridge0: port 2(bridge_slave_1) entered forwarding state
[   54.952628][ T5853] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   54.964020][ T5853] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   55.014911][ T5849] 8021q: adding VLAN 0 to HW filter on device batadv0
[   55.047171][ T5845] 8021q: adding VLAN 0 to HW filter on device batadv0
[   55.076944][ T5849] veth0_vlan: entered promiscuous mode
[   55.088626][ T5849] veth1_vlan: entered promiscuous mode
[   55.091912][ T5853] 8021q: adding VLAN 0 to HW filter on device batadv0
[   55.106375][ T5845] veth0_vlan: entered promiscuous mode
[   55.115337][ T5845] veth1_vlan: entered promiscuous mode
[   55.121426][ T5849] veth0_macvtap: entered promiscuous mode
[   55.128583][ T5849] veth1_macvtap: entered promiscuous mode
[   55.144782][ T5849] batman_adv: batadv0: Interface activated: batadv_slave_0
[   55.151837][ T5849] batman_adv: batadv0: Interface activated: batadv_slave_1
[   55.158099][ T5845] veth0_macvtap: entered promiscuous mode
[   55.166784][   T12] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   55.170096][ T5845] veth1_macvtap: entered promiscuous mode
[   55.174648][   T12] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   55.181364][ T5880] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   55.187125][ T5880] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   55.197100][ T5853] veth0_vlan: entered promiscuous mode
[   55.208386][ T5845] batman_adv: batadv0: Interface activated: batadv_slave_0
[   55.221457][ T5853] veth1_vlan: entered promiscuous mode
[   55.227363][ T5845] batman_adv: batadv0: Interface activated: batadv_slave_1
[   55.238290][ T5880] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   55.241241][ T5880] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   55.250985][ T5880] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   55.260575][ T5880] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   55.267072][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   55.269738][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   55.296545][ T5853] veth0_macvtap: entered promiscuous mode
[   55.306643][ T5853] veth1_macvtap: entered promiscuous mode
[   55.306687][ T3591] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   55.313142][ T3591] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   55.329573][ T5853] batman_adv: batadv0: Interface activated: batadv_slave_0
[   55.345601][ T5853] batman_adv: batadv0: Interface activated: batadv_slave_1
[   55.352654][   T55] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   55.358596][ T5862] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   55.361689][ T5862] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   55.365040][ T5849] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   55.365120][   T55] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   55.375110][ T5851] Bluetooth: hci0: command tx timeout
[   55.375401][   T53] Bluetooth: hci1: command tx timeout
[   55.377007][ T5851] Bluetooth: hci2: command tx timeout
[   55.387561][ T5862] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   55.407557][ T5862] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   55.417503][ T1088] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   55.420144][ T1088] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   55.464807][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   55.467567][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   55.477635][ T5915] loop1: detected capacity change from 0 to 4096
[   55.492078][ T5915] ntfs3(loop1): Primary boot: invalid bytes per MFT record 12288 (3).
[   55.508621][ T5915] ntfs3(loop1): try to read out of volume at offset 0x1ffe00
[   55.512517][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   55.518396][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   55.597938][ T5922] bridge: RTM_NEWNEIGH with invalid ether address
[   56.208101][ T5954] capability: warning: `syz.1.16' uses deprecated v2 capabilities in a way that may be insecure
[   56.221486][ T5956] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[   56.397054][ T5964] netlink: 4 bytes leftover after parsing attributes in process `syz.0.21'.
[   56.750840][ T6002] bond1: entered allmulticast mode
[   56.752907][ T6002] 8021q: adding VLAN 0 to HW filter on device bond1
[   56.756547][ T6002] bridge0: port 3(bond1) entered blocking state
[   56.758811][ T6002] bridge0: port 3(bond1) entered disabled state
[   56.762170][ T6002] bond1: entered promiscuous mode
[   56.765055][ T6002] bridge0: port 3(bond1) entered blocking state
[   56.767308][ T6002] bridge0: port 3(bond1) entered forwarding state
[   56.772403][ T3627] bridge0: port 3(bond1) entered disabled state
[   56.854375][ T5901] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[   57.004376][ T5901] usb 3-1: Using ep0 maxpacket: 16
[   57.010576][ T5901] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   57.016760][ T5901] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   57.019919][ T5901] usb 3-1: New USB device found, idVendor=6161, idProduct=4d15, bcdDevice= 0.00
[   57.022754][ T5901] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   57.044210][ T5901] usb 3-1: config 0 descriptor??
[   57.114187][ T6012] netlink: 24 bytes leftover after parsing attributes in process `syz.1.42'.
[   57.323139][ T6013] netlink: 'syz.2.31': attribute type 1 has an invalid length.
[   57.456259][ T5851] Bluetooth: hci1: command tx timeout
[   57.456521][ T5852] Bluetooth: hci0: command tx timeout
[   57.458460][ T5851] Bluetooth: hci2: command tx timeout
[   58.435933][ T6032] warning: `syz.1.51' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[   58.748137][ T6035] loop1: detected capacity change from 0 to 4096
[   58.778529][ T6035] =======================================================
[   58.778529][ T6035] WARNING: The mand mount option has been deprecated and
[   58.778529][ T6035]          and is ignored by this kernel. Remove the mand
[   58.778529][ T6035]          option from the mount to silence this warning.
[   58.778529][ T6035] =======================================================
[   58.928745][ T6035] ntfs3(loop1): try to read out of volume at offset 0x3fffffc0c00
[   58.941922][ T6035] ntfs3(loop1): try to read out of volume at offset 0x3fffffc0c00
[   58.963745][ T6035] ntfs3(loop1): try to read out of volume at offset 0x3fffffc0c00
[   58.968353][ T6035] ntfs3(loop1): try to read out of volume at offset 0x3fffffc0c00
[   58.971209][ T6035] ntfs3(loop1): try to read out of volume at offset 0x3fffffc1c00
[   58.980285][ T6035] ntfs3(loop1): try to read out of volume at offset 0x3fffffc2c00
[   58.983062][ T6035] ntfs3(loop1): try to read out of volume at offset 0x3fffffc4c00
[   58.988719][ T6035] ntfs3(loop1): try to read out of volume at offset 0x3fffffc8c00
[   58.991914][ T6035] ntfs3(loop1): try to read out of volume at offset 0x3fffffd0c00
[   58.996236][ T6035] ntfs3(loop1): try to read out of volume at offset 0x3fffffe0c00
[   59.138390][ T5901] usbhid 3-1:0.0: can't add hid device: -71
[   59.140459][ T5901] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[   59.146118][ T5901] usb 3-1: USB disconnect, device number 2
[   59.148430][ T6039] netlink: 12 bytes leftover after parsing attributes in process `syz.1.53'.
[   59.388378][ T6049] netlink: 'syz.0.57': attribute type 1 has an invalid length.
[   59.534374][ T5851] Bluetooth: hci2: command tx timeout
[   59.543675][ T5851] Bluetooth: hci0: command tx timeout
[   59.543890][ T5852] Bluetooth: hci1: command tx timeout
[   59.645662][ T6054] loop1: detected capacity change from 0 to 32768
[   59.687151][ T6054] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[   59.758478][ T5849] (syz-executor,5849,0):ocfs2_inode_is_valid_to_delete:948 ERROR: Skipping delete of system file 72
[   59.779428][ T5849] ocfs2: Unmounting device (7,1) on (node local)
[   59.945869][ T6086] loop2: detected capacity change from 0 to 128
[   59.967195][ T6086] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   59.983806][ T6086] ext4 filesystem being mounted at /13/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   60.030768][ T5845] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   60.185945][ T6104] tipc: Enabling of bearer </h:s> rejected, media not registered
[   60.204452][ T6106] netlink: 'syz.2.82': attribute type 10 has an invalid length.
[   60.211496][ T6106] 8021q: adding VLAN 0 to HW filter on device batadv0
[   60.216134][ T6106] bond0: (slave batadv0): Enslaving as an active interface with an up link
[   60.230983][ T6109] netlink: 8 bytes leftover after parsing attributes in process `syz.0.83'.
[   60.261553][ T6106] syz.2.82 (6106) used greatest stack depth: 19352 bytes left
[   60.477034][ T6137] netlink: 24 bytes leftover after parsing attributes in process `syz.0.97'.
[   60.501719][ T6140] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[   60.520431][ T6140] CIFS mount error: No usable UNC path provided in device string!
[   60.520431][ T6140] 
[   60.525753][ T6140] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[   60.666158][ T6158] openvswitch: netlink: Missing key (keys=40, expected=200000)
[   60.708385][ T5852] Bluetooth: hci1: unexpected event 0x3e length: 283 > 260
[   60.708401][ T5852] Bluetooth: hci1: unexpected subevent 0x0d length: 282 > 260
[   60.714577][ T5852] Bluetooth: hci1: adv larger than maximum supported
[   60.714710][ T5852] Bluetooth: hci1: adv larger than maximum supported
[   60.734311][ T6163] syz.1.111 uses obsolete (PF_INET,SOCK_PACKET)
[   60.856536][ T6175] bridge1: entered promiscuous mode
[   60.912752][ T6181] RDS: rds_bind could not find a transport for fe88::2, load rds_tcp or rds_rdma?
[   60.956479][ T6183] netlink: 8 bytes leftover after parsing attributes in process `syz.2.120'.
[   60.959536][ T6183] netlink: 8 bytes leftover after parsing attributes in process `syz.2.120'.
[   60.976829][  T792] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[   61.142284][  T792] usb 1-1: New USB device found, idVendor=8086, idProduct=0110, bcdDevice=bf.ad
[   61.153464][  T792] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   61.164882][  T792] usb 1-1: config 0 descriptor??
[   61.182324][  T792] gspca_main: spca508-2.14.0 probing 8086:0110
[   61.345638][ T6210] mac80211_hwsim hwsim4 wlan0: entered promiscuous mode
[   61.375424][  T792] gspca_spca508: reg_read err -32
[   61.379963][  T792] gspca_spca508: reg_read err -32
[   61.393858][  T792] gspca_spca508: reg_read err -32
[   61.401081][ T6212] netlink: 76 bytes leftover after parsing attributes in process `syz.2.134'.
[   61.597923][  T792] gspca_spca508: reg_read err -71
[   61.604099][  T792] gspca_spca508: reg write: error -71
[   61.605990][  T792] spca508 1-1:0.0: probe with driver spca508 failed with error -71
[   61.616655][ T5852] Bluetooth: hci0: command tx timeout
[   61.616709][ T5851] Bluetooth: hci2: command tx timeout
[   61.618688][   T53] Bluetooth: hci1: command tx timeout
[   61.765370][ T6223] process 'syz.2.139' launched './file0' with NULL argv: empty string added
[   61.779966][  T792] usb 1-1: USB disconnect, device number 2
[   61.802488][ T6225] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   62.179635][ T6239] loop2: detected capacity change from 0 to 512
[   62.185622][ T6239] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   62.189761][ T6239] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   62.311645][ T6239] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck.
[   62.319529][ T6239] EXT4-fs (loop2): 1 truncate cleaned up
[   62.328889][ T6239] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   62.349726][ T6239] bpf: Bad value for 'mode'
[   62.492604][ T6243] netlink: 'syz.1.147': attribute type 1 has an invalid length.
[   63.078009][ T5845] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   63.099253][ T6251] loop1: detected capacity change from 0 to 32768
[   63.126246][ T6251] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[   63.154300][   T24] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[   63.159006][ T6251] XFS (loop1): Ending clean mount
[   63.198525][ T5849] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[   63.305302][   T24] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   63.313793][   T24] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   63.317735][   T24] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00
[   63.337129][   T24] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   63.347490][   T24] usb 1-1: config 0 descriptor??
[   63.760795][   T24] pyra 0003:1E7D:2CF6.0001: unknown main item tag 0x0
[   63.763193][   T24] pyra 0003:1E7D:2CF6.0001: unknown main item tag 0x0
[   63.775778][   T24] pyra 0003:1E7D:2CF6.0001: unknown main item tag 0x0
[   63.778163][   T24] pyra 0003:1E7D:2CF6.0001: unknown main item tag 0x0
[   63.780512][   T24] pyra 0003:1E7D:2CF6.0001: unknown main item tag 0x0
[   63.782833][   T24] pyra 0003:1E7D:2CF6.0001: unknown main item tag 0x0
[   63.785636][   T24] pyra 0003:1E7D:2CF6.0001: unknown main item tag 0x0
[   63.792556][   T24] pyra 0003:1E7D:2CF6.0001: hidraw0: USB HID v0.00 Device [HID 1e7d:2cf6] on usb-dummy_hcd.0-1/input0
[   64.003659][ T5965] usb 3-1: new full-speed USB device number 3 using dummy_hcd
[   64.155335][ T5965] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64
[   64.159696][ T5965] usb 3-1: New USB device found, idVendor=050d, idProduct=3201, bcdDevice= 0.00
[   64.163084][ T5965] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   64.169230][ T5965] usb 3-1: config 0 descriptor??
[   64.172098][ T6290] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[   64.585165][ T5965] belkin 0003:050D:3201.0002: item fetching failed at offset 0/3
[   64.589625][ T5965] belkin 0003:050D:3201.0002: parse failed
[   64.591853][ T5965] belkin 0003:050D:3201.0002: probe with driver belkin failed with error -22
[   64.714486][    T9] usb 2-1: new full-speed USB device number 2 using dummy_hcd
[   64.777485][   T24] pyra 0003:1E7D:2CF6.0001: couldn't init struct pyra_device
[   64.780581][   T24] pyra 0003:1E7D:2CF6.0001: couldn't install mouse
[   64.786845][   T24] pyra 0003:1E7D:2CF6.0001: probe with driver pyra failed with error -71
[   64.791109][ T5965] usb 3-1: USB disconnect, device number 3
[   64.796535][   T24] usb 1-1: USB disconnect, device number 3
[   64.867440][    T9] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   64.871797][    T9] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[   64.876432][    T9] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[   64.881036][    T9] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[   64.885118][    T9] usb 2-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[   64.891423][    T9] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a5, bcdDevice= 0.40
[   64.895381][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[   64.898744][    T9] usb 2-1: SerialNumber: syz
[   64.909652][    T9] cdc_ether 2-1:1.0: probe with driver cdc_ether failed with error -22
[   64.912564][    T9] usb-storage 2-1:1.0: USB Mass Storage device detected
[   64.917961][    T9] usb-storage 2-1:1.0: Quirks match for vid 0525 pid a4a5: 10000
[   65.116966][   T24] usb 2-1: USB disconnect, device number 2
[   65.450328][ T6320] netlink: 'syz.2.178': attribute type 1 has an invalid length.
