last executing test programs:

13.55328338s ago: executing program 4 (id=38):
socket$inet_udplite(0x2, 0x2, 0x88)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$devlink(0x0, 0xffffffffffffffff)
socket$kcm(0x2, 0xa, 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$packet(0x11, 0x3, 0x300)
socket$inet6(0xa, 0x2, 0x0)
open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
socket$inet_dccp(0x2, 0x6, 0x0)
pipe2(&(0x7f0000000040)={<r1=>0xffffffffffffffff}, 0x0)
r2 = socket$inet(0x2, 0x3, 0x4)
setsockopt$inet_msfilter(r2, 0x0, 0x23, &(0x7f0000000080)=ANY=[@ANYBLOB="e0000808ac1414", @ANYRES64=r1], 0x10)
close_range(r0, 0xffffffffffffffff, 0x0)
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000180)=ANY=[@ANYBLOB="12010000000000407d1e9c3100000000000109022400010000000009040000010300000009210000000122070009"], 0x0)

12.924148166s ago: executing program 1 (id=41):
r0 = syz_mount_image$xfs(&(0x7f0000009800), &(0x7f0000009840)='./file1\x00', 0x0, &(0x7f0000000080)={[{@ikeep}, {@pquota}]}, 0x1, 0x9867, &(0x7f00000130c0)="$eJzs3QeUJHWheP/ZZckZEwZkyZjIGQNBQQQBQSQpQbJEASWpgAgCooBEQRFQJIkgSSTnnHPOOecc/mfZXV3XC0//v3ce73nvPWe2u6ura6q/n6qaaWroXmGRZRcaGJhkYHgjL//eoS9/8ugtXl5op2OvP+KlRQ9f/OgRk8cafjFk6IjLqUZcTj0wMDBoxHIGDZ82eMiJJw0eGGdgYPCoy51g3PEHTTAwsOaImwuMuJx7+MWE14yc763R4hUdthqDdh3+NfybDgwMjDvsyjMDMy8/6nJGrNcs//REpa2w4KKL/N3qb27Dxm/IiOujfo01/GvCywYGJrx0gLePQe/tM3r7+0+y9wUrrvQer8f/iVZYcNHFRvMfti+OMWLa3MP28dH3QWOjb+dD575j5DFoEB44/4+0woKLLDHwzsf5gVXePGizt94+bg4eb2Bg8PgDA4MnGBgYPOHAwOCJBgYGT/xeu9T/W+/pxldVVVXvSQsuNPtCw17vjfb7wDgjf6+l3wtXfmOpOwYGBsYcPs/guUa+Fqyqqqqqqqqq/50tuNDsC8Pr/0ne7fX/Cae+OmOv/6uqqqqqqqr+77TYggvNPux1/Giv/yd/t9f/2z3w4gYj/vZ/7uGPevO9fRJVVVVVVVVV9a4t89W3X/+PP9rr/6Hv9vr/4fl3eXDEfCP/u8Eboyxy0Ch/T/DaKNPHGGX+V0eZPmSU6aPOP9bAwOAhI6a//vfJg8cbdt8/zz94kmHrPWL6K6NMn+Xv/3/zkGlHmT7rKNOnH2X6bCPWddj0GUaZPuco88/4r4xtVVVVVVVVVVVVVVVVVVXV/1RvPnHqmX9/z/ePD4zy/u1/ex/3EX8XMOi4s6+++j1b0f8dDfrnv4fY7r1ep//XhjmPc9TQgYGNlnuvV6Xeg97rz2uo97b83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y1/cO5z//9v7/09x+Joj/5/5uQ/dfcqJRn3seqNcH+d/dK3fs/5Tz/8PrDdoYGCE7yTDXJdccJmvzzgwMDDRlLsfOsfA3+6bZ9h98082xog3SBj+NgjTDeEFbzfiU9G3GzHriGUc9/byF3vrkDEGjbYSozTpyYcdtu4KL80x+uX07/w8Bo+88oFLtlx45HtZDB5tpnfaTkcuf+RzGd15xLrPOGzdZ958w01m3myrrT+z3oarr7PWOmttNO/cc88z59xzzTvbzGuvt8Faswz/953GbOjb/07zr4zZ5KOP2RMLjjpmoz+3dxqzoe8+Zm8vcey9Vl1/5JiNvmr/1ZhN8+5jNnS9Ed9oyNAxB1Z7e2wGDQwMmXbMgS2H3Zh17IGBIdONmHfyYfN+drLBAwN7/P2JDrs29t+2wUHbDZtnhUWWXejvH7v/zx+//w6fZz/W8IshI4ZkyFQjLqce/m0mGfj7pjh4yIknDR723P9hmCcYd/xBEwwMrDni5gIjLucdce+VI+d7h89ZH21F336blV2Hf/3NY9xhV45ZeuKbRl3OOxD8d/T/6+f/P3nNM+hvAzVoxNeIeYZ7LbjoYn//Xm8PwwIj3xNm2M+WYSb/Dx9j/1/2T+s7dJy33+T2ndb3Xd4Xd/jzh+1r+sfOG/rf9b64fOxY4u1/h/4rx46Bdz92jPH3q3+futYVU4x+7Fj8nVfxH/aLkWM09mgzvdOxY8b9F9z27WPTux87llhvxAcN/f3YMXhgYMg0I48dww4k0485sMewG7MNuzHDmANHDLsx+9s3xh04e9iNmdbYeIM1B739tj0jljvLsOUuMNmgt5/81TMvePQYe7/11rQj1mWW0Q6sI7aPoaP+fFxwsuHDNvKxtNy7Nx9+3/Qjljvrv7HckY+l5c6z6fD7Zhix3NlGW+4Y77LckY8duT8Mm/Xt/WHGQf/wh5+w/y4y2v47aORhfZSHjPwaa/jXhJeN/Gwo2F/+reMO7b+TvMv6vsvnWuH2NmzaDktecep/1+da0fqO8+7r+06fw/2O67v+uFsu9d+wvoNGWd9/2M42mW/4tjLjiO1szn9j+x352NGPY2O+fe9whhn/lePYAv90HNt+jMGjrfwovdPvQGvC/MOvT/63pc175BgTjxz7MUdb7n/1O9CM734cm2S90R63yMEDg2jMH378sHXH/i/GfMyBf/xdfeSYj3zsu435DP885oP+acznefcx/1d/75xxmuH3j/EuYz54582WHDnmY/2bYz7DvzvmCwyMQWO+xwHDx+3djqfvNOYjH/uPYz5k4EsDAwPTjhjz6f+V7XyW/57tfDyYf/j1B/426ZIpzthtlGPMoH9nzKf/d8d86N+282nfvm/qwQNjjTWw5eqbb77prMP/HXlztuH/8rHo6fuHj/O7/Sx9J6ORj323/WLaf8Vo6H+P0UeG/PP8I190jLy93NnHTPr/91g07b9nNGiRAT4WnXLR8HF7t9+L3mnMRz6Wfg4OHeXxo7+ue5f3o8TnNGzafvvvc/vIRY54WO9H+a/3D5vtyP/Gt97oB/n6T63//u8uf3f5u8vfXf7i3uH8/9/e///hSZZ9bMSL5DH3nG+dNd7r9X2P+48+/z/C9x/O/6+xznx7DnspOOK+dz0/O3ye/5XnZ+cefjHhNSPnG/38IK/oO5+fnWGvmZYZ+J85P/v/q5H76r/wOr7jv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y1/cO5z/H/k3ykMPfOP+7UacCB1z333WeOO9Xt/3uP/o8/8jfP/h/P8ba+yz7+CBv933ruf/h8/jOP+/1IF7nzTwv/j8/8h9tfP/9V+Uv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/mLe4fz/wuM/DuAuVZde9eRfw+w0axf2PG9Xt/3uP/U8/99/r+3jv/u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/cSPO/w+M9rGOS7ddYHD+//927+D/tfwxi/8y+WMW/2Xzxyz+X88fs/gvlz9m8f9G/pjFf/n8MYv/CvljFv8V88cs/ivlj1n8V84fs/h/M3/M4v+t/DGL/yr5Yxb/VfPHLP6r5Y9Z/FfPH7P4fzt/zOK/Rv6YxX/N/DGL/1r5Yxb/tfPHLP7r5I9Z/NfNH7P4r5c/ZvH/Tv6YxX/9/DGL/wb5Yxb/DfPHLP4b5Y9Z/DfOH7P4b5I/ZvH/bv6YxX/T/DGL/2b5Yxb/zfPHLP7fyx+z+H8/f8ziv0X+mMV/y/wxi/9W+WMW/63zxyz+2+SPWfx/kD9m8f9h/pjF/0f5Yxb/bfPHLP7b5Y9Z/LfPH7P4/zh/zOK/Q/6Yxf8n+WMW/x3zxyz+O+WPWfx/mj9m8d85f8ziv0v+mMV/1/wxi//P8scs/rvlj1n8f54/ZvH/Rf6YxX/3/DGL/x75Yxb/PfPHLP6/zB+z+O+VP2bx3zt/zOK/T/6YxX/f/DGL/375Yxb//fPHLP6/yh+z+B+QP2bxPzB/zOL/6/wxi/9v8scs/gflj1n8f5s/ZvE/OH/M4n9I/pjF/9D8MYv/7/LHLP6/zx+z+B+WP2bx/0P+mMX/8Pwxi/8R+WMW/yPzxyz+R+WPWfyPzh+z+P8xf8zif0z+mMX/T/ljFv9j88cs/sflj1n8/5w/ZvE/Pn/M4n9C/pjF/8T8MYv/SfljFv+T88cs/n/JH7P4n5I/ZvH/a/6Yxf/U/DGL/2n5Yxb/0/PHLP5n5I9Z/M/MH7P4n5U/ZvE/O3/M4n9O/pjF/9z8MYv/efljFv/z88cs/hfkj1n8L8wfs/hflD9m8b84f8zif0n+mMX/0vwxi/9l+WMW/8vzxyz+V+SPWfyvzB+z+F+VP2bxvzp/zOJ/Tf6Yxf/a/DGL/3X5Yxb/6/PHLP435I9Z/G/MH7P435Q/ZvG/OX/M4n9L/pjF/9b8MYv/bfljFv/b88cs/nfkj1n878wfs/jflT9m8b87f8zif0/+mMX/3vwxi/99+WMW//vzxyz+D+SPWfwfzB+z+D+UP2bxfzh/zOL/SP6Yxf/R/DGL/2P5Yxb/x/PHLP5P5I9Z/J/MH7P4P5U/ZvF/On/M4v9M/pjF/9n8MYv/c/ljFv/n88cs/i/kj1n8X8wfs/i/lD9m8X85f8zi/0r+mMX/1fwxi/9r+WMW/9fzxyz+b+SPWfzfzB+z+L+VPybxHzSQP2bxH5Q/ZvEfnD9m8R8jf8ziPyR/zOI/Zv6YxX+s/DGL/9j5Yxb/cfLHLP7j5o9Z/MfLH7P4j58/ZvGfIH/M4j9h/pjFf6L8MYv/xPljFv9J8scs/pPmj1n8J8sfs/i/L3/M4v/+/DGL/wfyxyz+H8wfs/h/KH/M4j95/pjF/8P5Yxb/j+SPWfw/mj9m8f9Y/pjFf4r8MYv/x/PHLP5T5o9Z/Ifmj1n8p8ofs/hPnT9m8Z8mf8ziP23+mMV/uvwxi//0+WMW/xnyxyz+M+aPWfw/kT9m8f9k/tigQwcGDP6fyh+z7P+fzh+z+H8mf8ziP1P+mMV/5vwxi/8s+WMW/1nzxyz+s+WPWfxnzx+z+M+RP2bxnzN/zOI/V/6YxX/u/DGL/zz5Yxb/efPHLP7z5Y9Z/OfPH7P4fzZ/zOL/ufwxi//n88cs/l/IH7P4L5A/ZvFfMH/M4r9Q/pjFf+H8MYv/F/PHLP5fyh+z+C+SP2bxXzR/zOL/5fwxi/9i+WMW/6/kj1n8F88fs/gvkT9m8f9q/pjFf8n8MYv/UvljFv+l88cs/l/LH7P4L5M/ZvFfNn/M4v/1/DGL/3L5Yxb/b+SPWfyXzx+z+K+QP2bxXzF/zOK/Uv6YxX/l/DGL/zfzxyz+38ofs/ivkj9m8V81f8ziv1r+mMV/9fwxi/+388cs/mvkj1n818wfs/ivlT9m8V87f8ziv07+mMV/3fwxi/96+WMW/+/kj1n8188fs/hvkD9m8d8wf8ziv1H+mMV/4/wxi/8m+WMW/+/mj1n8N80fs/hvlj9m8d88f8zi/738MYv/9/PHLP5b5I9Z/LfMH7P4b5U/ZvHfOn/M4r9N/pjF/wf5Yxb/H+aPWfx/lD9m8d82f8ziv13+2JgDDv/t88cs+/+P88cs/jvkj1n8f5I/ZvHfMX/M4r9T/pjF/6f5Yxb/nfPHLP675I9Z/HfNH7P4/yx/zOK/W/6Yxf/n+WMW/1/kj1n8d88fs/jvkT9m8d8zf8zi/8v8MYv/XvljFv+988cs/vvkj1n8980fs/jvlz9m8d8/f8zi/6v8MYv/AfljFv8D88cs/r/OH7P4/yZ/zOJ/UP6Yxf+3+WMW/4Pzxyz+h+SPWfwPzR+z+P8uf8zi//v8MYv/YfljFv8/5I9Z/A/PH7P4H5E/ZvE/Mn/M4n9U/pjF/+j8MYv/H/PHLP7H5I9Z/P+UP2bxPzZ/zOJ/XP6Yxf/P+WMW/+Pzxyz+J+SPWfxPzB+z+J+UP2bxPzl/zOL/l/wxi/8p+WMW/7/mj1n8T80fs/iflj9m8T89f8zif0b+mMX/TK//GO92p8X/LK//u2bxPzt/zOJ/Tv6Yxf/c/DGL/3n5Yxb/8/PHLP4X5I9Z/C/MH7P4X5Q/ZvG/OH/M4n9J/pjF/9L8MYv/ZfljFv/L88cs/lfkj1n8r8wfs/hflT9m8b86f8zif03+mMX/2vwxi/91+WMW/+vzxyz+N+SPWfxvzB+z+N+UP2bxvzl/zOJ/S/6Yxf/W/DGL/235Yxb/2/PHLP535I9Z/O/MH7P435U/ZvG/O3/M4n9P/pjF/978MYv/ffljFv/788cs/g/kj1n8H8wfs/g/lD9m8X84f8zi/0j+mMX/0fwxi/9j+WMW/8fzxyz+T+SPWfyfzB+z+D+VP2bxfzp/zOL/TP6Yxf/Z/DGL/3P5Yxb/5/PHLP4v5I9Z/F/MH7P4v5Q/ZvF/OX/M4v9K/pjF/9X8MYv/a/ljFv/X88cs/m/kj1n838wfs/i/lT8m8X/7av7/nMV/UP6YxX9w/pjFf4z8MYv/kPwxi/+Y+WMW/7Hyxyz+Y+ePWfzHyR+z+I+bP2bxHy9/zOI/fv6YxX+C/DGL/4T5Yxb/ifLHLP4T549Z/CfJH7P4T5o/ZvGfLH/M4v++/DGL//vzxyz+H8gfs/h/MH/M4v+h/DGL/+T5Yxb/D+ePWfw/kj9m8f9o/pjF/2P5Yxb/KfLHLP4fzx+z+E+ZP2bxH5o/ZvGfKn/M4j91/pjFf5r8MYv/tPljFv/p8scs/tPnj1n8Z8gfs/jPmD9m8f9E/pjF/5P5Yxb/T+WPWfw/nT9m8f9M/pjFf6b8MYv/zPljFv9Z8scs/rPmj1n8Z8sfs/jPnj9m8Z8jf8ziP2f+mMV/rvwxi//c+WMW/3nyxyz+8+aP/cf6j/uP/vPlj/3H+o+2/8+fP2bx/2z+mMX/c/ljFv/P549Z/L+QP2bxXyB/zOK/YP6YxX+h/DGL/8L5Yxb/L+aPWfy/lD9m8V8kf8ziv2j+mMX/y/ljFv/F8scs/l/JH7P4L54/ZvFfIn/M4v/V/DGL/5L5Yxb/pfLHLP5L549Z/L+WP2bxXyZ/zOK/bP6Yxf/r+WMW/+Xyxyz+38gfs/gvnz9m8V8hf8ziv2L+mMV/pfwxi//K+WMW/2/mj1n8v5U/ZvFfJX/M4r9q/pjFf7X8MYv/6vljFv9vv+0/znu1Vv9rs/iv0f6PWfzXzB+z+K+VP2bxXzt/zOK/Tv6YxX/d/DGL/3r5Yxb/7+SPWfzXzx+z+G+QP2bx3zB/zOK/Uf6YxX/j/DGL/yb5Yxb/7+aPWfw3zR+z+G+WP2bx3zx/zOL/vfwxi//388cs/lvkj1n8t8wfs/hvlT9m8d86f8ziv03+mMX/B/ljFv8f5o9Z/H+UP2bx3zZ/zOK/Xf6YxX/7/DGL/4/zxyz+O+SPWfx/kj9m8d8xf8ziv1P+mMX/p/ljFv+d88cs/rvkj1n8d80fs/j/LH/M4r9b/pjF/+f5Yxb/X+SPWfx3zx+z+O+RP2bx3zN/zOL/y/wxi/9e+WMW/73zxyz+++SPWfz3zR+z+O+XP2bx3z9/zOL/q/wxi/8B+WMW/wPzxyz+v84fs/j/Jn/M4n9Q/pjF/7f5Yxb/g/PHLP6H5I9Z/A/NH7P4/y5/zOL/+/wxi/9h+WMW/z/kj1n8D88fs/gfkT9m8T8yf8zif1T+mMX/6Pwxi/8f88cs/sfkj1n8/5Q/ZvE/Nn/M4n9c/pjF/8/5Yxb/4/PHLP4n5I9Z/E/MH7P4n5Q/ZvE/OX/M4v+X/DGL/yn5Yxb/v+aPWfxPzR+z+J+WP2bxPz1/zOJ/Rv6Yxf/M/DGL/1n5Yxb/s/PHLP7n5I9Z/M/NH7P4n5c/ZvE/P3/M4n9B/pjF/8L8MYv/RfljFv+L88cs/pfkj1n8L80fs/hflj9m8b88f8zif0X+mMX/yvwxi/9V+WMW/6vzxyz+1+SPWfyvzR+z+F+XP2bxvz5/zOJ/Q/6Yxf/G/DGL/035Yxb/m/PHLP635I9Z/G/NH7P435Y/ZvG/PX/M4n9H/pjF/878MYv/XfljFv+788cs/vfkj1n8780fs/jflz9m8b8/f8zi/0D+mMX/wfwxi/9D+WMW/4fzxyz+j+SPWfwfzR+z+D+WP2bxfzx/zOL/RP6Yxf/J/DGL/1P5Yxb/p/PHLP7P5I9Z/J/NH7P4P5c/ZvF/Pn/M4v9C/pjF/8X8MYv/S/ljFv+X88cs/q/kj1n8X80fs/i/lj9m8X89f8zi/0b+mMX/zfwxi/9b+WMS/zEG8scs/oPyxyz+g/PHLP5j5I9Z/Ifkj1n8x8wfs/iPlT9m8R87f8ziP07+mMV/3Pwxi/94+WMW//Hzxyz+E+SPWfwnzB+z+E+UP2bxnzh/zOI/Sf6YxX/S/DGL/2T5Yxb/9+WPWfzfnz9m8f9A/pjF/4P5Yxb/D+WPWfwnzx+z+H84f8zi/5H8MYv/R/PHLP4fyx+z+E+RP2bx/3j+mMV/yvwxi//Q/DGL/1T5Yxb/qfPHLP7T5I9Z/KfNH7P4T5c/ZvGfPn/M4j9D/pjFf8b8MYv/J/LHLP6fzB+z+H8qf8zi/+n8MYv/Z/LHLP4z5Y9Z/GfOH7P4z5I/ZvGfNX/M4j9b/pjFf/b8MYv/HPljFv8588cs/nPlj1n8584fs/jPkz9m8Z83f8ziP1/+mMV//vwxi/9n88cs/p/LH7P4fz5/zOL/hfwxi/8C+WMW/wXzxyz+C+WPWfwXzh+z+H8xf8zi/6X8MYv/IvljFv9F88cs/l/OH7P4L5Y/ZvH/Sv6YxX/x/DGL/xL5Yxb/r+aPWfyXzB+z+C+VP2bxXzp/zOL/tfwxi/8y+WMW/2Xzxyz+X88fs/gvlz9m8f9G/pjFf/n8MYv/CvljFv8V88cs/ivlj1n8V84fs/h/M3/M4v+t/DGL/yr5Yxb/VfPHLP6r5Y9Z/FfPH7P4fzt/zOK/Rv6YxX/N/DGL/1r5Yxb/tfPHLP7r5I9Z/NfNH7P4r5c/ZvH/Tv6YxX/9/DGL/wb5Yxb/DfPHLP4b5Y9Z/DfOH7P4b5I/ZvH/bv6YxX/T/DGL/2b5Yxb/zfPHLP7fyx+z+H8/f8ziv0X+mMV/y/wxi/9W+WMW/63zxyz+2+SPWfx/kD9m8f9h/pjF/0f5Yxb/bfPHLP7b5Y9Z/LfPH7P4/zh/zOK/Q/6Yxf8n+WMW/x3zxyz+O+WPWfx/mj9m8d85f8ziv0v+mMV/1/wxi//P8scs/rvlj1n8f54/ZvH/Rf6YxX/3/DGL/x75Yxb/PfPHLP6/zB+z+O+VP2bx3zt/zOK/T/6YxX/f/DGL/375Yxb//fPHLP6/yh+z+B+QP2bxPzB/zOL/6/wxi/9v8scs/gflj1n8f5s/ZvE/OH/M4n9I/pjF/9D8MYv/7/LHLP6/zx+z+B+WP2bx/0P+mMX/8Pwxi/8R+WMW/yPzxyz+R+WPWfyPzh+z+P8xf8zif0z+mMX/T/ljFv9j88cs/sflj1n8/5w/ZvE/Pn/M4n9C/pjF/8T8MYv/SfljFv+T88cs/n/JH7P4n5I/ZvH/a/6Yxf/U/DGL/2n5Yxb/0/PHLP5n5I9Z/M/MH7P4n5U/ZvE/O3/M4n9O/pjF/9z8MYv/efljFv/z88cs/hfkj1n8L8wfs/hflD9m8b84f8zif0n+mMX/0vwxi/9l+WMW/8vzxyz+V+SPWfyvzB+z+F+VP2bxvzp/zOJ/Tf6Yxf/a/DGL/3X5Yxb/6/PHLP435I9Z/G/MH7P435Q/ZvG/OX/M4n9L/pjF/9b8MYv/bfljFv/b88cs/nfkj1n878wfs/jflT9m8b87f8zif0/+mMX/3vwxi/99+WMW//vzxyz+D+SPWfwfzB+z+D+UP2bxfzh/zOL/SP6Yxf/R/DGL/2P5Yxb/x/PHLP5P5I9Z/J/MH7P4P5U/ZvF/On/M4v9M/pjF/9n8MYv/c/ljFv/n88cs/i/kj1n8X8wfs/i/lD9m8X85f8zi/0r+mMX/1fwxi/9r+WMW/9fzxyz+b+SPWfzfzB+z+L+VPybxHzKQP2bxH5Q/ZvEfnD9m8R8jf8ziPyR/zOI/Zv6YxX+s/DGL/9j5Yxb/cfLHLP7j5o9Z/MfLH7P4j58/ZvGfIH/M4j9h/pjFf6L8MYv/xPljFv9J8scs/pPmj1n8J8sfs/i/L3/M4v/+/DGL/wfyxyz+H8wfs/h/KH/M4j95/pjF/8P5Yxb/j+SPWfw/mj9m8f9Y/pjFf4r8MYv/x/PHLP5T5o9Z/Ifmj1n8p8ofs/hPnT9m8Z8mf8ziP23+mMV/uvwxi//0+WMW/xnyxyz+M+aPWfw/kT9m8f9k/pjF/1P5Yxb/T+ePWfw/kz9m8Z8pf8ziP3P+mMV/lvwxi/+s+WMW/9nyxyz+s+ePWfznyB+z+M+ZP2bxnyt/zOI/d/6YxX+e/DGL/7z5Yxb/+fLHLP7z549Z/D+bP2bx/1z+mMX/8/ljFv8v5I9Z/BfIH7P4L5g/ZvFfKH/M4r9w/pjF/4v5Yxb/L+WPWfwXyR+z+C+aP2bx/3L+mMV/sfwxi/9X8scs/ovnj1n8l8gfs/h/NX/M4r9k/pjFf6n8MYv/0vljFv+v5Y9Z/JfJH7P4L5s/ZvH/ev6YxX+5/DGL/zfyxyz+y+ePWfxXyB+z+K+YP2bxXyl/zOK/cv6Yxf+b+WMW/2/lj1n8V8kfs/ivmj9m8V8tf8ziv3r+mMX/2/ljFv818scs/mvmj1n818ofs/ivnT9m8V8nf8ziv27+mMV/vfwxi/938scs/uvnj1n8N8gfs/hvmD9m8d8of8ziv3H+mMV/k/wxi/9388cs/pvmj1n8N8sfs/hvnj9m8f9e/pjF//v5Yxb/LfLHLP5b5o9Z/LfKH7P4b50/ZvHfJn/M4v+D/DGL/w/zxyz+P8ofs/hvmz9m8d8uf8ziv33+mMX/x/ljFv8d8scs/j/JH7P475g/ZvHfKX/M4v/T/DGL/875Yxb/XfLHLP675o9Z/H+WP2bx3y1/zOL/8/wxi/8v8scs/rvnj1n898gfs/jvmT9m8f9l/pjFf6/8MYv/3vljFv998scs/vvmj1n898sfs/jvnz9m8f9V/pjF/4D8MYv/gfljFv9f549Z/H+TP2bxPyh/zOL/2/wxi//B+WMW/0Pyxyz+h+aPWfx/lz9m8f99/pjF/7D8MYv/H/LHLP6H549Z/I/IH7P4H5k/ZvE/Kn/M4n90/pjF/4/5Yxb/Y/LHLP5/yh+z+B+bP2bxPy5/zOL/5/wxi//x+WMW/xPyxyz+J+aPWfxPyh+z+J+cP2bx/0v+mMX/lPwxi/9f88cs/qfmj1n8T8sfs/ifnj9m8T8jf8zif2b+mMX/rPwxi//Z+WMW/3Pyxyz+5+aPWfzPyx+z+J+fP2bxvyB/zOJ/Yf6Yxf+i/DGL/8X5Yxb/S/LHLP6X5o9Z/C/LH7P4X54/ZvG/In/M4n9l/pjF/6r8MYv/1fljFv9r8scs/tfmj1n8r8sfs/hfnz9m8b8hf8zif2P+mMX/pvwxi//N+WMW/1vyxyz+t+aPWfxvyx+z+N+eP2bxvyN/zOJ/Z/6Yxf+u/DGL/935Yxb/e/LHLP735o9Z/O/LH7P4358/ZvF/IH/M4v9g/pjF/6H8MYv/w/ljFv9H8scs/o/mj1n8H8sfs/g/nj9m8X8if8zi/2T+mMX/qfwxi//T+WMW/2fyxyz+z+aPWfyfyx+z+D+fP2bxfyF/zOL/Yv6Yxf+l/DGL/8v5Yxb/V/LHLP6v5o9Z/F/LH7P4v54/ZvF/I3/M4v9m/pjF/638MYn/mAP5Yxb/QfljFv/B+WMW/zHyxyz+Q/LHLP5j5o9Z/MfKH7P4j50/ZvEfJ3/M4j9u/pjFf7z8MYv/+PljFv8J8scs/hPmj1n8J8ofs/hPnD9m8Z8kf8ziP2n+mMV/svwxi//78scs/u/PH7P4fyB/zOL/wfwxi/+H8scs/pPnj1n8P5w/ZvH/SP6Yxf+j+WMW/4/lj1n8p8gfs/h/PH/M4j9l/pjFf2j+mMV/qvwxi//U+WMW/2nyxyz+0+aPWfynyx+z+E+fP2bxnyF/zOI/Y/6Yxf8T+WMW/0/mj1n8P5U/ZvH/dP6Yxf8z+WMW/5nyxyz+M+ePWfxnyR+z+M+aP2bxny1/zOI/e/6YxX+O/DGL/5z5Yxb/ufLHLP5z549Z/OfJH7P4z5s/ZvGfL3/M4j9//pjF/7P5Yxb/z+WPWfw/nz9m8f9C/pjFf4H8MYv/gvljFv+F8scs/gvnj1n8v5g/ZvH/Uv6YxX+R/DGL/6L5Yxb/L+ePWfwXyx+z+H8lf8ziv3j+mMV/ifwxi/9X88cs/kvmj1n8l8ofs/gvnT9m8f9a/pjFf5n8MYv/svljFv+v549Z/JfLH7P4fyN/zOK/fP6YxX+F/DGL/4r5Yxb/lfLHLP4r549Z/L+ZP2bx/1b+mMV/lfwxi/+q+WMW/9Xyxyz+q+ePWfy/nT9m8V8jf8ziv2b+mMV/rfwxi//a+WMW/3Xyxyz+6+aPWfzXyx+z+H8nf8ziv37+mMV/g/wxi/+G+WMW/43yxyz+G+ePWfw3yR+z+H/3nfyH/A+t1//SLP6btv9jFv/N8scs/pvnj1n8v5c/ZvH/fv6YxX+L/DGL/5b5Yxb/rfLHLP5b549Z/LfJH7P4/yB/zOL/w/wxi/+P8scs/tvmj1n8t8sfs/hvnz9m8f9x/pjFf4f8MYv/T/LHLP475o9Z/HfKH7P4/zR/zOK/c/6YxX+X/DGL/675Yxb/n+WPWfx3yx+z+P88f8zi/4v8MYv/7vljFv898scs/nvmj1n8f5k/ZvHfK3/M4r93/pjFf5/8MYv/vvljFv/98scs/vvnj1n8f5U/ZvE/IH/M4n9g/pjF/9f5Yxb/3+SPWfwPyh+z+P82f8zif3D+mMX/kPwxi/+h+WMW/9/lj1n8f58/ZvE/LH/M4v+H/DGL/+H5Yxb/I/LHLP5H5o9Z/I/KH7P4H50/ZvH/Y/6Yxf+Y/DGL/5/yxyz+x+aPWfyPyx+z+P85f8zif3z+mMX/hPwxi/+J+WMW/5Pyxyz+J+ePWfz/kj9m8T8lf8zi/9f8MYv/qfljFv/T8scs/qfnj1n8z8gfs/ifmT9m8T8rf8zif3b+mMX/nPwxi/+5+WMW//Pyxyz+5+ePWfwvyB+z+F+YP2bxvyh/zOJ/cf6Yxf+S/DGL/6X5Yxb/y/LHLP6X549Z/K/IH7P4X5k/ZvG/Kn/M4n91/pjF/5r8MYv/tfljFv/r8scs/tfnj1n8b8gfs/jfmD9m8b8pf8zif3P+mMX/lvwxi/+t+WMW/9vyxyz+t+ePWfzvyB+z+N+ZP2bxvyt/zOJ/d/6Yxf+e/DGL/735Yxb/+/LHLP73549Z/B/IH7P4P5g/ZvF/KH/M4v9w/pjF/5H8MYv/o/ljFv/H8scs/o/nj1n8n8gfs/g/mT9m8X8qf8zi/3T+mMX/mfwxi/+z+WMW/+fyxyz+z+ePWfxfyB+z+L+YP2bxfyl/zOL/cv6Yxf+V/DGL/6v5Yxb/1/LHLP6v549Z/N/IH7P4v5k/ZvF/K39M4j/WQP6YxX9Q/pjFf3D+mMV/jPwxi/+Q/DGL/5j5Yxb/sfLHLP5j549Z/MfJH7P4j5s/ZvEfL3/M4j9+/pjFf4L8MYv/hPljFv+J8scs/hPnj1n8J8kfs/hPmj9m8Z8sf8zi/778MYv/+/PHLP4fyB+z+H8wf8zi/6H8MYv/5PljFv8P549Z/D+SP2bx/2j+mMX/Y/ljFv8p8scs/h/PH7P4T5k/ZvEfmj9m8Z8qf8ziP3X+mMV/mvwxi/+0+WMW/+nyxyz+0+ePWfxnyB+z+M+YP2bx/0T+mMX/k/ljFv9P5Y9Z/D+dP2bx/0z+mMV/pvwxi//M+WMW/1nyxyz+s+aPWfxnyx+z+M+eP2bxnyN/zOI/Z/6YxX+u/DGL/9z5Yxb/efLHLP7z5o9Z/OfLH7P4z58/ZvH/bP6Yxf9z+WMW/8/nj1n8v5A/ZvFfIH/M4r9g/pjFf6H8MYv/wvljFv8v5o