[   65.520794][ T6326] netlink: 'syz.0.181': attribute type 4 has an invalid length.
[   65.684150][ T5965] IPVS: starting estimator thread 0...
[   65.695778][ T6338] tipc: Started in network mode
[   65.697776][ T6338] tipc: Node identity ac1414aa, cluster identity 4711
[   65.700998][ T6338] tipc: Enabled bearer <udp:s>, priority 10
[   65.793556][ T6339] IPVS: using max 81 ests per chain, 194400 per kthread
[   65.960722][ T6371] netlink: 12 bytes leftover after parsing attributes in process `syz.1.203'.
[   66.063364][ T6378] ubi31: attaching mtd0
[   66.079884][ T6378] ubi31: scanning is finished
[   66.083522][ T6378] ubi31: empty MTD device detected
[   66.083788][ T5965] usb 3-1: new full-speed USB device number 4 using dummy_hcd
[   66.170535][ T6378] ubi31: attached mtd0 (name "mtdram test device", size 0 MiB)
[   66.174650][ T6378] ubi31: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[   66.177532][ T6378] ubi31: min./max. I/O unit sizes: 1/64, sub-page size 1
[   66.180310][ T6378] ubi31: VID header offset: 64 (aligned 64), data offset: 128
[   66.183245][ T6378] ubi31: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[   66.185823][ T6378] ubi31: user volume: 0, internal volumes: 1, max. volumes count: 23
[   66.190533][ T6378] ubi31: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 342051898
[   66.195667][ T6378] ubi31: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[   66.200496][ T6381] ubi31: background thread "ubi_bgt31d" started, PID 6381
[   66.278090][ T5965] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   66.282555][ T5965] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[   66.291811][ T5965] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[   66.298160][ T5965] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[   66.302759][ T5965] usb 3-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[   66.323992][ T5965] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a5, bcdDevice= 0.40
[   66.328191][ T5965] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[   66.331935][ T5965] usb 3-1: SerialNumber: syz
[   66.379570][ T5965] cdc_ether 3-1:1.0: probe with driver cdc_ether failed with error -22
[   66.384480][ T5965] usb-storage 3-1:1.0: USB Mass Storage device detected
[   66.402198][ T5965] usb-storage 3-1:1.0: Quirks match for vid 0525 pid a4a5: 10000
[   66.457437][ T6389] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   66.647424][ T5901] usb 3-1: USB disconnect, device number 4
[   66.827214][ T5965] tipc: Node number set to 2886997162
[   67.768143][ T6410] bridge0: port 1(bridge_slave_0) entered disabled state
[   67.792975][ T6410] bridge0: port 2(bridge_slave_1) entered disabled state
[   68.146493][ T5572] usb 3-1: new full-speed USB device number 5 using dummy_hcd
[   68.214301][ T5965] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[   68.294934][ T5572] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 64, changing to 4
[   68.299138][ T5572] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0
[   68.304142][ T5572] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[   68.307158][ T5572] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   68.309905][ T5572] usb 3-1: Product: syz
[   68.310433][ T6432] loop0: detected capacity change from 0 to 32768
[   68.311236][ T5572] usb 3-1: Manufacturer: syz
[   68.311250][ T5572] usb 3-1: SerialNumber: syz
[   68.321291][ T6432] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.230 (6432)
[   68.331847][ T6432] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[   68.336055][ T6432] BTRFS info (device loop0): using sha256 (sha256-lib) checksum algorithm
[   68.339392][ T6432] BTRFS info (device loop0): using free-space-tree
[   68.361705][ T6432] BTRFS info (device loop0): rebuilding free space tree
[   68.379682][ T6432] BTRFS info (device loop0): checking UUID tree
[   68.383689][ T5965] usb 2-1: Using ep0 maxpacket: 32
[   68.387464][ T5965] usb 2-1: config 0 has an invalid interface number: 12 but max is 0
[   68.390202][ T5965] usb 2-1: config 0 has no interface number 0
[   68.397998][ T5965] usb 2-1: config 0 interface 12 has no altsetting 0
[   68.406568][ T5965] usb 2-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=70.40
[   68.409623][ T5965] usb 2-1: New USB device strings: Mfr=231, Product=2, SerialNumber=3
[   68.412305][ T5965] usb 2-1: Product: syz
[   68.424662][ T5965] usb 2-1: Manufacturer: syz
[   68.426739][ T5965] usb 2-1: SerialNumber: syz
[   68.437448][ T1089] BTRFS info (device loop0): cannot satisfy tickets, dumping space info
[   68.441219][ T1089] BTRFS info (device loop0): space_info DATA+METADATA (sub-group id 0) has 10039296 free, is full
[   68.445713][ T1089] BTRFS info (device loop0): space_info total=11534336, used=53248, pinned=0, reserved=0, may_use=1441792, readonly=0 zone_unusable=0
[   68.451137][ T1089] BTRFS info (device loop0): failing ticket with 134217728 bytes
[   68.456223][ T6432] BTRFS info (device loop0): space_info DATA+METADATA (sub-group id 0) has 10039296 free, is full
[   68.459844][ T6432] BTRFS info (device loop0): space_info total=11534336, used=53248, pinned=0, reserved=0, may_use=1441792, readonly=0 zone_unusable=0
[   68.464954][ T6432] BTRFS info (device loop0): global_block_rsv: size 1441792 reserved 1441792
[   68.468309][ T6432] BTRFS info (device loop0): trans_block_rsv: size 0 reserved 0
[   68.471185][ T6432] BTRFS info (device loop0): chunk_block_rsv: size 0 reserved 0
[   68.474384][ T6432] BTRFS info (device loop0): delayed_block_rsv: size 0 reserved 0
[   68.477058][ T6432] BTRFS info (device loop0): delayed_refs_rsv: size 0 reserved 0
[   68.480218][ T5965] usb 2-1: config 0 descriptor??
[   68.526141][ T5853] BTRFS info (device loop0): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[   68.531258][ T5572] usb 3-1: 2:1 : unknown format tag 0x3 is detected.  processed as MPEG.
[   68.535003][ T5572] usb 3-1: found format II with max.bitrate = 3, frame size=7
[   68.538571][ T5572] usb 3-1: 2:1 : unknown format tag 0x3 is detected.  processed as MPEG.
[   68.541574][ T5572] usb 3-1: found format II with max.bitrate = 3, frame size=7
[   68.629703][ T5572] usb 3-1: USB disconnect, device number 5
[   68.742188][ T6453] udevd[6453]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[   69.068868][ T6459] loop0: detected capacity change from 0 to 512
[   69.091137][ T6459] EXT4-fs error (device loop0): ext4_read_inode_bitmap:139: comm syz.0.238: Invalid inode bitmap blk 4 in block_group 0
[   69.119169][ T6459] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   69.176717][ T5853] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   69.537550][ T6486] loop2: detected capacity change from 0 to 2048
[   69.566219][ T6486] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   69.571011][ T6486] ext4 filesystem being mounted at /88/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   69.602382][ T6486] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.244: bg 0: block 345: padding at end of block bitmap is not set
[   69.644122][ T5845] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   69.737042][ T6495] loop2: detected capacity change from 0 to 2048
[   69.748923][ T6495] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[   69.759216][   T33] audit: type=1800 audit(1755402405.758:2): pid=6495 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.248" name="bus" dev="loop2" ino=1436 res=0 errno=0
[   71.078340][ T5965] f81534 2-1:0.12: f81534_get_register: reg: 1003 failed: -71
[   71.090514][ T5965] f81534 2-1:0.12: f81534_find_config_idx: read failed: -71
[   71.298707][ T1363] ieee802154 phy0 wpan0: encryption failed: -22
[   71.301425][ T1363] ieee802154 phy1 wpan1: encryption failed: -22
[   71.373668][ T5965] f81534 2-1:0.12: f81534_calc_num_ports: find idx failed: -71
[   71.377077][ T5965] f81534 2-1:0.12: probe with driver f81534 failed with error -71
[   71.474574][ T5965] usb 2-1: USB disconnect, device number 3
[   71.624687][ T6556] loop0: detected capacity change from 0 to 2048
[   71.647755][ T6556] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   71.662670][ T6556] ext4 filesystem being mounted at /92/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   71.688891][ T6556] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.274: bg 0: block 345: padding at end of block bitmap is not set
[   71.723149][ T5853] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   72.797334][ T6622] loop1: detected capacity change from 0 to 4096
[   72.822805][ T6623] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   73.140362][ T6639] netlink: 24 bytes leftover after parsing attributes in process `syz.0.310'.
[   73.511960][ T6649] netlink: 24 bytes leftover after parsing attributes in process `syz.0.315'.
[   73.873078][ T6636] syz.1.306 (6636): drop_caches: 2
[   73.916815][   T33] audit: type=1326 audit(1755402409.918:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6657 comm="syz.0.318" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f709178ebe9 code=0x7ffc0000
[   73.917033][ T6659] syz.0.318 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[   73.929376][   T33] audit: type=1326 audit(1755402409.918:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6657 comm="syz.0.318" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f709178ebe9 code=0x7ffc0000
[   73.941264][   T33] audit: type=1326 audit(1755402409.918:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6657 comm="syz.0.318" exe="/syz-executor" sig=0 arch=c000003e syscall=38 compat=0 ip=0x7f709178ebe9 code=0x7ffc0000
[   73.953947][   T33] audit: type=1326 audit(1755402409.938:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6657 comm="syz.0.318" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f709178ebe9 code=0x7ffc0000
[   74.036710][ T6666] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[   74.113128][ T6670] loop0: detected capacity change from 0 to 2048
[   74.145408][ T6670] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[   74.560636][ T6684] kAFS: unable to lookup cell '.,'
[   74.667434][ T5572] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[   74.843630][ T5572] usb 2-1: Using ep0 maxpacket: 8
[   74.856167][ T5572] usb 2-1: New USB device found, idVendor=2770, idProduct=9120, bcdDevice=6c.77
[   74.859736][ T5572] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   74.862463][ T5572] usb 2-1: Product: syz
[   74.877761][ T5572] usb 2-1: Manufacturer: syz
[   74.879316][ T5572] usb 2-1: SerialNumber: syz
[   74.889560][ T5572] usb 2-1: config 0 descriptor??
[   74.898079][ T5572] gspca_main: sq905-2.14.0 probing 2770:9120
[   75.003769][ T6696] Bluetooth: MGMT ver 1.23
[   75.407676][ T5572] gspca_sq905: sq905_command: usb_control_msg failed (-110)
[   75.410480][ T5572] sq905 2-1:0.0: probe with driver sq905 failed with error -110
[   75.753957][ T6700] netlink: 24 bytes leftover after parsing attributes in process `syz.2.338'.
[   75.961315][ T6704] loop0: detected capacity change from 0 to 40427
[   75.968041][ T6704] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[   75.971296][ T6704] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[   75.978003][ T6704] F2FS-fs (loop0): invalid crc value
[   76.001427][ T6717] fuse: Bad value for 'fd'
[   76.012705][ T6704] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[   76.018672][ T6704] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[   76.021344][ T6704] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[   76.047412][ T6704] syz.0.345: attempt to access beyond end of device
[   76.047412][ T6704] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   76.308363][   T53] Bluetooth: hci2: unexpected subevent 0x01 length: 11 < 18
[   76.444772][ T6724] loop0: detected capacity change from 0 to 40427
[   76.448916][ T6724] f2fs: Unknown parameter ''
[   77.054153][ T5852] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[   77.061306][ T5852] Bluetooth: hci0: command 0x0c1a tx timeout
[   77.467100][  T792] usb 2-1: USB disconnect, device number 4
[   77.609834][ T6751] tmpfs: Bad value for 'mpol'
[   77.733568][ T6763] netlink: 20 bytes leftover after parsing attributes in process `syz.1.367'.
[   78.093329][ T6767] loop0: detected capacity change from 0 to 32768
[   78.097711][ T6773] loop1: detected capacity change from 0 to 16
[   78.101093][ T6767] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.369 (6767)
[   78.121486][ T6773] erofs (device loop1): mounted with root inode @ nid 36.
[   78.152645][ T6767] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[   78.168029][ T6767] BTRFS info (device loop0): using sha256 (sha256-lib) checksum algorithm
[   78.172905][ T6767] BTRFS info (device loop0): using free-space-tree
[   78.492838][ T5853] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[   79.352433][ T6811] netlink: 24 bytes leftover after parsing attributes in process `syz.0.376'.
[   80.360236][ T6822] orangefs_devreq_write_iter: total:0: must be at least:8240:
[   80.843528][  T792] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[   80.993542][  T792] usb 2-1: Using ep0 maxpacket: 16
[   80.998097][  T792] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   81.002880][  T792] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   81.008675][  T792] usb 2-1: New USB device found, idVendor=6161, idProduct=4d15, bcdDevice= 0.00
[   81.012641][  T792] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   81.019080][  T792] usb 2-1: config 0 descriptor??
[   81.303327][ T6844] netlink: 'syz.1.388': attribute type 1 has an invalid length.
[   81.548130][  T791] cfg80211: failed to load regulatory.db
[   81.791456][ T6853] loop0: detected capacity change from 0 to 1024
[   81.812874][ T6853] EXT4-fs: Ignoring removed bh option
[   81.872163][ T6853] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   82.035246][ T5853] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   82.102727][ T6861] tipc: Started in network mode
[   82.107531][ T6861] tipc: Node identity 7f000001, cluster identity 4711
[   82.115742][ T6861] tipc: Enabled bearer <udp:syz2>, priority 10
[   82.681218][  T792] usbhid 2-1:0.0: can't add hid device: -71
[   82.683279][  T792] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[   82.696128][  T792] usb 2-1: USB disconnect, device number 5
[   82.718567][ T6887] Driver unsupported XDP return value 0 on prog  (id 46) dev N/A, expect packet loss!
[   82.832330][ T6900] pim6reg: entered allmulticast mode
[   82.882057][ T6905] netlink: 84 bytes leftover after parsing attributes in process `syz.2.412'.
[   82.919963][ T6907] gre1: entered promiscuous mode
[   82.923354][ T6907] gre1: entered allmulticast mode
[   83.071029][ T6925] loop0: detected capacity change from 0 to 1024
[   83.084301][ T6925] hfsplus: failed to load root directory
[   83.234621][   T51] tipc: Node number set to 2130706433
[   83.465926][ T6938] Invalid ELF header magic: != ELF
[   83.656094][ T6941] netlink: 'syz.1.429': attribute type 10 has an invalid length.
[   83.682124][ T6941] bond0: (slave bridge0): Enslaving as an active interface with an up link
[   83.962047][ T6954] loop1: detected capacity change from 0 to 512
[   83.975048][ T6954] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   83.984863][ T6956] netlink: 'syz.0.437': attribute type 10 has an invalid length.
[   83.991443][ T6956] 8021q: adding VLAN 0 to HW filter on device batadv0
[   83.999704][ T6956] bond0: (slave batadv0): Enslaving as an active interface with an up link
[   84.024539][ T6954] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 546, start 22000003)
[   84.029889][ T6954] FAT-fs (loop1): Filesystem has been set read-only
[   84.034965][ T6954] FAT-fs (loop1): error, invalid access to FAT (entry 0x22000003)
[   84.077160][ T6960] netlink: 'syz.0.439': attribute type 10 has an invalid length.
[   84.080198][ T6960] bridge0: port 2(bridge_slave_1) entered disabled state
[   84.082942][ T6960] bridge0: port 1(bridge_slave_0) entered disabled state
[   84.091708][ T6960] bridge0: port 2(bridge_slave_1) entered blocking state
[   84.094679][ T6960] bridge0: port 2(bridge_slave_1) entered forwarding state
[   84.097933][ T6960] bridge0: port 1(bridge_slave_0) entered blocking state
[   84.100469][ T6960] bridge0: port 1(bridge_slave_0) entered forwarding state
[   84.112764][ T6960] bond0: (slave bridge0): Enslaving as an active interface with an up link
[   84.211438][ T6974] bond1: entered allmulticast mode
[   84.214213][ T6974] 8021q: adding VLAN 0 to HW filter on device bond1
[   84.219053][ T6974] bridge0: port 3(bond1) entered blocking state
[   84.221671][ T6974] bridge0: port 3(bond1) entered disabled state
[   84.226498][ T6974] bond1: entered promiscuous mode
[   84.229598][ T6974] bridge0: port 3(bond1) entered blocking state
[   84.231852][ T6974] bridge0: port 3(bond1) entered forwarding state
[   84.357785][ T6970] loop0: detected capacity change from 0 to 32768
[   84.472910][ T6977] loop1: detected capacity change from 0 to 32768
[   84.481376][ T6977] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.447 (6977)
[   84.490723][ T6977] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[   84.496004][ T6977] BTRFS info (device loop1): using sha256 (sha256-lib) checksum algorithm
[   84.498862][ T6977] BTRFS info (device loop1): using free-space-tree
[   84.588411][ T5849] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[   84.652599][ T3227] bridge0: port 3(bond1) entered disabled state
[   84.671313][ T7014] ieee802154 phy0 wpan0: encryption failed: -22
[   85.147430][ T7040] loop1: detected capacity change from 0 to 256
[   85.164343][ T7040] FAT-fs (loop1): Directory bread(block 64) failed
[   85.166681][ T7040] FAT-fs (loop1): Directory bread(block 65) failed
[   85.168992][ T7040] FAT-fs (loop1): Directory bread(block 66) failed
[   85.171219][ T7040] FAT-fs (loop1): Directory bread(block 67) failed
[   85.176115][ T7040] FAT-fs (loop1): Directory bread(block 68) failed
[   85.178917][ T7040] FAT-fs (loop1): Directory bread(block 69) failed
[   85.181199][ T7040] FAT-fs (loop1): Directory bread(block 70) failed
[   85.183638][ T7040] FAT-fs (loop1): Directory bread(block 71) failed
[   85.185908][ T7040] FAT-fs (loop1): Directory bread(block 72) failed
[   85.188121][ T7040] FAT-fs (loop1): Directory bread(block 73) failed
[   85.202963][ T7042] mac80211_hwsim hwsim7 `: renamed from wlan1 (while UP)
[   85.267728][ T7046] loop1: detected capacity change from 0 to 1764
[   85.498041][ T7062] loop1: detected capacity change from 0 to 128
[   85.504064][ T7062] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[   85.521001][ T7062] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[   85.637445][ T7070] capability: warning: `syz.1.478' uses 32-bit capabilities (legacy support in use)
[   85.740309][ T7076] loop1: detected capacity change from 0 to 764
[   85.893690][  T792] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[   85.942426][ T7079] netlink: 24 bytes leftover after parsing attributes in process `syz.2.481'.
[   86.059508][  T792] usb 1-1: Using ep0 maxpacket: 8
[   86.151520][  T792] usb 1-1: config 1 contains an unexpected descriptor of type 0x1, skipping
[   86.167909][  T792] usb 1-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[   86.198232][  T792] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[   86.212738][  T792] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[   86.216447][  T792] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   86.219264][  T792] usb 1-1: Product: syz
[   86.220857][  T792] usb 1-1: Manufacturer: syz
[   86.222565][  T792] usb 1-1: SerialNumber: syz
[   86.684724][  T792] usb 1-1: 0:2 : does not exist
[   86.807535][ T7094] cgroup: Bad value for 'name'
[   86.855629][ T7098] overlayfs: failed to clone upperpath
[   86.875642][  T791] usb 1-1: USB disconnect, device number 4
[   87.083069][ T7118] fuse: Bad value for 'fd'
[   87.094898][ T7120] loop1: detected capacity change from 0 to 512
[   87.104378][ T7120] EXT4-fs error (device loop1): ext4_orphan_get:1392: inode #15: comm syz.1.502: casefold flag without casefold feature
[   87.115271][ T7120] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.502: couldn't read orphan inode 15 (err -117)
[   87.128385][ T7120] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   87.159164][ T5849] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   88.319138][ T7187] loop1: detected capacity change from 0 to 1024
[   88.348158][ T1089] hfsplus: b-tree write err: -5, ino 4
[   88.491144][ T7207] netlink: 'syz.0.538': attribute type 12 has an invalid length.
[   88.604967][ T7222] netlink: 88 bytes leftover after parsing attributes in process `syz.2.545'.
[   88.609180][ T7222] netlink: 48 bytes leftover after parsing attributes in process `syz.2.545'.
[   88.662189][ T7226] netlink: 128 bytes leftover after parsing attributes in process `syz.2.547'.
[   88.682652][ T5852] Bluetooth: hci0: unexpected event for opcode 0x0c23
[   88.743647][   T10] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[   88.928225][   T10] usb 2-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a
[   88.932257][   T10] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   88.943940][   T10] usb 2-1: Product: syz
[   88.945876][   T10] usb 2-1: Manufacturer: syz
[   88.951484][   T10] usb 2-1: SerialNumber: syz
[   88.962949][   T10] usb 2-1: config 0 descriptor??
[   89.273519][   T24] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[   89.423516][   T24] usb 1-1: Using ep0 maxpacket: 32
[   89.427249][   T24] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   89.435878][   T24] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   89.443804][   T24] usb 1-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[   89.451737][   T24] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   89.456701][   T24] usb 1-1: config 0 descriptor??
[   89.464621][   T24] hub 1-1:0.0: USB hub found
[   89.678047][   T24] hub 1-1:0.0: config failed, can't read hub descriptor (err -90)
[   89.975087][   T10] usb 2-1: Firmware version (0.0) predates our first public release.
[   89.983012][   T10] usb 2-1: Please update to version 0.2 or newer
[   90.043264][   T10] usb 2-1: USB disconnect, device number 6
[   90.086297][   T24] hid-generic 0003:046D:C31C.0003: item fetching failed at offset 0/1
[   90.089440][   T24] hid-generic 0003:046D:C31C.0003: probe with driver hid-generic failed with error -22
[   90.397339][   T24] usb 1-1: USB disconnect, device number 5
[   90.479177][ T7273] netlink: 'syz.2.568': attribute type 4 has an invalid length.
[   90.489976][ T7273] netlink: 'syz.2.568': attribute type 4 has an invalid length.
[   90.535361][ T7278] loop1: detected capacity change from 0 to 16
[   90.548231][ T7278] erofs (device loop1): mounted with root inode @ nid 36.
[   90.562805][ T7278] erofs (device loop1): read error -22 @ 43 of nid 36
[   90.893538][  T792] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[   90.999017][ T7296] binder: 7295:7296 ioctl c0306201 2000000003c0 returned -14
[   91.002376][ T7296] binder_alloc: 7295: binder_alloc_buf size 4120 failed, no address space
[   91.009734][ T7296] binder_alloc: allocated: 0 (num: 0 largest: 0), free: 4096 (num: 1 largest: 4096)
[   91.057980][  T792] usb 2-1: New USB device found, idVendor=13d8, idProduct=0011, bcdDevice=d0.62
[   91.061649][  T792] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   91.065284][  T792] usb 2-1: Product: syz
[   91.066779][  T792] usb 2-1: Manufacturer: syz
[   91.068451][  T792] usb 2-1: SerialNumber: syz
[   91.081066][  T792] usb 2-1: config 0 descriptor??
[   91.098456][  T792] usb 2-1: selecting invalid altsetting 1
[   91.100498][  T792] comedi comedi5: could not switch to alternate setting 1
[   91.102893][  T792] usbduxfast 2-1:0.0: driver 'usbduxfast' failed to auto-configure device.
[   91.289810][  T792] usb 2-1: USB disconnect, device number 7
[   91.409251][ T7306] loop0: detected capacity change from 0 to 32768
[   91.625720][   T33] audit: type=1326 audit(1755402427.628:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7319 comm="syz.0.590" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f709178ebe9 code=0x7ffc0000
[   91.632836][   T33] audit: type=1326 audit(1755402427.628:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7319 comm="syz.0.590" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f709178ebe9 code=0x7ffc0000
[   91.649506][   T33] audit: type=1326 audit(1755402427.648:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7319 comm="syz.0.590" exe="/syz-executor" sig=0 arch=c000003e syscall=430 compat=0 ip=0x7f709178ebe9 code=0x7ffc0000
[   91.657908][   T33] audit: type=1326 audit(1755402427.648:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7319 comm="syz.0.590" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f709178ebe9 code=0x7ffc0000
[   91.666158][   T33] audit: type=1326 audit(1755402427.648:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7319 comm="syz.0.590" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f709178ebe9 code=0x7ffc0000
[   91.674675][   T33] audit: type=1326 audit(1755402427.658:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7319 comm="syz.0.590" exe="/syz-executor" sig=0 arch=c000003e syscall=431 compat=0 ip=0x7f709178ebe9 code=0x7ffc0000
[   91.683204][   T33] audit: type=1326 audit(1755402427.658:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7319 comm="syz.0.590" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f709178ebe9 code=0x7ffc0000
[   91.692742][   T33] audit: type=1326 audit(1755402427.658:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7319 comm="syz.0.590" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f709178ebe9 code=0x7ffc0000
[   91.701869][   T33] audit: type=1326 audit(1755402427.658:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7319 comm="syz.0.590" exe="/syz-executor" sig=0 arch=c000003e syscall=432 compat=0 ip=0x7f709178ebe9 code=0x7ffc0000
[   91.710990][   T33] audit: type=1326 audit(1755402427.658:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7319 comm="syz.0.590" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f709178ebe9 code=0x7ffc0000
[   92.532947][ T7346] loop0: detected capacity change from 0 to 4096
[   92.556762][ T7346] NILFS (loop0): invalid segment: Checksum error in segment payload
[   92.560448][ T7346] NILFS (loop0): trying rollback from an earlier position
[   92.589030][ T7346] NILFS (loop0): recovery complete
[   92.877798][    T9] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[   92.953585][   T24] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[   93.033547][    T9] usb 2-1: Using ep0 maxpacket: 8
[   93.037221][    T9] usb 2-1: unable to get BOS descriptor or descriptor too short
[   93.041091][    T9] usb 2-1: config 7 has an invalid interface number: 148 but max is 0
[   93.044657][    T9] usb 2-1: config 7 has no interface number 0
[   93.048625][    T9] usb 2-1: New USB device found, idVendor=0f11, idProduct=1000, bcdDevice=1c.76
[   93.051859][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   93.055511][    T9] usb 2-1: Product: syz
[   93.056965][    T9] usb 2-1: Manufacturer: syz
[   93.058609][    T9] usb 2-1: SerialNumber: syz
[   93.103521][   T24] usb 1-1: Using ep0 maxpacket: 32
[   93.111198][   T24] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   93.121946][   T24] usb 1-1: New USB device found, idVendor=05ac, idProduct=0265, bcdDevice= 0.00
[   93.127329][   T24] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   93.132828][   T24] usb 1-1: config 0 descriptor??