9Z/L+UP2bxXyR/zOK/aP6Yxf/L+WMW/8Xyxyz+X8kfs/gvnj9m8V8if8zi/9X8MYv/kvljFv+l8scs/kvnj1n8v5Y/ZvFfJn/M4r9s/pjF/+v5Yxb/5fLHLP7fyB+z+C+fP2bxXyF/zOK/Yv6YxX+l/DGL/8r5Yxb/b+aPWfy/lT9m8V8lf8ziv2r+mMV/tfwxi//q+WMW/2/nj1n818gfs/ivmT9m8V8rf8ziv3b+mMV/nfwxi/+6+WMW//Xyxyz+38kfs/ivnz9m8d8gf8ziv2H+mMV/o/wxi//G+WMW/03yxyz+380fs/hvmj9m8d8sf8ziv3n+mMX/e/ljFv/v549Z/LfIH7P4b5k/ZvHfKn/M4r91/pjFf5v8MYv/D/LHLP4/zB+z+P8of8ziv23+mMV/u/wxi//2+WMW/x/nj1n8d8gfs/j/JH/M4r9j/pjFf6f8MYv/T/PHLP47549Z/HfJH7P475o/ZvH/Wf6YxX+3/DGL/8/zxyz+v8gfs/jvnj9m8d8jf8ziv2f+mMX/l/ljFv+98scs/nvnj1n898kfs/jvmz9m8d8vf8ziv3/+mMX/V/ljFv8D8scs/gfmj1n8f50/ZvH/Tf6Yxf+g/DGL/2/zxyz+B+ePWfwPyR+z+B+aP2bx/13+mMX/9/ljFv/D8scs/n/IH7P4H54/ZvE/In/M4n9k/pjF/6j8MYv/0fljFv8/5o9Z/I/JH7P4/yl/zOJ/bP6Yxf+4/DGL/5/zxyz+x+ePWfxPyB+z+J+YP2bxPyl/zOJ/cv6Yxf8v+WMW/1Pyxyz+f80fs/ifmj9m8T8tf8zif3r+mMX/jPwxi/+Z+WMW/7Pyxyz+Z+ePWfzPyR+z+J+bP2bxPy9/zOJ/fv6Yxf+C/DGL/4X5Yxb/i/LHLP4X549Z/C/JH7P4X5o/ZvG/LH/M4n95/pjF/4r8MYv/lfljFv+r8scs/lfnj1n8r8kfs/hfmz9m8b8uf8zif33+mMX/hvwxi/+N+WMW/5vyxyz+N+ePWfxvyR+z+N+aP2bxvy1/zOJ/e/6Yxf+O/DGL/535Yxb/u/LHLP53549Z/O/JH7P435s/ZvG/L3/M4n9//pjF/4H8MYv/g/ljFv+H8scs/g/nj1n8H8kfs/g/mj9m8X8sf8zi/3j+mMX/ifwxi/+T+WMW/6fyxyz+T+ePWfyfyR+z+D+bP2bxfy5/zOL/fP6Yxf+F/DGL/4v5Yxb/l/LHLP4v549Z/F/JH7P4v5o/ZvF/LX/M4v96/pjF/438MYv/m/ljFv+38sck/mMP5I9Z/Aflj1n8B+ePWfzHyB+z+A/JH7P4j5k/ZvEfK3/M4j92/pjFf5z8MYv/uPljFv/x8scs/uPnj1n8J8gfs/hPmD9m8Z8of8ziP3H+mMV/kvwxi/+k+WMW/8nyxyz+78sfs/i/P3/M4v+B/DGL/wfzxyz+H8ofs/hPnj9m8f9w/pjF/yP5Yxb/j+aPWfw/lj9m8Z8if8zi//H8MYv/lPljFv+h+WMW/6nyxyz+U+ePWfynyR+z+E+bP2bxny5/zOI/ff6YxX+G/DGL/4z5Yxb/T+SPWfw/mT9m8f9U/pjF/9P5Yxb/z+SPWfxnyh+z+M+cP2bxnyV/zOI/a/6YxX+2/DGL/+z5Yxb/OfLHLP5z5o9Z/OfKH7P4z50/ZvGfJ3/M4j9v/pjFf778MYv//PljFv/P5o9Z/D+XP2bx/3z+mMX/C/ljFv8F8scs/gvmj1n8F8ofs/gvnD9m8f9i/pjF/0v5Yxb/RfLHLP6L5o9Z/L+cP2bxXyx/zOL/lfwxi//i+WMW/yXyxyz+X80fs/gvmT9m8V8qf8ziv3T+mMX/a/ljFv9l8scs/svmj1n8v54/ZvFfLn/M4v+N/DGL//L5Yxb/FfLHLP4r5o9Z/FfKH7P4r5w/ZvH/Zv6Yxf9b+WMW/1Xyxyz+q+aPWfxXyx+z+K+eP2bx/3b+mMV/jfwxi/+a+WMW/7Xyxyz+a+ePWfzXyR+z+K+bP2bxXy9/zOL/nfwxi//6+WMW/w3yxyz+G+aPWfw3yh+z+G+cP2bx3yR/zOL/3fwxi/+m+WMW/83yxyz+m+ePWfy/lz9m8f9+/pjFf4v8MYv/lvljFv+t8scs/lvnj1n8t8kfs/j/IH/M4v/D/DGL/4/yxyz+2+aPWfy3yx+z+G+fP2bx/3H+mMV/h/wxi/9P8scs/jvmj1n8d8ofs/j/NH/M4r9z/pjFf5f8MYv/rvljFv+f5Y9Z/HfLH7P4/zx/zOL/i/wxi//u+WMW/z3yxyz+e+aPWfx/mT9m8d8rf8ziv3f+mMV/n/wxi/+++WMW//3yxyz+++ePWfx/lT9m8T8gf8zif2D+mMX/1/ljFv/f5I9Z/A/KH7P4/zZ/zOJ/cP6Yxf+Q/DGL/6H5Yxb/3+WPWfx/nz9m8T8sf8zi/4f8MYv/4fljFv8j8scs/kfmj1n8j8ofs/gfnT9m8f9j/pjF/5j8MYv/n/LHLP7H5o9Z/I/LH7P4/zl/zOJ/fP6Yxf+E/DGL/4n5Yxb/k/LHLP4n549Z/P+SP2bxPyV/zOL/1/wxi/+p+WMW/9Pyxyz+p+ePWfzPyB+z+J+ZP2bxPyt/zOJ/dv6Yxf+c/DGL/7n5Yxb/8/LHLP7n549Z/C/IH7P4X5g/ZvG/KH/M4n9x/pjF/5L8MYv/pfljFv/L8scs/pfnj1n8r8gfs/hfmT9m8b8qf8zif3X+mMX/mvwxi/+1+WMW/+vyxyz+1+ePWfxvyB+z+N+YP2bxvyl/zOJ/c/6Yxf+W/DGL/635Yxb/2/LHLP63549Z/O/IH7P435k/ZvG/K3/M4n93/pjF/578MYv/vfljFv/78scs/vfnj1n8H8gfs/g/mD9m8X8of8zi/3D+mMX/kfwxi/+j+WMW/8fyxyz+j+ePWfyfyB+z+D+ZP2bxfyp/zOL/dP6Yxf+Z/DGL/7P5Yxb/5/LHLP7P549Z/F/IH7P4v5g/ZvF/KX/M4v9y/pjF/5X8MYv/q/ljFv/X8scs/q/nj1n838gfs/i/mT9m8X8rf0ziP85A/pjFf1D+mMV/cP6YxX+M/DGL/5D8MYv/mPljFv+x8scs/mPnj1n8x8kfs/iPmz9m8R8vf8ziP37+mMV/gvwxi/+E+WMW/4nyxyz+E+ePWfwnyR+z+E+aP2bxnyx/zOL/vvwxi//788cs/h/IH7P4fzB/zOL/ofwxi//k+WMW/w/nj1n8P5I/ZvH/aP6Yxf9j+WMW/ynyxyz+H88fs/hPmT9m8R+aP2bxnyp/zOI/df6YxX+a/DGL/7T5Yxb/6fLHLP7T549Z/GfIH7P4z5g/ZvH/RP6Yxf+T+WMW/0/lj1n8P50/ZvH/TP6YxX+m/DGL/8z5Yxb/WfLHLP6z5o9Z/GfLH7P4z54/ZvGfI3/M4j9n/pjFf678MYv/3PljFv958scs/vPmj1n858sfs/jPnz9m8f9s/pjF/3P5Yxb/z+ePWfy/kD9m8V8gf8ziv2D+mMV/ofwxi//C+WMW/y/mj1n8v5Q/ZvFfJH/M4r9o/pjF/8v5Yxb/xfLHLP5fyR+z+C+eP2bxXyJ/zOL/1fwxi/+S+WMW/6Xy/8fGHn5h8V86f8zi/7X8MYv/MvljFv9l88cs/l/PH7P4L5c/ZvH/Rv6YxX/5/DGL/wr5Yxb/FfPHLP4r5Y9Z/FfOH7P4fzN/zOL/rfwxi/8q+WMW/1Xzxyz+q+WPWfxXzx+z+H87f8ziv0b+mMV/zfwxi/9a+WMW/7Xzxyz+6+SPWfzXzR+z+K+XP2bx/07+mMV//fwxi/8G+WMW/w3zxyz+G+WPWfw3zh+z+G+SP2bx/27+mMV/0/wxi/9m+WMW/83zxyz+38sfs/h/P3/M4r9F/pjFf8v8MYv/VvljFv+t88cs/tvkj1n8f5A/ZvH/Yf6Yxf9H+WMW/23zxyz+2+WPWfy3zx+z+P84f8ziv0P+mMX/J/ljFv8d88cs/jvlj1n8f5o/ZvHfOX/M4r9L/pjFf9f8MYv/z/LHLP675Y9Z/H+eP2bx/0X+mMV/9/wxi/8e+WMW/z3zxyz+v8wfs/jvlT9m8d87f8ziv0/+mMV/3/wxi/9++WMW//3zxyz+v8ofs/gfkD9m8T8wf8zi/+v8MYv/b/LHLP4H5Y9Z/H+bP2bxPzh/zOJ/SP6Yxf/Q/DGL/+/yxyz+v88fs/gflj9m8f9D/pjF//D8MYv/EfljFv8j88cs/kflj1n8j84fs/j/MX/M4n9M/pjF/0/5Yxb/Y/PHLP7H5Y9Z/P+cP2bxPz5/zOJ/Qv6Yxf/E/DGL/0n5Yxb/k/PHLP5/yR+z+J+SP2bx/2v+mMX/1Pwxi/9p+WMW/9Pzxyz+Z+SPWfzPzB+z+J+VP2bxPzt/zOJ/Tv6Yxf/c/DGL/3n5Yxb/8/PHLP4X5I9Z/C/MH7P4X5Q/ZvG/OH/M4n9J/pjF/9L8MYv/ZfljFv/L88cs/lfkj1n8r8wfs/hflT9m8b86f8zif03+mMX/2vwxi/91+WMW/+vzxyz+N+SPWfxvzB+z+N+UP2bxvzl/zOJ/S/6Yxf/W/DGL/235Yxb/2/PHLP535I9Z/O/MH7P435U/ZvG/O3/M4n9P/pjF/978MYv/ffljFv/788cs/g/kj1n8H8wfs/g/lD9m8X84f8zi/0j+mMX/0fwxi/9j+WMW/8fzxyz+T+SPWfyfzB+z+D+VP2bxfzp/zOL/TP6Yxf/Z/DGL/3P5Yxb/5/PHLP4v5I9Z/F/MH7P4v5Q/ZvF/OX/M4v9K/pjF/9X8MYv/a/ljFv/X88cs/m/kj1n838wfs/i/lT8m8R93IH/M4j8of8ziPzh/zOI/Rv6YxX9I/qM0zt+uWfzHzB+z+I+VP