[   93.284110][    T9] ldusb 2-1:7.148: Interrupt in endpoint not found
[   93.290065][    T9] usb 2-1: USB disconnect, device number 8
[   93.552256][   T24] magicmouse 0003:05AC:0265.0004: hidraw0: USB HID v0.00 Device [HID 05ac:0265] on usb-dummy_hcd.0-1/input0
[   93.749122][    T9] usb 1-1: USB disconnect, device number 6
[   94.452010][ T7388] netlink: 8 bytes leftover after parsing attributes in process `syz.2.620'.
[   94.457703][ T7388] netlink: 8 bytes leftover after parsing attributes in process `syz.2.620'.
[   95.448736][ T7414] loop1: detected capacity change from 0 to 40427
[   95.453887][ T7414] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[   95.457306][ T7414] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[   95.463900][ T7414] F2FS-fs (loop1): invalid crc value
[   95.551891][ T7414] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[   95.562320][ T7414] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[   95.565498][ T7414] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[   95.610484][ T7431] loop0: detected capacity change from 0 to 4096
[   96.889000][ T7451] Zero length message leads to an empty skb
[   96.921887][ T7453] : entered promiscuous mode
[   97.043751][   T10] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[   97.105179][ T7467] l2tp_ppp: sess 2/0: no socket in recv
[   97.207721][   T10] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 7
[   97.212034][   T10] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0
[   97.216457][   T10] usb 1-1: New USB device found, idVendor=2040, idProduct=1605, bcdDevice= a.94
[   97.220057][   T10] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   97.227373][   T10] usb 1-1: config 0 descriptor??
[   97.436942][   T10] usb 1-1: USB disconnect, device number 7
[   97.763366][ T7484] netlink: 'syz.2.659': attribute type 2 has an invalid length.
[   97.779273][ T7484] : entered promiscuous mode
[   97.895596][ T5852] Bluetooth: hci0: unexpected event for opcode 0x2010
[   98.282015][   T10] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[   98.288682][ T5849] syz-executor: attempt to access beyond end of device
[   98.288682][ T5849] loop1: rw=2049, sector=40960, nr_sectors = 8 limit=40427
[   98.298056][ T5849] CPU: 1 UID: 0 PID: 5849 Comm: syz-executor Not tainted 6.17.0-rc1-syzkaller-00036-gdfc0f6373094-dirty #0 PREEMPT(full) 
[   98.298074][ T5849] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   98.298081][ T5849] Call Trace:
[   98.298087][ T5849]  <TASK>
[   98.298092][ T5849]  dump_stack_lvl+0x189/0x250
[   98.298113][ T5849]  ? __pfx_dump_stack_lvl+0x10/0x10
[   98.298127][ T5849]  ? __pfx_queue_work_on+0x10/0x10
[   98.298137][ T5849]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[   98.298152][ T5849]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   98.298175][ T5849]  f2fs_handle_critical_error+0x37c/0x540
[   98.298197][ T5849]  f2fs_write_end_io+0x886/0xb60
[   98.298251][ T5849]  __submit_merged_bio+0x27a/0x6a0
[   98.298268][ T5849]  ? up_write+0x1c4/0x420
[   98.298285][ T5849]  __submit_merged_write_cond+0x44c/0x530
[   98.298306][ T5849]  f2fs_sync_node_pages+0x1479/0x15e0
[   98.298337][ T5849]  ? __pfx_f2fs_sync_node_pages+0x10/0x10
[   98.298371][ T5849]  ? f2fs_write_checkpoint+0xe43/0x1df0
[   98.298387][ T5849]  ? up_write+0x1c4/0x420
[   98.298398][ T5849]  ? do_raw_spin_unlock+0x4d/0x240
[   98.298416][ T5849]  f2fs_write_checkpoint+0xe6f/0x1df0
[   98.298445][ T5849]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[   98.298493][ T5849]  ? kill_f2fs_super+0x298/0x6c0
[   98.298508][ T5849]  kill_f2fs_super+0x2c3/0x6c0
[   98.298524][ T5849]  ? __pfx_kill_f2fs_super+0x10/0x10
[   98.298534][ T5849]  ? radix_tree_delete_item+0x2b6/0x400
[   98.298555][ T5849]  ? shrinker_free+0x2ce/0x3e0
[   98.298571][ T5849]  deactivate_locked_super+0xbc/0x130
[   98.298587][ T5849]  cleanup_mnt+0x425/0x4c0
[   98.298606][ T5849]  ? lockdep_hardirqs_on+0x9c/0x150
[   98.298625][ T5849]  task_work_run+0x1d4/0x260
[   98.298643][ T5849]  ? __pfx_task_work_run+0x10/0x10
[   98.298656][ T5849]  ? __x64_sys_umount+0x122/0x160
[   98.298675][ T5849]  ? exit_to_user_mode_loop+0x40/0x110
[   98.298694][ T5849]  exit_to_user_mode_loop+0xec/0x110
[   98.298711][ T5849]  do_syscall_64+0x2bd/0x3b0
[   98.298726][ T5849]  ? lockdep_hardirqs_on+0x9c/0x150
[   98.298740][ T5849]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   98.298751][ T5849]  ? exc_page_fault+0x9f/0xf0
[   98.298767][ T5849]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   98.298777][ T5849] RIP: 0033:0x7fce8a18ff17
[   98.298789][ T5849] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[   98.298798][ T5849] RSP: 002b:00007ffca831d298 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[   98.298811][ T5849] RAX: 0000000000000000 RBX: 00007fce8a211c05 RCX: 00007fce8a18ff17
[   98.298819][ T5849] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffca831d350
[   98.298826][ T5849] RBP: 00007ffca831d350 R08: 0000000000000000 R09: 0000000000000000
[   98.298832][ T5849] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffca831e3e0
[   98.298840][ T5849] R13: 00007fce8a211c05 R14: 0000000000017977 R15: 00007ffca831e420
[   98.298861][ T5849]  </TASK>
[   98.298866][ T5849] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[   98.474307][   T10] usb 1-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[   98.477923][   T10] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   98.503990][   T10] usb 1-1: config 0 descriptor??
[   98.524347][   T10] cp210x 1-1:0.0: cp210x converter detected
[   99.121902][   T10] cp210x 1-1:0.0: failed to get vendor val 0x000e size 678: -71
[   99.127180][   T10] cp210x 1-1:0.0: GPIO initialisation failed: -71
[   99.136345][   T10] usb 1-1: cp210x converter now attached to ttyUSB0
[   99.141337][   T10] usb 1-1: USB disconnect, device number 8
[   99.150157][   T10] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[   99.155840][   T10] cp210x 1-1:0.0: device disconnected
[   99.268478][ T7527] netlink: 'syz.1.679': attribute type 4 has an invalid length.
[   99.550602][ T7539] loop1: detected capacity change from 0 to 8
[   99.767867][ T7560] netlink: 28 bytes leftover after parsing attributes in process `syz.2.694'.
[   99.954850][ T5901] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  100.020824][ T7570] loop0: detected capacity change from 0 to 40427
[  100.027872][ T7570] F2FS-fs (loop0): invalid crc value
[  100.076683][ T7570] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  100.085898][ T7570] F2FS-fs (loop0): Start checkpoint disabled!
[  100.092279][ T7570] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[  100.100996][ T7570] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=30303030, run fsck to fix.
[  100.105234][ T5901] usb 2-1: Using ep0 maxpacket: 32
[  100.110370][ T5901] usb 2-1: config 2 has an invalid interface number: 20 but max is 0
[  100.114578][ T5901] usb 2-1: config 2 has no interface number 0
[  100.117591][ T5901] usb 2-1: config 2 interface 20 altsetting 3 endpoint 0x7 has an invalid bInterval 0, changing to 7
[  100.142561][ T5901] usb 2-1: config 2 interface 20 has no altsetting 0
[  100.145583][ T5901] usb 2-1: New USB device found, idVendor=0c72, idProduct=000c, bcdDevice=60.93
[  100.149864][ T5901] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  100.369808][ T5901] usb 2-1: string descriptor 0 read error: -71
[  100.386236][ T5901] usb 2-1: USB disconnect, device number 9
[  100.421447][ T7598] loop0: detected capacity change from 0 to 4096
[  100.444643][ T7602] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  100.506905][ T7606] netlink: 'syz.0.715': attribute type 4 has an invalid length.
[  101.468951][ T7626] loop1: detected capacity change from 0 to 40427
[  101.482162][ T7626] F2FS-fs (loop1): build fault injection rate: 19
[  101.484842][ T7626] F2FS-fs (loop1): build fault injection type: 0x3bfe8c
[  101.489055][ T7626] F2FS-fs (loop1): invalid crc value
[  101.502368][ T7626] F2FS-fs (loop1): inject page alloc in f2fs_grab_cache_folio of f2fs_ra_meta_pages+0x615/0x970
[  101.579134][ T7626] F2FS-fs (loop1): inject slab alloc in f2fs_kmem_cache_alloc of read_node_folio+0x20a/0x3f0
[  101.592567][ T7626] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  101.600106][ T7647] loop0: detected capacity change from 0 to 16
[  101.603015][ T7647] erofs (device loop0): negative i_size @ nid 36
[  101.618801][ T7626] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  101.634826][ T7626] F2FS-fs (loop1): inject slab alloc in f2fs_kmem_cache_alloc of f2fs_new_node_folio+0x1d9/0xa40
[  101.649607][ T7626] F2FS-fs (loop1): inject inconsistent footer in sanity_check_node_footer of f2fs_get_dnode_of_data+0x249/0x1cf0
[  101.655467][ T7626] F2FS-fs (loop1): inconsistent node block, node_type:1, nid:10, node_footer[nid:10,ino:10,ofs:0,cpver:0,blkaddr:0]
[  101.677586][ T5849] syz-executor: attempt to access beyond end of device
[  101.677586][ T5849] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  101.684012][ T5849] CPU: 0 UID: 0 PID: 5849 Comm: syz-executor Not tainted 6.17.0-rc1-syzkaller-00036-gdfc0f6373094-dirty #0 PREEMPT(full) 
[  101.684028][ T5849] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  101.684034][ T5849] Call Trace:
[  101.684038][ T5849]  <TASK>
[  101.684042][ T5849]  dump_stack_lvl+0x189/0x250
[  101.684060][ T5849]  ? __pfx_dump_stack_lvl+0x10/0x10
[  101.684071][ T5849]  ? __pfx_queue_work_on+0x10/0x10
[  101.684081][ T5849]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  101.684093][ T5849]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  101.684112][ T5849]  f2fs_handle_critical_error+0x37c/0x540
[  101.684130][ T5849]  f2fs_write_end_io+0x886/0xb60
[  101.684150][ T5849]  __submit_merged_bio+0x27a/0x6a0
[  101.684198][ T5849]  __submit_merged_write_cond+0x255/0x530
[  101.684217][ T5849]  f2fs_write_data_pages+0x261d/0x3000
[  101.684252][ T5849]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  101.684292][ T5849]  ? __mod_zone_page_state+0xd7/0x140
[  101.684311][ T5849]  ? folios_put_refs+0x560/0x640
[  101.684329][ T5849]  ? __lock_acquire+0xab9/0xd20
[  101.684349][ T5849]  ? do_raw_spin_lock+0x121/0x290
[  101.684367][ T5849]  ? do_raw_spin_unlock+0x4d/0x240
[  101.684379][ T5849]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  101.684393][ T5849]  do_writepages+0x32e/0x550
[  101.684413][ T5849]  ? do_raw_spin_unlock+0x4d/0x240
[  101.684427][ T5849]  filemap_fdatawrite+0x199/0x240
[  101.684440][ T5849]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  101.684481][ T5849]  ? do_raw_spin_unlock+0x4d/0x240
[  101.684495][ T5849]  f2fs_sync_dirty_inodes+0x31f/0x830
[  101.684515][ T5849]  f2fs_write_checkpoint+0x95a/0x1df0
[  101.684539][ T5849]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  101.684578][ T5849]  ? kill_f2fs_super+0x298/0x6c0
[  101.684613][ T5849]  kill_f2fs_super+0x2c3/0x6c0
[  101.684627][ T5849]  ? __pfx_kill_f2fs_super+0x10/0x10
[  101.684635][ T5849]  ? radix_tree_delete_item+0x2b6/0x400
[  101.684652][ T5849]  ? shrinker_free+0x2ce/0x3e0
[  101.684664][ T5849]  deactivate_locked_super+0xbc/0x130
[  101.684677][ T5849]  cleanup_mnt+0x425/0x4c0
[  101.684688][ T5849]  ? lockdep_hardirqs_on+0x9c/0x150
[  101.684702][ T5849]  task_work_run+0x1d4/0x260
[  101.684718][ T5849]  ? __pfx_task_work_run+0x10/0x10
[  101.684728][ T5849]  ? __x64_sys_umount+0x122/0x160
[  101.684744][ T5849]  ? exit_to_user_mode_loop+0x40/0x110
[  101.684760][ T5849]  exit_to_user_mode_loop+0xec/0x110
[  101.684774][ T5849]  do_syscall_64+0x2bd/0x3b0
[  101.684786][ T5849]  ? lockdep_hardirqs_on+0x9c/0x150
[  101.684797][ T5849]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  101.684807][ T5849]  ? exc_page_fault+0x9f/0xf0
[  101.684820][ T5849]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  101.684829][ T5849] RIP: 0033:0x7fce8a18ff17
[  101.684838][ T5849] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  101.684846][ T5849] RSP: 002b:00007ffca831d298 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  101.684857][ T5849] RAX: 0000000000000000 RBX: 00007fce8a211c05 RCX: 00007fce8a18ff17
[  101.684864][ T5849] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffca831d350
[  101.684869][ T5849] RBP: 00007ffca831d350 R08: 0000000000000000 R09: 0000000000000000
[  101.684875][ T5849] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffca831e3e0
[  101.684881][ T5849] R13: 00007fce8a211c05 R14: 0000000000018c99 R15: 00007ffca831e420
[  101.684899][ T5849]  </TASK>
[  101.684946][ T5849] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  101.843569][   T24] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  101.995252][   T24] usb 1-1: Using ep0 maxpacket: 32
[  101.999273][   T24] usb 1-1: config 0 has an invalid interface number: 133 but max is 0
[  102.016093][   T24] usb 1-1: config 0 has an invalid descriptor of length 81, skipping remainder of the config
[  102.020227][   T24] usb 1-1: config 0 has no interface number 0
[  102.022708][   T24] usb 1-1: config 0 interface 133 altsetting 0 bulk endpoint 0xB has invalid maxpacket 1024
[  102.035896][   T24] usb 1-1: config 0 interface 133 altsetting 0 has an endpoint descriptor with address 0x47, changing to 0x7
[  102.040524][   T24] usb 1-1: config 0 interface 133 altsetting 0 endpoint 0x7 has an invalid bInterval 83, changing to 7
[  102.053608][   T24] usb 1-1: config 0 interface 133 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  102.078688][   T24] usb 1-1: New USB device found, idVendor=0424, idProduct=012c, bcdDevice=71.1e
[  102.082342][   T24] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  102.094234][   T24] usb 1-1: Product: syz
[  102.095953][   T24] usb 1-1: Manufacturer: syz
[  102.097921][   T24] usb 1-1: SerialNumber: syz
[  102.104368][   T24] usb 1-1: config 0 descriptor??
[  102.107755][ T7647] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  102.333344][   T24] usb 1-1: probing VID:PID(0424:012C)   
[  102.341677][   T24] usb 1-1: vub300 testing BULK OUT EndPoint(0) 0B
[  102.357222][   T24] usb 1-1: vub300 testing UNKNOWN EndPoint(1) 07
[  102.359934][   T24] usb 1-1: vub300 ignoring EndPoint(1) 07
[  102.378615][   T24] usb 1-1: Could not find two sets of bulk-in/out endpoint pairs
[  102.382038][   T24] vub300 1-1:0.133: probe with driver vub300 failed with error -22
[  102.391010][   T24] usb 1-1: USB disconnect, device number 9
[  102.554467][ T7678] ip6erspan0: entered allmulticast mode
[  102.591426][ T7680] netlink: 'syz.1.735': attribute type 1 has an invalid length.
[  102.594917][ T7680] netlink: 'syz.1.735': attribute type 1 has an invalid length.
[  103.950886][ T7730] loop0: detected capacity change from 0 to 1764
[  103.966013][ T7730] iso9660: Corrupted directory entry in block 2 of inode 1920
[  104.008829][ T7732] vlan0: entered promiscuous mode
[  104.322201][ T7744] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  105.028510][ T7752] loop1: detected capacity change from 0 to 32768
[  105.139842][ T7752] bcachefs (loop1): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,nojournal_transaction_names
[  105.139852][ T7752]   allowing incompatible features above 0.0: (unknown version)
[  105.139857][ T7752]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  105.170239][ T7771] netlink: 8 bytes leftover after parsing attributes in process `syz.0.772'.
[  105.170347][ T7771] openvswitch: netlink: Invalid MD length 0 for MD type 0
[  105.170365][ T7771] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  105.220079][ T7752] bcachefs (loop1): Using encoding defined by superblock: utf8-12.1.0
[  105.226016][ T7752] bcachefs (loop1): initializing new filesystem
[  105.237738][ T7752] bcachefs (loop1): going read-write
[  105.258841][ T7752] bcachefs (loop1): marking superblocks
[  105.281545][ T7752] bcachefs (loop1): initializing freespace
[  105.300556][ T7752] bcachefs (loop1): done initializing freespace
[  105.311948][ T7752] bcachefs (loop1): reading snapshots table
[  105.317970][ T7752] bcachefs (loop1): reading snapshots done
[  105.347530][ T7752] bcachefs (loop1): done starting filesystem
[  105.681239][ T7752] syz.1.766 (7752) used greatest stack depth: 16984 bytes left
[  105.697219][ T5849] bcachefs (loop1): shutting down
[  105.702108][ T5849] bcachefs (loop1): going read-only
[  105.706376][ T5849] bcachefs (loop1): finished waiting for writes to stop
[  105.711216][ T5849] bcachefs (loop1): flushing journal and stopping allocators, journal seq 2
[  105.743387][ T5849] bcachefs (loop1): flushing journal and stopping allocators complete, journal seq 3
[  105.756552][ T5849] bcachefs (loop1): clean shutdown complete, journal seq 4
[  105.760098][ T5849] bcachefs (loop1): marking filesystem clean
[  105.762695][ T7804] loop0: detected capacity change from 0 to 1024
[  105.769732][ T7804] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (7780!=20869)
[  105.773334][ T7804] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  105.778218][ T7804] EXT4-fs (loop0): invalid journal inode
[  105.780222][ T7804] EXT4-fs (loop0): can't get journal size
[  105.783051][ T7804] EXT4-fs error (device loop0): ext4_map_blocks:778: inode #3: block 17104912: comm syz.0.785: lblock 2 mapped to illegal pblock 17104912 (length 1)
[  105.789395][ T7804] EXT4-fs (loop0): Remounting filesystem read-only
[  105.791725][ T7804] EXT4-fs (loop0): failed to initialize system zone (-117)
[  105.795273][ T7804] EXT4-fs (loop0): mount failed
[  105.814875][ T5849] bcachefs (loop1): shutdown complete
[  106.773911][   T10] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  106.943659][   T10] usb 1-1: Using ep0 maxpacket: 8
[  106.947937][   T10] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[  106.952816][   T10] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  106.957527][   T10] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  106.961809][   T10] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  106.983790][   T10] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  106.987751][   T10] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  107.394480][   T10] usb 1-1: GET_CAPABILITIES returned 0
[  107.396431][   T10] usbtmc 1-1:16.0: can't read capabilities
[  107.511827][   T24] usb 1-1: USB disconnect, device number 10
[  108.123727][   T10] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  108.276297][   T10] usb 2-1: New USB device found, idVendor=04a5, idProduct=3035, bcdDevice= d.df
[  108.280294][   T10] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  108.287906][   T10] usb 2-1: config 0 descriptor??
[  108.295483][   T10] gspca_main: benq-2.14.0 probing 04a5:3035
[  108.522748][   T10] usb 2-1: USB disconnect, device number 10
[  110.238552][ T7965] netlink: 12 bytes leftover after parsing attributes in process `syz.2.850'.
[  110.540350][ T7983] netlink: 4 bytes leftover after parsing attributes in process `syz.2.858'.
[  110.641119][ T7985] loop0: detected capacity change from 0 to 512
[  110.666912][ T7985] fscrypt (loop0, inode 2): Error -61 getting encryption context
[  110.673839][ T7985] EXT4-fs (loop0): Cannot turn on journaled quota: type 1: error -61
[  110.690731][ T7985] EXT4-fs error (device loop0): ext4_orphan_get:1392: inode #13: comm syz.0.859: iget: bad i_size value: 12154757448730
[  110.706945][ T7985] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.859: couldn't read orphan inode 13 (err -117)
[  110.728086][ T7985] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  110.769037][ T5853] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  111.150563][ T8001] loop0: detected capacity change from 0 to 40427
[  111.155082][ T8001] F2FS-fs (loop0): Image doesn't support compression
[  111.157337][ T8001] F2FS-fs (loop0): build fault injection rate: 3
[  111.159948][ T8001] F2FS-fs (loop0): build fault injection type: 0x35f7
[  111.162726][ T8001] F2FS-fs (loop0): inject kmalloc in f2fs_kmalloc of f2fs_fill_super+0x2e45/0x6ff0
[  111.761825][ T8011] use of bytesused == 0 is deprecated and will be removed in the future,
[  111.782339][ T8011] use the actual size instead.
[  111.807757][ T8011] loop1: detected capacity change from 0 to 256
[  112.440581][ T8031] loop0: detected capacity change from 0 to 32768
[  112.451202][ T8031] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  112.494973][ T5853] ocfs2: Unmounting device (7,0) on (node local)
[  112.516368][ T5965] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  112.674778][ T5965] usb 2-1: Using ep0 maxpacket: 16
[  112.679925][ T5965] usb 2-1: config index 0 descriptor too short (expected 16456, got 72)
[  112.682836][ T5965] usb 2-1: config 0 has an invalid interface number: 125 but max is 1
[  112.685882][ T5965] usb 2-1: config 0 has an invalid interface number: 125 but max is 1
[  112.688673][ T5965] usb 2-1: config 0 has an invalid interface number: 125 but max is 1
[  112.691523][ T5965] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 2
[  112.692126][ T8037] loop0: detected capacity change from 0 to 32768
[  112.696694][ T5965] usb 2-1: config 0 has no interface number 0
[  112.705135][ T5965] usb 2-1: config 0 interface 125 altsetting 4 endpoint 0x4 has invalid maxpacket 21760, setting to 64
[  112.711549][ T5965] usb 2-1: config 0 interface 125 altsetting 4 endpoint 0xB has invalid wMaxPacketSize 0
[  112.716346][ T5965] usb 2-1: config 0 interface 125 altsetting 4 endpoint 0x2 has invalid wMaxPacketSize 0
[  112.719671][ T5965] usb 2-1: config 0 interface 125 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  112.724069][ T5965] usb 2-1: config 0 interface 125 has no altsetting 2
[  112.728340][ T5965] usb 2-1: New USB device found, idVendor=050d, idProduct=0002, bcdDevice=23.27
[  112.731449][ T5965] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  112.734766][ T5965] usb 2-1: Product: syz
[  112.736237][ T5965] usb 2-1: Manufacturer: syz
[  112.737874][ T5965] usb 2-1: SerialNumber: syz
[  112.740942][ T5965] usb 2-1: config 0 descriptor??
[  112.747334][ T5965] usb 2-1: selecting invalid altsetting 2
[  112.795621][ T8037] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[  112.795633][ T8037]   allowing incompatible features above 0.0: (unknown version)
[  112.795638][ T8037]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  112.810843][ T8037] bcachefs (loop0): Using encoding defined by superblock: utf8-12.1.0
[  112.813791][ T8037] bcachefs (loop0): initializing new filesystem
[  112.821327][ T8037] bcachefs (loop0): going read-write
[  112.830373][ T8037] bcachefs (loop0): marking superblocks
[  112.836266][ T8037] bcachefs (loop0): initializing freespace
[  112.840292][ T8037] bcachefs (loop0): done initializing freespace
[  112.843537][ T8037] bcachefs (loop0): reading snapshots table
[  112.845541][ T8037] bcachefs (loop0): reading snapshots done
[  112.859557][ T8037] bcachefs (loop0): done starting filesystem
[  112.992662][ T5965] usb 2-1: USB disconnect, device number 11
[  113.492335][ T8058] overlayfs: failed to clone upperpath
[  113.510491][ T5853] bcachefs (loop0): shutting down
[  113.512781][ T5853] bcachefs (loop0): going read-only
[  113.515532][ T5853] bcachefs (loop0): finished waiting for writes to stop
[  113.520881][ T5853] bcachefs (loop0): flushing journal and stopping allocators, journal seq 2
[  113.539565][ T5853] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 3
[  113.543116][ T5853] bcachefs (loop0): clean shutdown complete, journal seq 4
[  113.546177][ T5853] bcachefs (loop0): marking filesystem clean
[  113.561565][ T5853] bcachefs (loop0): shutdown complete
[  113.939594][ T8092] loop1: detected capacity change from 0 to 128
[  113.945432][ T8092] FAT-fs (loop1): bogus number of reserved sectors
[  113.948245][ T8092] FAT-fs (loop1): This doesn't look like a DOS 1.x volume; DOS 2.x BPB is non-zero
[  113.952071][ T8092] FAT-fs (loop1): Can't find a valid FAT filesystem
[  114.983684][ T8106] netlink: 'syz.2.909': attribute type 21 has an invalid length.
[  115.456912][  T791] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[  115.614167][  T791] usb 1-1: Using ep0 maxpacket: 16
[  115.631257][  T791] usb 1-1: config 0 has an invalid interface number: 105 but max is 0
[  115.637627][  T791] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  115.641829][  T791] usb 1-1: config 0 has no interface number 0
[  115.657186][  T791] usb 1-1: New USB device found, idVendor=046d, idProduct=08f3, bcdDevice= b.28
[  115.660938][  T791] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  115.820190][ T8146] loop1: detected capacity change from 0 to 40427
[  115.823197][ T8146] F2FS-fs (loop1): Wrong SSA boundary, start(3584) end(4096) blocks(0)
[  115.825872][ T8146] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  115.828846][ T8146] F2FS-fs (loop1): build fault injection type: 0x6
[  115.831879][ T8146] F2FS-fs (loop1): invalid crc value
[  115.834459][  T791] usb 1-1: Product: syz
[  115.835790][  T791] usb 1-1: Manufacturer: syz
[  115.837435][  T791] usb 1-1: SerialNumber: syz
[  115.840296][  T791] usb 1-1: config 0 descriptor??
[  115.886565][ T8146] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  115.890388][ T8146] F2FS-fs (loop1): Start checkpoint disabled!
[  115.896757][ T8146] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  115.899101][ T8146] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[  115.905858][  T791] usb 1-1: Found UVC 0.00 device syz (046d:08f3)
[  115.907979][  T791] usb 1-1: No valid video chain found.
[  116.129977][  T791] usb 1-1: USB disconnect, device number 11
[  116.907172][ T8173] netlink: 160 bytes leftover after parsing attributes in process `syz.0.939'.
[  116.911275][ T8173] netlink: 'syz.0.939': attribute type 1 has an invalid length.
[  116.916068][ T8173] netlink: 24 bytes leftover after parsing attributes in process `syz.0.939'.