2bxHzt/zOI/Tv6YxX/c/DGL/3j5Yxb/8fPHLP4T5I9Z/CfMH7P4T5Q/ZvGfOH/M4j9J/pjFf9L8MYv/ZPljFv/35Y9Z/N+fP2bx/0D+mMX/g/ljFv8P5Y9Z/CfPH7P4fzh/zOL/kfwxi/9H88cs/h/LH7P4T5E/ZvH/eP6YxX/K/DGL/9D8MYv/VPljFv+p88cs/tPkj1n8p80fs/hPlz9m8Z8+f8ziP0P+mMV/xvwxi/8n8scs/p/MH7P4fyp/zOL/6fwxi/9n8scs/jPlj1n8Z84fs/jPkj9m8Z81f8ziP1v+mMV/9vwxi/8c+WMW/znzxyz+c+WPWfznzh+z+M+TP2bxnzd/zOI/X/6YxX/+/DGL/2fzxyz+n8sfs/h/Pn/M4v+F/DGL/wI+/xe2+Rdmsvgv6PP/l7L4L5Q/ZvFfOH/M4v/F/DGL/5fyxyz+i+SPWfwXzR+z+H85f8ziv1j+mMX/K/ljFv/F88cs/kvkj1n8v5o/ZvFfMn/M4r9U/pjFf+n8MYv/1/LHLP7L5I9Z/JfNH7P4fz1/zOK/XP6Yxf8b+WMW/+Xzxyz+K+SPWfxXzB+z+K+UP2bxXzl/zOL/zfwxi/+38scs/qvkj1n8V80fs/ivlj9m8V89f8zi/+38MYv/GvljFv8188cs/mvlj1n8184fs/ivkz9m8V83f8ziv17+mMX/O/ljFv/188cs/hvkj1n8N8wfs/hvlD9m8d84f8ziv0n+mMX/u/ljFv9N88cs/pvlj1n8N88fs/h/L3/M4v/9/DGL/xb5Yxb/LfPHLP5b5Y9Z/LfOH7P4b5M/ZvH/Qf6Yxf+H+WMW/x/lj1n8t80fs/hvlz9m8d8+f8zi/+P8MYv/DvljFv+f5I9Z/HfMH7P475Q/ZvH/af6YxX/n/DGL/y75Yxb/XfPHLP4/yx+z+O+WP2bx/3n+mMX/F/ljFv/d88cs/nvkj1n898wfs/j/Mn/M4r9X/pjFf+/8MYv/PvljFv9988cs/vvlj1n8988fs/j/Kn/M4n9A/pjF/8D8MYv/r/PHLP6/yR+z+B+UP2bx/23+mMX/4Pwxi/8h+WMW/0Pzxyz+v8sfs/j/Pn/M4n9Y/pjF/w/5Yxb/w/PHLP5H5I9Z/I/MH7P4H5U/ZvE/On/M4v/H/DGL/zH5Yxb/P+WPWfyPzR+z+B+XP2bx/3P+mMX/+Pwxi/8J+WMW/xPzxyz+J+WPWfxPzh+z+P8lf8zif0r+mMX/r/ljFv9T88cs/qflj1n8T88fs/ifkT9m8T8zf8zif1b+mMX/7Pwxi/85+WMW/3Pzxyz+5+WPWfzPzx+z+F8wwn+M92q9/pdm8b+w/R+z+F+UP2bxvzh/zOJ/Sf6Yxf/S/DGL/2X5Yxb/y/PHLP5X5I9Z/K/MH7P4X5U/ZvG/On/M4n9N/pjF/9r8MYv/dfljFv/r88cs/jfkj1n8b8wfs/jflD9m8b85f8zif0v+mMX/1vwxi/9t+WMW/9vzxyz+d+SPWfzvzB+z+N+VP2bxvzt/zOJ/T/6Yxf/e/DGL/335Yxb/+/PHLP4P5I9Z/B/MH7P4P5Q/ZvF/OH/M4v9I/pjF/9H8MYv/Y/ljFv/H88cs/k/kj1n8n8wfs/g/lT9m8X86f8zi/0z+mMX/2fwxi/9z+WMW/+fzxyz+L+SPWfxfzB+z+L+UP2bxfzl/zOL/Sv6Yxf/V/DGL/2v5Yxb/1/PHLP5v5I9Z/N/MH7P4v5U/JvEfbyB/zOI/KH/M4j84f8ziP0b+mMV/SP6YxX/M/DGL/1j5Yxb/sfPHLP7j5I9Z/MfNH7P4j5c/ZvEfP3/M4j9B/pjFf8L8MYv/RPljFv+J88cs/pPkj1n8J80fs/hPlj9m8X+f0X/wfz2Lxf/9Rv9/IYv/B/LHLP4fzB+z+H8of8ziP3n+mMX/w/ljFv+P5I9Z/D+aP2bx/1j+mMV/ivwxi//H88cs/lPmj1n8h+aPWfynyh+z+E+dP2bxnyZ/zOI/bf6YxX+6/DGL//T5Yxb/GfLHLP4z5o9Z/D+RP2bx/2T+mMX/U/ljFv9P549Z/D+TP2bxnyl/zOI/c/6YxX+W/DGL/6z5Yxb/2fLHLP6z549Z/OfIH7P4z5k/ZvGfK3/M4j93/pjFf578MYv/vPljFv/58scs/vPnj1n8P5s/ZvH/XP6Yxf/z+WMW/y/kj1n8F8gfs/gvmD9m8V8of8ziv3D+mMX/i/ljFv8v5Y9Z/BfJH7P4L5o/ZvH/cv6YxX+x/DGL/1fyxyz+i+ePWfyXyB+z+H81f8ziv2T+mMV/qfwxi//S+WMW/6/lj1n8l8kfs/gvmz8m8R8Y2C5/SuI/3nLt/5jF/xv5Yxb/5fPHLP4r5I9Z/FfMH7P4r5Q/ZvFfOX/M4v/N/DGL/7fyxyz+q+SPWfxXzR+z+K+WP2bxXz1/zOL/7fwxi/8a+WMW/zXzxyz+a+WPWfzXzh+z+K+TP2bxXzd/zOK/Xv6Yxf87+WMW//Xzxyz+G+SPWfw3zB+z+G+UP2bx3zh/zOK/Sf6Yxf+7+WMW/03zxyz+m+WPWfw3zx+z+H8vf8zi//38MYv/FvljFv8t88cs/lvlj1n8t84fs/hvkz9m8f9B/pjF/4f5Yxb/H+WPWfy3zR+z+G+XP2bx3z5/zOL/4/wxi/8O+WMW/5/kj1n8d8wfs/jvlD9m8f9p/pjFf+f8MYv/LvljFv9d88cs/j/LH7P475Y/ZvH/ef6Yxf8X+WMW/93zxyz+e+SPWfz3zB+z+P8yf8ziv1f+mMV/7/wxi/8++WMW/33zxyz+++WPWfz3zx+z+P8qf8zif0D+mMX/wPwxi/+v88cs/r/JH7P4H5Q/ZvH/bf6Yxf/g/DGL/yH5Yxb/Q/PHLP6/yx+z+P8+f8zif1j+mMX/D/ljFv/D88cs/kfkj1n8j8wfs/gflT9m8T86f8zi/8f8MYv/MfljFv8/5Y9Z/I/NH7P4H5c/ZvH/c/6Yxf/4/DGL/wn5Yxb/E/PHLP4n5Y9Z/E/OH7P4/yV/zOJ/Sv6Yxf+v+WMW/1Pzxyz+p+WPWfxPzx+z+J+RP2bxPzN/zOJ/Vv6Yxf/s/DGL/zn5Yxb/c/PHLP7n5Y9Z/M/PH7P4X5A/ZvG/MH/M4n9R/pjF/+L8MYv/JfljFv9L88cs/pflj1n8L88fs/hfkT9m8b8yf8zif1X+mMX/6vwxi/81+WMW/2vzxyz+1+WPWfyvzx+z+N+QP2bxvzF/zOJ/U/6Yxf/m/DGL/y35Yxb/W/PHLP635Y9Z/G/PH7P435E/ZvG/M3/M4n9X/pjF/+78MYv/PfljFv9788cs/vflj1n8788fs/g/kD9m8X8wf8zi/1D+mMX/4fwxi/8j+WMW/0fzxyz+j+WPWfwfzx+z+D+RP2bxfzJ/zOL/VP6Yxf/p/DGL/zP5Yxb/Z/PHLP7P5Y9Z/J/PH7P4v5A/ZvF/MX/M4v9S/pjF/+X8MYv/K/ljFv9X88cs/q/lj1n8X88fs/i/kT9m8X8zf8zi/1b+mMR//AGT/1j/+qwW/0Em/38ji//g/DGL/xj5Yxb/IfljFv8x88cs/mPlj1n8x84fs/iPkz9m8R83f8ziP17+mMV//Pwxi/8E+WMW/wnzxyz+E+WPWfwnzh+z+E+SP2bxnzR/zOI/Wf6Yxf99+WMW//fnj1n8P5A/ZvH/YP6Yxf9D+WMW/8nzxyz+H84fs/h/JH/M4v/R/DGL/8fyxyz+U+Q/an8bCov/x/PHLP5T5o9Z/Ifmj1n8p8ofs/hPnT9m8Z8mf8ziP23+mMV/uvwxi//0+WMW/xnyxyz+M+aPWfw/kT9m8f9k/pjF/1P5Yxb/T+ePWfw/kz9m8Z8pf8ziP3P+mMV/lvwxi/+s+WMW/9nyxyz+s+ePWfznyB+z+M+ZP2bxnyt/zOI/d/6YxX+e/DGL/7z5Yxb/+fLHLP7z549Z/D+bP2bx/1z+mMX/8/ljFv8v5I9Z/BfIH7P4L5g/ZvFfKH/M4r9w/pjF/4v5Yxb/L+WPWfwXyR+z+C+aP2bx/3L+mMV/sfwxi/9X8scs/ovnj1n8l8gfs/h/NX/M4r9k/pjFf6n8MYv/0vljFv+v5Y9Z/JfJH7P4L5s/ZvH/ev6YxX+5/DGL/zfyxyz+y+ePWfxXyB+z+K+YP2bxXyl/zOK/cv6Yxf+b+WMW/2/lj1n8V8kfs/ivmj9m8V8tf8ziv3r+mMX/2/ljFv818scs/mvmj1n818ofs/ivnT9m8V8nf8ziv27+mMV/vfwxi/938scs/uvnj1n8N8gfs/hvmD9m8d8of8ziv3H+mMV/k/wxi/9388cs/pvmj1n8N8sfs/hvnj9m8f9e/pjF//v5Yxb/LfLHLP5b5o9Z/LfKH7P4b50/ZvHfJn/M4v+D/DGL/w/zxyz+P8ofs/hvmz9m8d8uf8ziv33+mMX/x/ljFv8d8scs/j/JH7P475g/ZvHfKX/M4v/T/DGL/875Yxb/XfLHLP675o9Z/H+WP2bx3y1/zOL/8/wxi/8v8scs/rvnj1n898gfs/jvmT9m8f9l/pjFf6/8MYv/3vljFv998scs/vvmj1n898sfs/jvnz9m8f9V/pjF/4D8MYv/gfljFv9f549Z/H+TP2bxPyh/zOL/2/wxi//B+WMW/0Pyxyz+h+aPWfx/lz9m8f99/pjF/7D8MYv/H/LHLP6H549Z/I/IH7P4H5k/ZvE/Kn/M4n90/pjF/4/5Yxb/Y/LHLP5/yh+z+B+bP2bxPy5/zOL/5/wxi//x+WMW/xPyxyz+J+aPWfxPyh+z+J+cP2bx/0v+mMX/lPwxi/9f88cs/qfmj1n8T8sfs/ifnj9m8T8jf8zif2b+mMX/rPwxi//Z+WMW/3Pyxyz+5+aPWfzPyx+z+J+fP2bxvyB/zOJ/Yf6Yxf+i/DGL/8X5Yxb/S/LHLP6X5o9Z/C/LH7P4X54/ZvG/In/M4n9l/pjF/6r8MYv/1fljFv9r8scs/tfmj1n8r8sfs/hfnz9m8b8hf8zif2P+mMX/pvwxi//N+WMW/1vyxyz+t+aPWfxvyx+z+N+eP2bxvyN/zOJ/Z/6Yxf+u/DGL/935Yxb/e/LHLP735o9Z/O/LH7P4358/ZvF/IH/M4v9g/pjF/6H8MYv/w/ljFv9H8scs/o/mj1n8H8sfs/g/nj9m8X8if8zi/2T+mMX/qfwxi//T+WMW/2fyxyz+z+aPWfyfyx+z+D+fP2bxfyF/zOL/Yv6Yxf+l/DGL/8v5Yxb/V/LHLP6v5o9Z/F/LH7P4v54/ZvF/I3/M4v9m/pjF/638MYn/BAP5Yxb/QfljFv/B+WMW/zHyxyz+Q/LHLP5j5o9Z/MfKH7P4j50/ZvEfJ3/M4j9u/pjFf7z8MYv/+PljFv8J8scs/hPmj1n8J8ofs/hPnD9m8Z8kf8ziP2n+mMV/svwxi//78scs/u/PH7P4fyB/zOL/wfwxi/+H8scs/pPnj1n8P5w/ZvH/SP6Yxf+j+WMW/4/lj1n8p8gfs/h/PH/M4j9l/pjFf2j+mMV/qvwxi//U+WMW/2nyxyz+0+aPWfynyx+z+E+fP2bxnyF/zOI/Y/6Yxf8T+WMW/0/mj1n8P5U/ZvH/dP6Yxf8z+WMW/5nyxyz+M+ePWfxnyR+z+M+aP2bxny1/zOI/e/6YxX+O/DGL/5z5Yxb/ufLHLP5z549Z/OfJH7P4z5s/ZvGfL3/M4j9//pjF/7P5Yxb/z+WPWfw/nz9m8f9C/pjFf4H8MYv/gvljFv+F8scs/gvnj1n8v5g/ZvH/Uv6YxX+R/DGL/6L5Yxb/L+ePWfwXyx+z+H8lf8ziv3j+mMV/ifwxi/9X88cs/kvmj1n8l8ofs/gvnT9m8f9a/pjFf5n8MYv/svljFv+v549Z/JfLH7P4fyN/zOK/fP6YxX+F/DGL/4r5Yxb/lfLHLP4r549Z/L+ZP2bx/1b+mMV/lfwxi/+q+WMW/9Xyxyz+q+ePWfy/nT9m8V8jf8ziv2b+mMV/rfwxi//a+WMW/3Xyxyz+6+aPWfzXyx+z+H8nf8ziv37+mMV/g/wxi/+G+WMW/43yxyz+G+ePWfw3yR+z+H83f8ziv2n+mMV/s/wxi//m+WMW/+/lj1n8v58/ZvHfIn/M4r9l/pjFf6v8MYv/1vljFv9t8scs/j/IH7P4/zB/zOL/o/wxi/+2+WMW/+3yxyz+2+ePWfx/nD9m8d8hf8zi/5P8MYv/jvljFv+d8scs/j/NH7P475w/ZvHfJX/M4r9r/pjF/2f5Yxb/3fLHLP4/zx+z+P8if8ziv3v+mMV/j/wxi/+e+WMW/1/mj1n898ofs/jvnT9m8d8nf8ziv2/+mMV/v/wxi//++WMW/1/lj1n8D8gfs/gfmD9m8f91/pjF/zf5Yxb/g/LHLP6/zR+z+B+cP2bxPyR/zOJ/aP6Yxf93+WMW/9/nj1n8D8sfs/j/IX/M4n94/pjF/4j8MYv/kfljFv+j8scs/kfnj1n8/5g/ZvE/Jn/M4v+n/DGL/7H5Yxb/4/LHLP5/zh+z+B+fP2bxPyF/zOJ/Yv6Yxf+k/DGL/8n5Yxb/v+SPWfxPyR+z+P81f8zif2r+mMX/tPwxi//p+WMW/zPyxyz+Z+aPWfzPyh+z+J+dP2bxPyd/zOJ/bv6Yxf+8/DGL//n5Yxb/C/LHLP4X5o9Z/C/KH7P4X5w/ZvG/JH/M4n9p/pjF/7L8MYv/5fljFv8r8scs/lfmj1n8r8ofs/hfnT9m8b8mf8zif23+mMX/uvwxi//1+WMW/xvyxyz+N+aPWfxvyh+z+N+cP2bxvyV/zOJ/a/6Yxf+2/DGL/+35Yxb/O/LHLP535o9Z/O/KH7P4350/ZvG/J3/M4n9v/pjF/778MYv//fljFv8H8scs/g/mj1n8H8ofs/g/nD9m8X8kf8zi/2j+mMX/sfwxi//j+WMW/yfyxyz+T+aPWfyfyh+z+D+dP2bxfyZ/zOL/bP6Yxf+5/DGL//P5Yxb/F/LHLP4v5o9Z/F/KH7P4v5w/ZvF/JX/M4v9q/pjF/7X8MYv/6/ljFv838scs/m/mj1n838ofk/hPOJA/ZvEflD9m8R+cP2bxHyN/zOI/JH/M4j9m/pjFf6z8MYv/2PljFv9x8scs/uPmj1n8x8sfs/iPnz9m8Z8gf8ziP2H+mMV/ovwxi//E+WMW/0nyxyz+k+aPWfwnyx+z+L8vf8zi//78MYv/B/LHLP4fzB+z+H8of8ziP3n+mMX/w/ljFv+P5I9Z/D+aP2bx/1j+mMV/ivwxi//H88cs/lPmj1n8h+aPWfynyh+z+E+dP2bxnyZ/zOI/bf6YxX+6/DGL//T5Yxb/GfLHLP4z5o9Z/D+RP2bx/2T+mMX/U/ljFv9P549Z/D+TP2bxnyl/zOI/c/6YxX+W/DGL/6z5Yxb/2fLHLP6z549Z/OfIH7P4z5k/ZvGfK3/M4j93/pjFf578MYv/vPljFv/58scs/vPnj1n8P5s/ZvH/XP6Yxf/z+WMW/y/kj1n8F8gfs/gvmD9m8V8of8ziv3D+mMX/i/ljFv8v5Y9Z/BfJH7P4L5o/ZvH/cv6YxX+x/DGL/1fyxyz+i+ePWfyXyB+z+H81f8ziv2T+mMV/qfwxi//S+WMW/6/lj1n8l8kfs/gvmz9m8f96/pjFf7n8MYv/N/LHLP7L549Z/FfIH7P4r5g/ZvFfKX/M4r9y/pjF/5v5Yxb/b+WPWfxXyR+z+K+aP2bxXy1/zOK/ev6Yxf/b+WMW/zXyxyz+a+aPWfzXyh+z+K+dP2bxXyd/zOK/bv6YxX+9/DGL/3fyxyz+6+ePWfw3yB+z+G+YP2bx3yh/zOK/cf6YxX+T/DGL/3fzxyz+m+aPWfw3yx+z+G+eP2bx/17+mMX/+/ljFv8t8scs/lvmj1n8t8ofs/hvnT9m8d8mf8zi/4P8MYv/D/PHLP4/yh+z+G+bP2bx3y5/zOK/ff6Yxf/H+WMW/x3yxyz+P8kfs/jvmD9m8d8pf8zi/9P8MYv/zvljFv9d8scs/rvmj1n8f5Y/ZvHfLX/M4v/z/DGL/y/yxyz+u+ePWfz3yB+z+O+ZP2bx/2X+mMV/r/wxi//e+WMW/33yxyz+++aPWfz3yx+z+O+fP2bx/1X+mMX/gPwxi/+B+WMW/1/nj1n8f5M/ZvE/KH/M4v/b/DGL/8H5Y/+J/oMGBrYbGM3/kPyx/0R/2v8PzR+z+P8uf8zi//v8MYv/YfljFv8/5I9Z/A/PH7P4H5E/ZvE/Mn/M4n9U/pjF/+j8MYv/H/PHLP7H5I9Z/P+UP2bxPzZ/zOJ/XP6Yxf/P+WMW/+Pzxyz+J+SPWfxPzB+z+J+UP2bxPzl/zOL/l/wxi/8p+WMW/7/mj1n8T80fs/iflj9m8T89f8zif0b+mMX/zPwxi/9Z+WMW/7Pzxyz+5+SPWfzPzR+z+J+XP2bxPz9/zOJ/Qf6Yxf/C/DGL/0X5Yxb/i/PHLP6X5I9Z/C/NH7P4X5Y/ZvG/PH/M4n9F/pjF/8r8MYv/VfljFv+r88cs/tfkj1n8r80fs/hflz9m8b8+f8zif0P+mMX/xvwxi/9N+WMW/5vzxyz+t+SPWfxvzR+z+N+WP2bxvz1/zOJ/R/6Yxf/O/DGL/135Yxb/u/PHLP735I9Z/O/NH7P435c/ZvG/P3/M4v9A/pjF/8H8MYv/Q/ljFv+H88cs/o/kj1n8H80fs/g/lj9m8X88f8zi/0T+mMX/yfwxi/9T+WMW/6fzxyz+z+SPWfyfzR+z+D+XP2bxfz5/zOL/Qv6Yxf/F/DGL/0v5Yxb/l/PHLP6v5I9Z/F/NH7P4v5Y/ZvF/PX/M4v9G/pjF/838MYv/W/ljEv+JBvLHLP6D8scs/oPV/lO+4z0W/zHU/u+cxX9I/pjFf8z8MYv/WPljFv+x88cs/uPkj1n8x80fs/iPlz9m8R8/f8ziP0H+mMV/wvwxi/9E+WMW/4nzxyz+k+SPWfwnzR+z+E+WP2bxf1/+mMX//fljFv8P5I9Z/D+YP2bx/1D+mMV/8vwxi/+H88cs/h/JH7P4fzR/zOL/sfwxi/8U+WMW/4/nj1n8p8wfs/gPzR+z+E+VP2bxnzp/zOI/Tf6YxX/a/DGL/3T5Yxb/6fPHLP4z5I9Z/GfMH7P4fyJ/zOL/yfwxi/+n8scs/p/OH7P4fyZ/zOI/U/6YxX/m/DGL/yz5Yxb/WfPHLP6z5Y9Z/GfPH7P4z5E/ZvGfM3/M4j9X/pjFf+78MYv/PPljFv9588cs/vPlj1n8588fs/h/Nn/M4v+5/DGL/+fzxyz+X8gfs/gvkD9m8V8wf8ziv1D+mMV/4fwxi/8X88cs/l/KH7P4L5I/ZvFfNH/M4v/l/DGL/2L5Yxb/r+SPWfwXzx+z+C+RP2bx/2r+mMV/yfwxi/9S+WMW/6Xzxyz+X8sfs/gvkz9m8V82f8zi//X8MYv/cvljFv9v5I9Z/JfPH7P4r5A/ZvFfMX/M4r9S/pjFf+X8MYv/N/PHLP7fyh+z+K+SP2bxXzV/zOK/Wv6YxX/1/DGL/7fzxyz+a+SPWfzXzB+z+K+VP2bxXzt/zOK/Tv6YxX/d/DGL/3r5Yxb/7+SPWfzXzx+z+G+QP2bx3zB/zOK/Uf6YxX/j/DGL/yb5Yxb/7+aPWfw3zR+z+G+WP2bx3zx/zOL/vfwxi//388cs/lvkj1n8t8wfs/hvlT9m8d86f8ziv03+mMX/B/ljFv8f5o9Z/H+UP2bx3zZ/zOK/Xf6YxX/7/DGL/4/zxyz+O+SPWfx/kj9m8d8xf8ziv1P+mMX/p/ljFv+d88cs/rvkj1n8d80fs/j/LH/M4r9b/pjF/+f5Yxb/X+SPWfx3zx+z+O+RP2bx3zN/zOL/y/wxi/9e+WMW/73zxyz+++SPWfz3zR+z+O+XP2bx3z9/zOL/q/wxi/8B+WMW/wPzxyz+v84fs/j/Jn/M4n9Q/pjF/7f5Yxb/g/PHLP6H5I9Z/A/NH7P4/y5/zOL/+/wxi/9h+WMW/z/kj1n8D88fs/gfkT82mv/x/6n+R+aPWfb/o/LHLP5H549Z/P+YP2bxPyZ/zOL/p/wxi/+x+WMW/+Pyxyz+f84fs/gfnz9m8T8hf8zif2L+mMX/pPwxi//J+WMW/7/kj1n8T8kfs/j/NX/M4n9q/pjF/7T8MYv/6fljFv8z8scs/mfmj1n8z8ofs/ifnT9m8T8nf8zif27+mMX/vPwxi//5+WMW/wvyxyz+F+aPWfwvyh+z+F+cP2bxvyR/zOJ/af6Yxf+y/DGL/+X5Yxb/K/LHLP5X5o9Z/K/KH7P4X50/ZvG/Jn/M4n9t/pjF/7r8MYv/9fljFv8b8scs/jfmj1n8b8ofs/jfnD9m8b8lf8zif2v+mMX/tvwxi//t+WMW/zvyxyz+d+aPWfzvyh+z+N+dP2bxvyd/zOJ/b/6Yxf++/DGL//35Yxb/B/LHLP4P5o9Z/B/KH7P4P5w/ZvF/JH/M4v9o/pjF/7H8MYv/4/ljFv8n8scs/k/mj1n8n8ofs/g/nT9m8X8mf8zi/2z+mMX/ufwxi//z+WMW/xfyxyz+L+aPWfxfyh+z+L+cP2bxfyV/zOL/av6Yxf+1/DGL/+v5Yxb/N/LHLP5v5o9Z/N/KH5P4TzyQP2bxH5Q/ZvEfnD9m8R8jf8ziPyR/zOI/Zv6YxX+s/DGL/9j5Yxb/cfLH/j927j7c67q+4/gX+KCICjpXCw0jEEVTQVCRzBu01CNwtBtLSVBSvJmgTCnQlZLdWFs5y1WurTRvUmdq4ay5hqOcc7poVlTbbIzNHGuFy3LiVsmuA+cQ5/TuXJ4v33296v14/ME5v9/p/Ut5XlcvfofrlKX/DvqHsvQfrn8oS/8d9Q9l6b+T/qEs/XfWP5Sl/wj9Q1n6j9Q/lKX/LvqHsvTfVf9Qlv6/oX8oS//d9A9l6f+b+oey9H+R/qEs/V+sfyhL/9/SP5Sl/0v0D2XpP0r/UJb+u+sfytJ/D/1DWfq/VP9Qlv6j9Q9l6b+n/qEs/V+mfyhL/zH6h7L0f7n+oSz9x+ofytJ/nP6hLP330j+Upf94/UNZ+u+tfyhL/330D2XpP0H/UJb+++ofytJ/P/1DWfq/Qv9Qlv776x/K0v8A/UNZ+h+ofyhL/4n6h7L0n6R/KEv/g/QPZek/Wf9Qlv5T9A9l6X+w/qEs/Q/RP5Sl/6H6h7L0n6p/KEv/w/QPZek/Tf9Qlv6v1D+Upf/h+oey9H+V/qEs/Y/QP5Sl/5H6h7L0P0r/UJb+R+sfytJ/uv6hLP2P0T+Upf+x+oey9H+1/qEs/V+jfyhL/+P0D2Xpf7z+oSz9T9A/lKV/h/6hLP1P1D+Upf8M/UNZ+s/UP5Sl/yz9Q1n6d+ofytL/JP1DWfqfrH8oS//X6h/K0v91+oey9H+9/qEs/d+gfyhL/1P0D2Xp/0b9Q1n6v0n/UJb+p+ofytL/NP1DWfrP1j+Upf+b9Q9l6X+6/qEs/efoH8rSf67+oSz9z9A/lKX/mfqHsvSfp38oS/+36B/K0v8s/UNZ+p+tfyhL//n6h7L0P0f/UJb+5+ofytL/PP1DWfqfr38oS//f1j+Upf8F+oey9F+gfyhL/4X6h7L0v1D/UJb+F+kfytJ/kf6hLP1/R/9Qlv4X6x/K0v8S/UNZ+i/WP5Sl/1v1D2Xp/zb9Q1n6L9E/lKX/Uv1DWfpfqn8oS//L9A9l6f+7+oey9H+7/qEs/d+hfyhL/8v1D2Xpf4X+oSz9l+kfytL/nfqHsvS/Uv9Qlv7v0j+Upf+79Q9l6f8e/UNZ+r9X/1CW/lfpH8rS/336h7L0f7/+oSz9f0//UJb+v69/KEv/D+gfytL/g/qHsvS/Wv9Qlv5/oH8oS/9r9A9l6f8h/UNZ+n9Y/1CW/tfqH8rS/w/1D2Xp/xH9Q1n6f1T/UJb+H9M/lKX/dfqHsvT/I/1DWfp/XP9Qlv5/rH8oS/8/0T+Upf8n9A9l6f9J/UNZ+l+vfyhL/xv0D2Xp/yn9Q1n636h/KEv/m/QPZel/s/6hLP1v0T+Upf+n9Q9l6X+r/qEs/W/TP5Sl/+36h7L0/1P9Q1n636F/KEv/z+gfytL/Tv1DWfrfpX8oS/+79Q9l6f9Z/UNZ+n9O/1CW/sv1D2Xpf4/+oSz9/0z/UJb+9+ofytL/8/qHsvT/gv6hLP3/XP9Qlv736R/K0v8v9A9l6f9F/UNZ+v+l/qEs/VfoH8rS/379Q1n6/5X+oSz9V+ofytL/S/qHsvT/sv6hLP0f0D+Upf9f6x/K0v9B/UNZ+v+N/qEs/R/SP5Sl/9/qH8rS/2H9Q1n6P6J/KEv/v9M/lKX/V/QPZem/Sv9Qlv5f1T+Upf/f6x/K0v9R/UNZ+n9N/1CW/l/XP5Sl/zf0D2Xpv1r/UJb+39Q/lKX/t/QPZen/bf1DWfr/g/6hLP3/Uf9Qlv7/pH8oS//H9A9l6f8d/UNZ+v+z/qEs/dfoH8rS/1/0D2Xpv1b/UJb+/6p/KEv/f9M/lKX/4/qHsvT/rv6hLP2f0D+Upf+/6x/K0n+d/qEs/f9D/1CW/t/TP5Sl/3/qH8rS//v6h7L0/4H+oSz91+sfytL/Sf1DWfr/l/6hLP1/qH8oS/+n9A9l6f8j/UNZ+v9Y/1CW/k/rH8rS/7/1D2Xp/4z+oSz9N+gfytL/Wf1DWfr/j/6hLP3/V/9Qlv4/0T+Upf9P9Q9l6f8z/UNZ+j+nfyhL/436h5L036XSP5Sl/yD9Q1n6D9Y/lKX/EP1DWfoX/UNZ+g/VP5Sl/3b6h7L0317/UJb+w/QPZem/g/6hLP2H6x/K0n9H/UNZ+u+kfyhL/531D2XpP0L/UJb+I/UP/dr1BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACqqqNz+vohg3o9NWTrB6NXzd/08eANp553yy2f37XnY/eXZwQvOXjrBxs3btw4+OnqK90Pt6+qquu/bZfux8P6Hne9/hXTr5uw+VEZc+Oz+92x5Nlj3nv36ts2HH/rjDuGbnp2aHXmOecvmD9pcFWVcUOrpV0PDhpUVWXvodU1XQ8mdz3YZ2h1W9eDKZse7FCt7Hpw4FkXLTi764kJtX/PAOBXXUfnsmpIr8Wuev1pYOv9v2L6Pct6Pvbzkj2vVqru/b9v+W5v6/O1Hr9k/3tev7y87/4P+F8QAPgFA9v/B8b0fOznJX/h/f+sCz+6OvraL9//ntcvY+0/ADQv+P5/r43u+33/Pt//j/4csOX+gjOu3b5r/2/dcMri7qfK8/n+/89fv4zru/+De33/f1BVlb16vv+/fVWV8dv42wEAKXR0vnN9f+//+9//snufm0Fb7/+ud648pWv/1wy/+8XdTw0d4P7v1d/7/+P6/LMCAM9PR+enNvZ5/z+A/a/2Dl5yy/4fu/ThF3Xt/9fWfHfMVl8byP6P77v/ExcvXDTxkksvO+D8hfPOnX/u/AunTZ162CFTD502eeKm7whs/nUbf1MA4Nfctr3/r4b3uRlUVU9suf/AitEPd+3/5I+fcF73U8MGuP979/v+f4z3/wDQy9jB1XbbVUvnLV588UGbf+15OHnzr5v/Y8H+D+Dv/8f1/BBdz88MDqqql2y577zkfYO79v+mcbuv6H5quwHu/z797v/RvX9WEQB4frbx/f/ZfW567f/IIbdP69r/E8fve1X3UwP9+/8J/e7/Dd7/A0AdHZ3V/+ub6K79v3Knn11f77rs6+f/AKB5bez/k6PfNbbeddnP/gNA89rY//lH7XxvvevyCvsPAM1rY/8f6rh2Tr3rsr/9B4DmtbH/My8Y/Ui963KA/QeA5rWx/2MuO2tJvetyoP0HgOa1sf93nLp+bb3rMtH+A0Dz2tj/04etearedZlk/wGgeW3s/7f3O/mcetflIPsPAM1rY/+/ePiBj9W7LpPtPwA0r439nzTqhpn1rssU+w8AzWtj/z980ZE317suB9t/AGheG/s/atZnp9S7LofYfwBoXhv7/9bTv3p1vetyqP0HgOa1sf/PXX70qHrXZar9B4DmtbH/Kx/ac3a963KY/QeA5rWx/zOeuGZVvesyzf4DQPPa2P99nn5yUb3r8kr7DwDNa2P/P/OtM9fVuy6H238AaF4b+z/ihudG1rsur7L/ANC8Nvb/PVcuuq7edTnC/gNA89rY/+9dO2J8vetypP0HgOa1sf9v+dyy5fWuy1H2HwCa18b+f/3xKTPqXZej7T8ANK+N/T/tSyu+U++6TLf/ANC8Nvb/kEcfmFfvuhxj/wGgeW3s//0/mvVMvetyrP0HgOa1sf8vffc39qx3XV5t/wGgeW3s/8c+Pef99a7La+w/ADSvjf3/yRfGHVzvuhxn/wGgeW3s/6KP3HlTvetyvP0HgOa1sf+d+/94bb3rcoL9B4DmtbH/D454x5J616XD/gNA89rY/9tfNuSRetflRPsPAM1rY//HHvHBOfWuywz7DwDNa2P/l83Y7d5612Wm/QeA5rWx/zue/4mx9a7LLPsPAM1rY//PXfr49fWuS6f9B4DmtbH/P5i9cFi963KS/QeA5rWx/3sMnzuq3nU52f4DQPPa2P9rJjx6db3r8lr7DwDNa2P/fzrtrin1rsvr7D8ANK+N/V+yx5ib612X19t/AGheG/v/zYX3z6x3Xd5g/wGgeW3s/9yTJj1W77qcYv8BoHlt7P/kuZ3n1Lsub7T/ANC8Nvb/vrevfKredXmT/QeA5rWx/1c9+Mnl9a7LqfYfAJrXxv7vtG6X8fWuy2n2HwCa18b+n/nMhdfVuy6z7T8ANK+N/f/+6rUj612XN9t/AGheG/vfcePl6+pdl9PtPwA0r439//KyHy6qd13m2H8AaF4b+3/Xh65eVe+6zLX/ANC8NvZ//D3V7HrX5Qz7DwDNu+TSyy6Yt2DB/It94hOf+GTLJy/0/zIBAABN+/kf+l/ofxIAAAAAAAAAAAAAAAAAAADIq43/O7EX+t8RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg/9iBAwEAAAAAIP/XRqiqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrCDhwIAAAAAAD5vzZCVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVFXbgQAAAAABAkL/1CgMUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABfAQAA//9MHNIy")