[  117.330899][ T8186] pim6reg: entered allmulticast mode
[  117.340534][ T1088] kworker/u9:4: attempt to access beyond end of device
[  117.340534][ T1088] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  117.348501][ T1088] CPU: 1 UID: 0 PID: 1088 Comm: kworker/u9:4 Not tainted 6.17.0-rc1-syzkaller-00036-gdfc0f6373094-dirty #0 PREEMPT(full) 
[  117.348520][ T1088] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  117.348528][ T1088] Workqueue: writeback wb_workfn (flush-7:1)
[  117.348549][ T1088] Call Trace:
[  117.348555][ T1088]  <TASK>
[  117.348560][ T1088]  dump_stack_lvl+0x189/0x250
[  117.348580][ T1088]  ? __pfx_dump_stack_lvl+0x10/0x10
[  117.348594][ T1088]  ? __pfx_queue_work_on+0x10/0x10
[  117.348605][ T1088]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  117.348620][ T1088]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  117.348646][ T1088]  f2fs_handle_critical_error+0x37c/0x540
[  117.348669][ T1088]  f2fs_write_end_io+0x886/0xb60
[  117.348697][ T1088]  __submit_merged_bio+0x27a/0x6a0
[  117.348719][ T1088]  __submit_merged_write_cond+0x255/0x530
[  117.348742][ T1088]  f2fs_write_data_pages+0x261d/0x3000
[  117.348790][ T1088]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  117.348820][ T1088]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  117.348863][ T1088]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[  117.348880][ T1088]  ? look_up_lock_class+0x74/0x170
[  117.348905][ T1088]  ? trace_f2fs_writepages+0x7f/0x200
[  117.348922][ T1088]  ? f2fs_write_node_pages+0x478/0x6e0
[  117.348942][ T1088]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[  117.349001][ T1088]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  117.349022][ T1088]  do_writepages+0x32e/0x550
[  117.349043][ T1088]  ? reacquire_held_locks+0x127/0x1d0
[  117.349055][ T1088]  ? writeback_sb_inodes+0x384/0x1010
[  117.349078][ T1088]  __writeback_single_inode+0x145/0xff0
[  117.349093][ T1088]  ? do_raw_spin_unlock+0x4d/0x240
[  117.349112][ T1088]  writeback_sb_inodes+0x6c7/0x1010
[  117.349149][ T1088]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  117.349203][ T1088]  ? rcu_is_watching+0x15/0xb0
[  117.349225][ T1088]  wb_writeback+0x43b/0xaf0
[  117.349245][ T1088]  ? queue_io+0x3c1/0x590
[  117.349262][ T1088]  ? __pfx_wb_writeback+0x10/0x10
[  117.349284][ T1088]  ? _raw_spin_unlock_irq+0x23/0x50
[  117.349302][ T1088]  wb_workfn+0x409/0xef0
[  117.349326][ T1088]  ? __pfx_wb_workfn+0x10/0x10
[  117.349344][ T1088]  ? __lock_acquire+0xab9/0xd20
[  117.349369][ T1088]  ? process_scheduled_works+0x9ef/0x17b0
[  117.349385][ T1088]  ? _raw_spin_unlock_irq+0x23/0x50
[  117.349397][ T1088]  ? process_scheduled_works+0x9ef/0x17b0
[  117.349405][ T1088]  ? process_scheduled_works+0x9ef/0x17b0
[  117.349417][ T1088]  process_scheduled_works+0xae1/0x17b0
[  117.349453][ T1088]  ? __pfx_process_scheduled_works+0x10/0x10
[  117.349480][ T1088]  worker_thread+0x8a0/0xda0
[  117.349512][ T1088]  kthread+0x711/0x8a0
[  117.349530][ T1088]  ? __pfx_worker_thread+0x10/0x10
[  117.349542][ T1088]  ? __pfx_kthread+0x10/0x10
[  117.349555][ T1088]  ? _raw_spin_unlock_irq+0x23/0x50
[  117.349567][ T1088]  ? lockdep_hardirqs_on+0x9c/0x150
[  117.349580][ T1088]  ? __pfx_kthread+0x10/0x10
[  117.349596][ T1088]  ret_from_fork+0x3fc/0x770
[  117.349610][ T1088]  ? __pfx_ret_from_fork+0x10/0x10
[  117.349625][ T1088]  ? __switch_to_asm+0x39/0x70
[  117.349638][ T1088]  ? __switch_to_asm+0x33/0x70
[  117.349651][ T1088]  ? __pfx_kthread+0x10/0x10
[  117.349666][ T1088]  ret_from_fork_asm+0x1a/0x30
[  117.349696][ T1088]  </TASK>
[  117.349701][ T1088] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  118.320772][ T8216] loop1: detected capacity change from 0 to 32768
[  118.360864][ T8216] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  118.399326][ T8216] XFS (loop1): Ending clean mount
[  118.452548][ T5849] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  118.749560][ T8218] loop0: detected capacity change from 0 to 131072
[  118.814196][ T8218] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  118.818865][ T8218] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  119.447417][   T12] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  119.451359][   T12] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  119.465691][   T12] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  119.478506][   T12] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  119.621030][ T8273] loop1: detected capacity change from 0 to 32768
[  119.641578][ T8273] ocfs2: Slot 0 on device (7,1) was already allocated to this node!
[  119.647551][ T8273] (syz.1.982,8273,0):ocfs2_read_journal_inode:1659 ERROR: status = -13
[  119.650759][ T8273] (syz.1.982,8273,0):ocfs2_mark_dead_nodes:1942 ERROR: status = -13
[  119.653796][ T8273] (syz.1.982,8273,0):ocfs2_check_volume:2420 ERROR: status = -13
[  119.656705][ T8273] (syz.1.982,8273,0):ocfs2_check_volume:2432 ERROR: status = -13
[  119.660078][ T8273] (syz.1.982,8273,0):ocfs2_mount_volume:1764 ERROR: status = -13
[  119.675849][ T8273] (syz.1.982,8273,0):ocfs2_fill_super:1177 ERROR: status = -13
[  120.771068][ T8295] loop0: detected capacity change from 0 to 32768
[  120.843963][ T8295] XFS (loop0): DAX unsupported by block device. Turning off DAX.
[  120.849333][ T8295] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  120.868560][ T8303] netlink: 8 bytes leftover after parsing attributes in process `syz.2.991'.
[  120.900222][ T8295] XFS (loop0): Ending clean mount
[  120.910782][ T8295] XFS (loop0): Quotacheck needed: Please wait.
[  120.926799][ T1089] XFS (loop0): Metadata CRC error detected at xfs_allocbt_read_verify+0x42/0xe0, xfs_cntbt block 0x10 
[  120.931636][ T1089] XFS (loop0): Unmount and run xfs_repair
[  120.946570][ T1089] XFS (loop0): First 128 bytes of corrupted metadata buffer:
[  120.950175][ T1089] 00000000: 41 42 33 43 00 00 00 02 ff ff ff ff ff ff ff ff  AB3C............
[  120.963147][ T1089] 00000010: 00 00 00 00 00 00 00 10 00 00 00 01 00 00 00 10  ................
[  120.971740][ T1089] 00000020: c4 96 e0 5e 54 0d 4c 72 b5 91 04 d7 9d 8b 4e eb  ...^T.Lr......N.
[  120.979016][ T1089] 00000030: 00 00 00 00 20 bb 84 11 00 00 04 4e 00 00 00 02  .... ......N....
[  120.985548][ T1089] 00000040: 00 00 04 60 00 00 0b a0 00 00 00 00 00 00 00 00  ...`............
[  120.997967][ T1089] 00000050: 00 00 00 00 00 00 07 00 00 00 00 00 00 00 00 00  ................
[  121.003794][ T1089] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  121.006884][ T1089] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  121.010179][ T1089] XFS (loop0): metadata I/O error in "xfs_btree_read_buf_block+0x290/0x470" at daddr 0x10 len 8 error 74
[  121.031094][ T8295] XFS (loop0): Quotacheck: Unsuccessful (Error -117): Disabling quotas.
[  121.038700][ T8295] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  121.986878][ T8295] XFS (loop0): Uncorrected metadata errors detected; please run xfs_repair.
[  122.187975][ T8334] loop0: detected capacity change from 0 to 512
[  122.205808][ T8334] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  122.433576][    T9] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[  122.593704][    T9] usb 2-1: Using ep0 maxpacket: 16
[  122.597826][    T9] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  122.602154][    T9] usb 2-1: config 0 interface 0 altsetting 1 endpoint 0x7 has an invalid bInterval 0, changing to 7
[  122.606936][    T9] usb 2-1: config 0 interface 0 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  122.612322][    T9] usb 2-1: config 0 interface 0 has no altsetting 0
[  122.617558][    T9] usb 2-1: New USB device found, idVendor=06cb, idProduct=0006, bcdDevice=9a.eb
[  122.621291][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  122.625076][    T9] usb 2-1: Product: syz
[  122.627039][    T9] usb 2-1: Manufacturer: syz
[  122.629042][    T9] usb 2-1: SerialNumber: syz
[  122.633385][    T9] usb 2-1: config 0 descriptor??
[  122.858801][ T8349] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  122.862141][ T8349] IPv6: NLM_F_CREATE should be set when creating new route
[  122.947078][ T8353] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1013'.
[  122.950806][ T8353] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1013'.
[  123.050698][  T791] usb 2-1: USB disconnect, device number 12
[  123.264092][ T8363] ==================================================================
[  123.267396][ T8363] BUG: KASAN: slab-use-after-free in xfrm_state_find+0x2cf2/0x5400
[  123.270709][ T8363] Read of size 1 at addr ffff8881221647b0 by task syz.2.1018/8363
[  123.274821][ T8363] 
[  123.275857][ T8363] CPU: 0 UID: 0 PID: 8363 Comm: syz.2.1018 Not tainted 6.17.0-rc1-syzkaller-00036-gdfc0f6373094-dirty #0 PREEMPT(full) 
[  123.275873][ T8363] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  123.275880][ T8363] Call Trace:
[  123.275885][ T8363]  <TASK>
[  123.275891][ T8363]  dump_stack_lvl+0x189/0x250
[  123.275933][ T8363]  ? __kasan_check_byte+0x12/0x40
[  123.275950][ T8363]  ? __pfx_dump_stack_lvl+0x10/0x10
[  123.275963][ T8363]  ? lock_release+0x4b/0x3e0
[  123.275981][ T8363]  ? __virt_addr_valid+0x4a5/0x5c0
[  123.275995][ T8363]  print_report+0xca/0x240
[  123.276006][ T8363]  ? xfrm_state_find+0x2cf2/0x5400
[  123.276021][ T8363]  kasan_report+0x118/0x150
[  123.276036][ T8363]  ? xfrm_state_find+0x2cf2/0x5400
[  123.276056][ T8363]  xfrm_state_find+0x2cf2/0x5400
[  123.276072][ T8363]  ? check_noncircular+0xe0/0x160
[  123.276092][ T8363]  ? validate_chain+0x897/0x2140
[  123.276106][ T8363]  ? xfrm_state_find+0x1da/0x5400
[  123.276125][ T8363]  ? __pfx_xfrm_state_find+0x10/0x10
[  123.276145][ T8363]  xfrm_resolve_and_create_bundle+0x768/0x2f80
[  123.276165][ T8363]  ? __pfx_xfrm_resolve_and_create_bundle+0x10/0x10
[  123.276179][ T8363]  ? xfrm_policy_lookup_bytype+0x123/0x1250
[  123.276193][ T8363]  ? xfrm_policy_lookup_bytype+0x11ef/0x1250
[  123.276214][ T8363]  ? xfrm_expand_policies+0x41f/0x6a0
[  123.276227][ T8363]  xfrm_lookup_with_ifid+0x58a/0x1a70
[  123.276242][ T8363]  ? __pfx_xfrm_lookup_with_ifid+0x10/0x10
[  123.276258][ T8363]  icmpv6_route_lookup+0x155/0x590
[  123.276275][ T8363]  ? __pfx_icmpv6_route_lookup+0x10/0x10
[  123.276293][ T8363]  ? icmpv6_xrlim_allow+0x521/0x630
[  123.276312][ T8363]  ? ipcm6_init_sk+0x18b/0x470
[  123.276328][ T8363]  icmp6_send+0x1001/0x1940
[  123.276344][ T8363]  ? icmp6_send+0x1e9/0x1940
[  123.276365][ T8363]  ? __pfx_icmp6_send+0x10/0x10
[  123.276381][ T8363]  ? __lock_acquire+0xab9/0xd20
[  123.276402][ T8363]  ? ip6_neigh_lookup+0x14e/0x470
[  123.276420][ T8363]  ? ip6_neigh_lookup+0x14e/0x470
[  123.276437][ T8363]  ? __ipv6_addr_type+0x10c/0x2f0
[  123.276452][ T8363]  ? ip6_tnl_xmit_ctl+0x19f/0x660
[  123.276467][ T8363]  ip6_link_failure+0x3b/0x4c0
[  123.276477][ T8363]  ? __pfx_ip6_link_failure+0x10/0x10
[  123.276487][ T8363]  ip6_tnl_xmit+0xe08/0x2b10
[  123.276501][ T8363]  ? __lock_acquire+0xab9/0xd20
[  123.276522][ T8363]  ? __pfx_ip6_tnl_xmit+0x10/0x10
[  123.276536][ T8363]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  123.276551][ T8363]  ? lockdep_hardirqs_on+0xb9/0x150
[  123.276567][ T8363]  ? __pfx_make_kuid+0x10/0x10
[  123.276582][ T8363]  ? iptunnel_handle_offloads+0x2fd/0x630
[  123.276599][ T8363]  ip6_tnl_start_xmit+0xc1d/0x1150
[  123.276618][ T8363]  ? __pfx_ip6_tnl_start_xmit+0x10/0x10
[  123.276638][ T8363]  dev_hard_start_xmit+0x2d7/0x830
[  123.276655][ T8363]  __dev_queue_xmit+0x1b8d/0x3b50
[  123.276667][ T8363]  ? register_lock_class+0x51/0x320
[  123.276687][ T8363]  ? __dev_queue_xmit+0x27b/0x3b50
[  123.276704][ T8363]  ? __pfx___dev_queue_xmit+0x10/0x10
[  123.276716][ T8363]  ? read_seqbegin+0x122/0x250
[  123.276730][ T8363]  ? neigh_connected_output+0x1ea/0x460
[  123.276744][ T8363]  ? lockdep_hardirqs_on+0x9c/0x150
[  123.276759][ T8363]  ? read_seqbegin+0x1ac/0x250
[  123.276773][ T8363]  ? __pfx_read_seqbegin+0x10/0x10
[  123.276797][ T8363]  ip6_finish_output2+0x11fe/0x16a0
[  123.276812][ T8363]  ? ip6_finish_output2+0x701/0x16a0
[  123.276828][ T8363]  ? __pfx_ip6_finish_output2+0x10/0x10
[  123.276845][ T8363]  ip6_fragment+0x1422/0x1e20
[  123.276862][ T8363]  ? __pfx_ip6_finish_output2+0x10/0x10
[  123.276879][ T8363]  ? __pfx_ip6_fragment+0x10/0x10
[  123.276893][ T8363]  ? ip6_finish_output+0x219/0x4e0
[  123.276941][ T8363]  ip6_xmit+0x107a/0x1840
[  123.276958][ T8363]  ? __pfx_ip6_xmit+0x10/0x10
[  123.276972][ T8363]  ? sctp_v6_xmit+0x60f/0x1300
[  123.276989][ T8363]  ? sctp_v6_xmit+0x60f/0x1300
[  123.277004][ T8363]  sctp_v6_xmit+0xa33/0x1300
[  123.277035][ T8363]  ? __pfx_sctp_v6_xmit+0x10/0x10
[  123.277051][ T8363]  ? crc32c+0x405/0x460
[  123.277064][ T8363]  ? skb_crc32c+0x765/0x880
[  123.277086][ T8363]  ? kmem_cache_free+0x18f/0x400
[  123.277104][ T8363]  sctp_packet_transmit+0x2581/0x2bb0
[  123.277126][ T8363]  sctp_packet_singleton+0x233/0x330
[  123.277141][ T8363]  ? __pfx_sctp_packet_singleton+0x10/0x10
[  123.277156][ T8363]  ? sctp_outq_select_transport+0x462/0x570
[  123.277168][ T8363]  ? sctp_transport_burst_limited+0x19c/0x280
[  123.277183][ T8363]  sctp_outq_flush+0x4f0/0x3140
[  123.277195][ T8363]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  123.277211][ T8363]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  123.277225][ T8363]  ? rcu_is_watching+0x15/0xb0
[  123.277237][ T8363]  ? __pfx_sctp_outq_flush+0x10/0x10
[  123.277251][ T8363]  ? sctp_outq_tail+0x612/0x8c0
[  123.277262][ T8363]  ? sctp_outq_uncork+0x4d/0xa0
[  123.277275][ T8363]  sctp_do_sm+0x5332/0x5a20
[  123.277290][ T8363]  ? sctp_stream_init_ext+0x57/0x180
[  123.277303][ T8363]  ? sctp_sendmsg_to_asoc+0x12fd/0x1810
[  123.277320][ T8363]  ? sctp_sendmsg+0x1941/0x2810
[  123.277333][ T8363]  ? __sock_sendmsg+0x19c/0x270
[  123.277348][ T8363]  ? __pfx_sctp_do_sm+0x10/0x10
[  123.277369][ T8363]  ? __sk_mem_raise_allocated+0xaa9/0x1240
[  123.277384][ T8363]  sctp_primitive_ASSOCIATE+0x95/0xc0
[  123.277401][ T8363]  sctp_sendmsg_to_asoc+0x102d/0x1810
[  123.277416][ T8363]  ? __asan_memcpy+0x40/0x70
[  123.277430][ T8363]  ? sctp_assoc_add_peer+0xcfa/0x13b0
[  123.277444][ T8363]  ? __pfx_sctp_sendmsg_to_asoc+0x10/0x10
[  123.277461][ T8363]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  123.277477][ T8363]  ? __local_bh_enable_ip+0x12d/0x1c0
[  123.277489][ T8363]  ? bpf_lsm_sctp_bind_connect+0x9/0x20
[  123.277503][ T8363]  ? security_sctp_bind_connect+0x7e/0x2e0
[  123.277518][ T8363]  sctp_sendmsg+0x1941/0x2810
[  123.277536][ T8363]  ? __pfx_sctp_sendmsg+0x10/0x10
[  123.277553][ T8363]  ? aa_sk_perm+0x81e/0x950
[  123.277571][ T8363]  ? __pfx_aa_sk_perm+0x10/0x10
[  123.277588][ T8363]  ? sock_rps_record_flow+0x19/0x410
[  123.277603][ T8363]  ? inet_sendmsg+0x2f4/0x370
[  123.277617][ T8363]  __sock_sendmsg+0x19c/0x270
[  123.277631][ T8363]  __sys_sendto+0x3bd/0x520
[  123.277648][ T8363]  ? __pfx___sys_sendto+0x10/0x10
[  123.277663][ T8363]  ? do_futex+0x333/0x420
[  123.277684][ T8363]  ? __pfx___se_sys_futex+0x10/0x10
[  123.277700][ T8363]  __x64_sys_sendto+0xde/0x100
[  123.277717][ T8363]  do_syscall_64+0xfa/0x3b0
[  123.277732][ T8363]  ? lockdep_hardirqs_on+0x9c/0x150
[  123.277746][ T8363]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  123.277757][ T8363]  ? exc_page_fault+0x9f/0xf0
[  123.277771][ T8363]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  123.277782][ T8363] RIP: 0033:0x7f59f898ebe9
[  123.277793][ T8363] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  123.277803][ T8363] RSP: 002b:00007f59f981a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  123.277817][ T8363] RAX: ffffffffffffffda RBX: 00007f59f8bb5fa0 RCX: 00007f59f898ebe9
[  123.277825][ T8363] RDX: 0000000000000001 RSI: 0000200000000240 RDI: 0000000000000003
[  123.277833][ T8363] RBP: 00007f59f8a11e19 R08: 0000200000000080 R09: 000000000000001c
[  123.277841][ T8363] R10: 0000000000000051 R11: 0000000000000246 R12: 0000000000000000
[  123.277849][ T8363] R13: 00007f59f8bb6038 R14: 00007f59f8bb5fa0 R15: 00007fff2ea74ff8
[  123.277862][ T8363]  </TASK>
[  123.277867][ T8363] 
[  123.521810][ T8363] Allocated by task 8345:
[  123.523661][ T8363]  kasan_save_track+0x3e/0x80
[  123.525623][ T8363]  __kasan_slab_alloc+0x6c/0x80
[  123.527660][ T8363]  kmem_cache_alloc_noprof+0x1c1/0x3c0
[  123.529877][ T8363]  xfrm_state_alloc+0x24/0x2f0
[  123.531848][ T8363]  xfrm_add_acquire+0xf7/0xb20
[  123.533832][ T8363]  xfrm_user_rcv_msg+0x7a3/0xab0
[  123.535922][ T8363]  netlink_rcv_skb+0x208/0x470
[  123.537927][ T8363]  xfrm_netlink_rcv+0x79/0x90
[  123.539819][ T8363]  netlink_unicast+0x82f/0x9e0
[  123.541831][ T8363]  netlink_sendmsg+0x805/0xb30
[  123.543817][ T8363]  __sock_sendmsg+0x21c/0x270
[  123.545787][ T8363]  ____sys_sendmsg+0x505/0x830
[  123.547753][ T8363]  ___sys_sendmsg+0x21f/0x2a0
[  123.549713][ T8363]  __x64_sys_sendmsg+0x19b/0x260
[  123.551768][ T8363]  do_syscall_64+0xfa/0x3b0
[  123.553619][ T8363]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  123.556041][ T8363] 
[  123.557081][ T8363] Freed by task 8345:
[  123.558742][ T8363]  kasan_save_track+0x3e/0x80
[  123.560758][ T8363]  kasan_save_free_info+0x46/0x50
[  123.562863][ T8363]  __kasan_slab_free+0x5b/0x80
[  123.564924][ T8363]  kmem_cache_free+0x18f/0x400
[  123.566825][ T8363]  xfrm_add_acquire+0x280/0xb20
[  123.568814][ T8363]  xfrm_user_rcv_msg+0x7a3/0xab0
[  123.570784][ T8363]  netlink_rcv_skb+0x208/0x470
[  123.572756][ T8363]  xfrm_netlink_rcv+0x79/0x90
[  123.574740][ T8363]  netlink_unicast+0x82f/0x9e0
[  123.576749][ T8363]  netlink_sendmsg+0x805/0xb30
[  123.578796][ T8363]  __sock_sendmsg+0x21c/0x270
[  123.580760][ T8363]  ____sys_sendmsg+0x505/0x830
[  123.582776][ T8363]  ___sys_sendmsg+0x21f/0x2a0
[  123.584747][ T8363]  __x64_sys_sendmsg+0x19b/0x260
[  123.586822][ T8363]  do_syscall_64+0xfa/0x3b0
[  123.588715][ T8363]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  123.591210][ T8363] 
[  123.592216][ T8363] The buggy address belongs to the object at ffff888122164480
[  123.592216][ T8363]  which belongs to the cache xfrm_state of size 928
[  123.597889][ T8363] The buggy address is located 816 bytes inside of
[  123.597889][ T8363]  freed 928-byte region [ffff888122164480, ffff888122164820)
[  123.603577][ T8363] 
[  123.604603][ T8363] The buggy address belongs to the physical page:
[  123.607249][ T8363] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888122164000 pfn:0x122164
[  123.611359][ T8363] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  123.614808][ T8363] flags: 0x57ff00000000040(head|node=1|zone=2|lastcpupid=0x7ff)
[  123.617954][ T8363] page_type: f5(slab)
[  123.619626][ T8363] raw: 057ff00000000040 ffff88801bf0bc80 dead000000000122 0000000000000000
[  123.623174][ T8363] raw: ffff888122164000 00000000800e000d 00000000f5000000 0000000000000000
[  123.626631][ T8363] head: 057ff00000000040 ffff88801bf0bc80 dead000000000122 0000000000000000
[  123.630156][ T8363] head: ffff888122164000 00000000800e000d 00000000f5000000 0000000000000000
[  123.633681][ T8363] head: 057ff00000000002 ffffea0004885901 00000000ffffffff 00000000ffffffff
[  123.637346][ T8363] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[  123.640948][ T8363] page dumped because: kasan: bad access detected
[  123.643615][ T8363] page_owner tracks the page as allocated
[  123.645996][ T8363] page last allocated via order 2, migratetype Unmovable, gfp_mask 0x52820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 6221, tgid 6220 (syz.2.138), ts 61600778407, free_ts 61562473431
[  123.653668][ T8363]  post_alloc_hook+0x240/0x2a0
[  123.655680][ T8363]  get_page_from_freelist+0x21e4/0x22c0
[  123.657951][ T8363]  __alloc_frozen_pages_noprof+0x181/0x370
[  123.660385][ T8363]  alloc_pages_mpol+0x232/0x4a0
[  123.662426][ T8363]  allocate_slab+0x8a/0x370
[  123.664344][ T8363]  ___slab_alloc+0xbeb/0x1410
[  123.666297][ T8363]  kmem_cache_alloc_noprof+0x283/0x3c0
[  123.668584][ T8363]  xfrm_state_alloc+0x24/0x2f0
[  123.670608][ T8363]  xfrm_add_sa+0x17d1/0x4070
[  123.672523][ T8363]  xfrm_user_rcv_msg+0x7a3/0xab0
[  123.674634][ T8363]  netlink_rcv_skb+0x208/0x470
[  123.676667][ T8363]  xfrm_netlink_rcv+0x79/0x90
[  123.678676][ T8363]  netlink_unicast+0x82f/0x9e0
[  123.680733][ T8363]  netlink_sendmsg+0x805/0xb30
[  123.682803][ T8363]  __sock_sendmsg+0x21c/0x270
[  123.684836][ T8363]  ____sys_sendmsg+0x505/0x830
[  123.686916][ T8363] page last free pid 5845 tgid 5845 stack trace:
[  123.689597][ T8363]  __free_frozen_pages+0xbc4/0xd30
[  123.691759][ T8363]  __slab_free+0x303/0x3c0
[  123.693678][ T8363]  qlist_free_all+0x97/0x140
[  123.695654][ T8363]  kasan_quarantine_reduce+0x148/0x160
[  123.697925][ T8363]  __kasan_slab_alloc+0x22/0x80
[  123.699990][ T8363]  kmem_cache_alloc_noprof+0x1c1/0x3c0
[  123.702262][ T8363]  vm_area_dup+0x2b/0x680
[  123.704100][ T8363]  dup_mmap+0x90c/0x1ac0
[  123.705916][ T8363]  copy_mm+0x13c/0x4b0
[  123.707653][ T8363]  copy_process+0x1706/0x3c00
[  123.709645][ T8363]  kernel_clone+0x21e/0x840
[  123.711409][ T8363]  __x64_sys_clone+0x18b/0x1e0
[  123.713265][ T8363]  do_syscall_64+0xfa/0x3b0
[  123.715082][ T8363]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  123.717275][ T8363] 
[  123.718115][ T8363] Memory state around the buggy address:
[  123.720057][ T8363]  ffff888122164680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  123.723486][ T8363]  ffff888122164700: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  123.726796][ T8363] >ffff888122164780: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  123.730139][ T8363]                                      ^
[  123.732514][ T8363]  ffff888122164800: fb fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc
[  123.735809][ T8363]  ffff888122164880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  123.739201][ T8363] ==================================================================
[  123.744475][ T8363] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  123.747502][ T8363] CPU: 0 UID: 0 PID: 8363 Comm: syz.2.1018 Not tainted 6.17.0-rc1-syzkaller-00036-gdfc0f6373094-dirty #0 PREEMPT(full) 
[  123.752583][ T8363] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  123.756731][ T8363] Call Trace:
[  123.758156][ T8363]  <TASK>
[  123.759387][ T8363]  dump_stack_lvl+0x99/0x250
[  123.761381][ T8363]  ? __asan_memcpy+0x40/0x70
[  123.763275][ T8363]  ? __pfx_dump_stack_lvl+0x10/0x10
[  123.765470][ T8363]  ? __pfx__printk+0x10/0x10
[  123.767470][ T8363]  vpanic+0x281/0x750
[  123.769253][ T8363]  ? __pfx_vpanic+0x10/0x10
[  123.771248][ T8363]  ? irqentry_exit+0x74/0x90
[  123.773207][ T8363]  panic+0xb9/0xc0
[  123.774749][ T8363]  ? __pfx_panic+0x10/0x10
[  123.776601][ T8363]  ? _raw_spin_unlock_irqrestore+0xa8/0x110
[  123.779134][ T8363]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  123.781736][ T8363]  ? xfrm_state_find+0x2cf2/0x5400
[  123.783932][ T8363]  check_panic_on_warn+0x89/0xb0
[  123.786067][ T8363]  ? xfrm_state_find+0x2cf2/0x5400
[  123.788239][ T8363]  end_report+0x78/0x160
[  123.790063][ T8363]  kasan_report+0x129/0x150
[  123.791970][ T8363]  ? xfrm_state_find+0x2cf2/0x5400
[  123.794100][ T8363]  xfrm_state_find+0x2cf2/0x5400
[  123.796173][ T8363]  ? check_noncircular+0xe0/0x160
[  123.798305][ T8363]  ? validate_chain+0x897/0x2140
[  123.800420][ T8363]  ? xfrm_state_find+0x1da/0x5400
[  123.802542][ T8363]  ? __pfx_xfrm_state_find+0x10/0x10
[  123.804747][ T8363]  xfrm_resolve_and_create_bundle+0x768/0x2f80
[  123.807344][ T8363]  ? __pfx_xfrm_resolve_and_create_bundle+0x10/0x10
[  123.810175][ T8363]  ? xfrm_policy_lookup_bytype+0x123/0x1250
[  123.812621][ T8363]  ? xfrm_policy_lookup_bytype+0x11ef/0x1250
[  123.815116][ T8363]  ? xfrm_expand_policies+0x41f/0x6a0
[  123.817438][ T8363]  xfrm_lookup_with_ifid+0x58a/0x1a70
[  123.819784][ T8363]  ? __pfx_xfrm_lookup_with_ifid+0x10/0x10
[  123.822200][ T8363]  icmpv6_route_lookup+0x155/0x590
[  123.824354][ T8363]  ? __pfx_icmpv6_route_lookup+0x10/0x10
[  123.826653][ T8363]  ? icmpv6_xrlim_allow+0x521/0x630
[  123.828872][ T8363]  ? ipcm6_init_sk+0x18b/0x470
[  123.830919][ T8363]  icmp6_send+0x1001/0x1940
[  123.832796][ T8363]  ? icmp6_send+0x1e9/0x1940
[  123.834706][ T8363]  ? __pfx_icmp6_send+0x10/0x10
[  123.836712][ T8363]  ? __lock_acquire+0xab9/0xd20
[  123.838688][ T8363]  ? ip6_neigh_lookup+0x14e/0x470
[  123.840692][ T8363]  ? ip6_neigh_lookup+0x14e/0x470
[  123.842730][ T8363]  ? __ipv6_addr_type+0x10c/0x2f0
[  123.844823][ T8363]  ? ip6_tnl_xmit_ctl+0x19f/0x660
[  123.846855][ T8363]  ip6_link_failure+0x3b/0x4c0
[  123.848868][ T8363]  ? __pfx_ip6_link_failure+0x10/0x10
[  123.851133][ T8363]  ip6_tnl_xmit+0xe08/0x2b10
[  123.853085][ T8363]  ? __lock_acquire+0xab9/0xd20
[  123.855165][ T8363]  ? __pfx_ip6_tnl_xmit+0x10/0x10
[  123.857392][ T8363]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  123.859826][ T8363]  ? lockdep_hardirqs_on+0xb9/0x150
[  123.861973][ T8363]  ? __pfx_make_kuid+0x10/0x10
[  123.863991][ T8363]  ? iptunnel_handle_offloads+0x2fd/0x630
[  123.866396][ T8363]  ip6_tnl_start_xmit+0xc1d/0x1150
[  123.868552][ T8363]  ? __pfx_ip6_tnl_start_xmit+0x10/0x10
[  123.870812][ T8363]  dev_hard_start_xmit+0x2d7/0x830
[  123.872918][ T8363]  __dev_queue_xmit+0x1b8d/0x3b50
[  123.874980][ T8363]  ? register_lock_class+0x51/0x320
[  123.877192][ T8363]  ? __dev_queue_xmit+0x27b/0x3b50
[  123.879337][ T8363]  ? __pfx___dev_queue_xmit+0x10/0x10
[  123.881623][ T8363]  ? read_seqbegin+0x122/0x250
[  123.883608][ T8363]  ? neigh_connected_output+0x1ea/0x460
[  123.885916][ T8363]  ? lockdep_hardirqs_on+0x9c/0x150
[  123.888070][ T8363]  ? read_seqbegin+0x1ac/0x250
[  123.890061][ T8363]  ? __pfx_read_seqbegin+0x10/0x10
[  123.892173][ T8363]  ip6_finish_output2+0x11fe/0x16a0
[  123.894365][ T8363]  ? ip6_finish_output2+0x701/0x16a0
[  123.896537][ T8363]  ? __pfx_ip6_finish_output2+0x10/0x10
[  123.898853][ T8363]  ip6_fragment+0x1422/0x1e20
[  123.900817][ T8363]  ? __pfx_ip6_finish_output2+0x10/0x10
[  123.903206][ T8363]  ? __pfx_ip6_fragment+0x10/0x10
[  123.905395][ T8363]  ? ip6_finish_output+0x219/0x4e0
[  123.907548][ T8363]  ip6_xmit+0x107a/0x1840
[  123.909370][ T8363]  ? __pfx_ip6_xmit+0x10/0x10
[  123.911345][ T8363]  ? sctp_v6_xmit+0x60f/0x1300
[  123.913403][ T8363]  ? sctp_v6_xmit+0x60f/0x1300
[  123.915481][ T8363]  sctp_v6_xmit+0xa33/0x1300
[  123.917425][ T8363]  ? __pfx_sctp_v6_xmit+0x10/0x10
[  123.919519][ T8363]  ? crc32c+0x405/0x460
[  123.921262][ T8363]  ? skb_crc32c+0x765/0x880
[  123.923193][ T8363]  ? kmem_cache_free+0x18f/0x400
[  123.925317][ T8363]  sctp_packet_transmit+0x2581/0x2bb0
[  123.927551][ T8363]  sctp_packet_singleton+0x233/0x330
[  123.929698][ T8363]  ? __pfx_sctp_packet_singleton+0x10/0x10
[  123.932162][ T8363]  ? sctp_outq_select_transport+0x462/0x570
[  123.934587][ T8363]  ? sctp_transport_burst_limited+0x19c/0x280
[  123.937101][ T8363]  sctp_outq_flush+0x4f0/0x3140
[  123.939082][ T8363]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  123.941532][ T8363]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  123.944151][ T8363]  ? rcu_is_watching+0x15/0xb0
[  123.946131][ T8363]  ? __pfx_sctp_outq_flush+0x10/0x10
[  123.948318][ T8363]  ? sctp_outq_tail+0x612/0x8c0
[  123.950311][ T8363]  ? sctp_outq_uncork+0x4d/0xa0
[  123.952337][ T8363]  sctp_do_sm+0x5332/0x5a20
[  123.954264][ T8363]  ? sctp_stream_init_ext+0x57/0x180
[  123.956450][ T8363]  ? sctp_sendmsg_to_asoc+0x12fd/0x1810
[  123.958710][ T8363]  ? sctp_sendmsg+0x1941/0x2810
[  123.960663][ T8363]  ? __sock_sendmsg+0x19c/0x270
[  123.962756][ T8363]  ? __pfx_sctp_do_sm+0x10/0x10
[  123.964831][ T8363]  ? __sk_mem_raise_allocated+0xaa9/0x1240
[  123.967205][ T8363]  sctp_primitive_ASSOCIATE+0x95/0xc0
[  123.969399][ T8363]  sctp_sendmsg_to_asoc+0x102d/0x1810
[  123.971546][ T8363]  ? __asan_memcpy+0x40/0x70
[  123.973507][ T8363]  ? sctp_assoc_add_peer+0xcfa/0x13b0
[  123.975683][ T8363]  ? __pfx_sctp_sendmsg_to_asoc+0x10/0x10
[  123.978034][ T8363]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  123.980416][ T8363]  ? __local_bh_enable_ip+0x12d/0x1c0
[  123.982566][ T8363]  ? bpf_lsm_sctp_bind_connect+0x9/0x20
[  123.984850][ T8363]  ? security_sctp_bind_connect+0x7e/0x2e0
[  123.987259][ T8363]  sctp_sendmsg+0x1941/0x2810
[  123.989231][ T8363]  ? __pfx_sctp_sendmsg+0x10/0x10
[  123.991302][ T8363]  ? aa_sk_perm+0x81e/0x950
[  123.993212][ T8363]  ? __pfx_aa_sk_perm+0x10/0x10
[  123.995286][ T8363]  ? sock_rps_record_flow+0x19/0x410
[  123.997489][ T8363]  ? inet_sendmsg+0x2f4/0x370
[  123.999476][ T8363]  __sock_sendmsg+0x19c/0x270
[  124.001411][ T8363]  __sys_sendto+0x3bd/0x520
[  124.003274][ T8363]  ? __pfx___sys_sendto+0x10/0x10
[  124.005353][ T8363]  ? do_futex+0x333/0x420
[  124.007162][ T8363]  ? __pfx___se_sys_futex+0x10/0x10
[  124.009348][ T8363]  __x64_sys_sendto+0xde/0x100
[  124.011436][ T8363]  do_syscall_64+0xfa/0x3b0
[  124.013380][ T8363]  ? lockdep_hardirqs_on+0x9c/0x150
[  124.015563][ T8363]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  124.018119][ T8363]  ? exc_page_fault+0x9f/0xf0
[  124.020110][ T8363]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  124.022585][ T8363] RIP: 0033:0x7f59f898ebe9
[  124.024466][ T8363] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  124.032362][ T8363] RSP: 002b:00007f59f981a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  124.035650][ T8363] RAX: ffffffffffffffda RBX: 00007f59f8bb5fa0 RCX: 00007f59f898ebe9
[  124.038906][ T8363] RDX: 0000000000000001 RSI: 0000200000000240 RDI: 0000000000000003
[  124.042145][ T8363] RBP: 00007f59f8a11e19 R08: 0000200000000080 R09: 000000000000001c
[  124.045369][ T8363] R10: 0000000000000051 R11: 0000000000000246 R12: 0000000000000000
[  124.048643][ T8363] R13: 00007f59f8bb6038 R14: 00007f59f8bb5fa0 R15: 00007fff2ea74ff8
[  124.051977][ T8363]  </TASK>
[  124.054013][ T8363] Kernel Offset: disabled
[  124.055795][ T8363] Rebooting in 86400 seconds..

VM DIAGNOSIS:
03:47:39  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000020 RBX=0000000000000020 RCX=0000000000000000 RDX=00000000000003f8
RSI=0000000000017ad7 RDI=0000000000017ad8 RBP=00000000000003f8 RSP=ffffc9000767d170
R8 =ffff888107098237 R9 =1ffff11020e13046 R10=dffffc0000000000 R11=ffffffff854efeb0
R12=dffffc0000000000 R13=ffffffff99af98e9 R14=ffffffff99dee3a0 R15=0000000000000000
RIP=ffffffff854eff2c RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f59f981a6c0 ffffffff 00c00000
GS =0000 ffff8880b861c000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f59f9819fc8 CR3=0000000024d22000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=2525252525252525 2525252525252525
XMM02=0000000000000000 0000000000000000 XMM03=0000000000000000 0000000000000000
XMM04=0000000000000000 00000000000000ff XMM05=7712c53e93b9f1e8 728370bf3cb3486e
XMM06=63e772d7f3a22482 dabb339f3c035440 XMM07=bd0dad416e16bee6 46815929601aad29
XMM08=6161616161616161 6161616161616161 XMM09=0000000000000000 00007f59f8a12fc5
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=64aff77507b1ab00 RBX=ffffffff81968308 RCX=64aff77507b1ab00 RDX=0000000000000001
RSI=ffffffff8d9b6dc6 RDI=ffffffff8be33400 RBP=ffffc90000177f20 RSP=ffffc90000177de0
R8 =ffff888136632f9b R9 =1ffff11026cc65f3 R10=dffffc0000000000 R11=ffffed1026cc65f4
R12=ffffffff8fa37e30 R13=0000000000000001 R14=0000000000000001 R15=1ffff11020005000
RIP=ffffffff8b7943f3 RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8881a3c1c000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=0000561016dd67e8 CR3=000000002a196000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000001 XMM01=0000000000000015 000000000003bf12
XMM02=0002880306048400 0284031404000280 XMM03=80020002920303fc 0200029003020488
XMM04=0000000000000000 0000000000000000 XMM05=00005555560a0d6e 00005555560a0d30
XMM06=0000000000000000 0000000000000000 XMM07=0302d4020002ae03 0000000000000000
XMM08=000000000001ffff ffffffffffffe508 XMM09=0000000000000000 0000000000000000
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