lsetxattr$trusted_overlay_upper(&(0x7f0000000100)='./file1\x00', &(0x7f00000000c0), &(0x7f0000000040)=ANY=[], 0xfe37, 0x0)
setxattr$security_ima(&(0x7f0000000100)='./file1\x00', &(0x7f0000000140), &(0x7f00000013c0)=ANY=[], 0x700, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000580)={{0x1, 0x1, 0x18, <r1=>r0}, './file0/file0\x00'})
r2 = geteuid()
lstat(&(0x7f00000005c0)='./file0/file0\x00', 0x0)
mount$fuseblk(&(0x7f0000000400), &(0x7f0000000500)='./file2\x00', 0x0, 0x20, &(0x7f0000000680)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0xa000}, 0x2c, {'user_id', 0x3d, r2}, 0x2c, {}, 0x2c, {[{@allow_other}, {@blksize={'blksize', 0x3d, 0x200}}, {@default_permissions}, {@blksize}, {@allow_other}, {@max_read={'max_read', 0x3d, 0x80}}]}})
r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file1\x00', &(0x7f0000002100), 0x0, &(0x7f0000000440)=ANY=[])
read$FUSE(r3, &(0x7f0000002140)={0x2020}, 0x2020)
write$FUSE_INIT(r3, 0x0, 0x0)
setxattr$security_capability(&(0x7f00000002c0)='./file1\x00', &(0x7f0000000300), 0x0, 0x0, 0x0)
setxattr$trusted_overlay_upper(&(0x7f0000000000)='./file1\x00', &(0x7f00000001c0), &(0x7f0000000200)=ANY=[], 0x841, 0x0)
setxattr$trusted_overlay_upper(&(0x7f0000000280)='./file1\x00', &(0x7f0000000240), &(0x7f0000001400)=ANY=[], 0x841, 0x0)

11.695589261s ago: executing program 1 (id=51):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000964776ff9746c768310000000000000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000080)={'xfrm0\x00', &(0x7f0000000000)=@ethtool_sfeatures={0x49}})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x2000000000000161, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000ffff0018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000082"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
syz_emit_ethernet(0x56, &(0x7f00000001c0)={@local, @random='\x00 \x00\x00\x00\b', @void, {@ipv4={0x800, @tcp={{0xd, 0x4, 0x0, 0x0, 0x48, 0x0, 0x0, 0x0, 0x6, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @initdev={0xac, 0x1e, 0x0, 0x0}, {[@lsrr={0x83, 0x3, 0xd7}, @timestamp={0x44, 0x14, 0x5, 0x3, 0x0, [0x0, 0x0, 0x9, 0x0]}, @cipso={0x86, 0x6}]}}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000000d40)=ANY=[@ANYBLOB="b70200001f000000bfa30000000000000703000000feffff7a0af0ff0000000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010001010404000001007d60b7030000010000006a0a00fe00000000850000000d000000b700000001000000950000000000000075cdc4b57b0c65752a3ad50000007ddd0000cb45006391000020000000000000ea094ae3c7c0fb0ccee19d0001000000000000000000cb04fcbb0b9bafe3ba431351a58a885ba9918d37b056b9bbd11b6b9f6cf7db6d574620260000000000008062d77e84cef4a2ab938f65aac33c4d620de2c9b7dc10d7d313f9f57606b83b994fb484510bef2e12f41deff6df6a936b4ec3827c739bb39aad16cc75fe369258673b5df11cc2afb53611cc32a790bce5a6f087ae8f5e64be2c9d2d29db3d36dd015c7bd3f15aa6aadbeab2a01685108e61aa000000000000000000000000008b798b4f7458d1863cc67c4c6a06e828e5216f601919db1af1b5d356d0f062137d866d11be4ba3f0151fdbbd4e97d62ecc645e143a60f1c6edc76609073909826151e2b42bf0ed0c8cef3ba2a730a00c87c493db845b10e9468bda6f82881eb8c9cfa72b08eecc952a3fd2c46f3c1cde71a19d1a2982492abaa96665372831210e00d2bfea3b8d188df2eff8d56aaae7d32a2e183722537395019f02ec4b85f6aad7faca088de9b26797a8446b16c28d85f225992dbdd5bb01ba51508951c7a7d6ca0916c3a12912715649c2b1c7192a4251b59d378d0616a48c7957e122665c8b7e89eddfc3783f6c9129a7c5f8ee5f50579e2f638f7eb12f63be72a3d817b324d6e417b1c2cbfdcada0a16e31790e26cf19588a7e0496ee2782224cf30f810da86cf1a3204f4c9405f5d7321a4fefc4d1c9139ca4b655651e30e4f1143789d024313d4603eb99909950000006b42077ca60fdecb2717e21f8f187b1866108b6e8c71e26032176066599783568628f0309c3afa716d3706e1fa89917e131f4034a8383e99c3568fd04201b37cd92ca6ebf94a2d8310f7032775cfd75652f85b039d5430b3c6643e9146d2478ce31344b554aca78a00"/787], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000100), 0x10}, 0x1)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180200000020702500000000002020207b1af8ff00000000bfa100000000000007010000dbffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000340)='kfree\x00', r4}, 0x10)
r5 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000040)={'fscrypt:', @desc1}, &(0x7f0000000080)={0x0, "69dcaf20127e9a854529f45826cb35be51682e30944313e2ca73845d177d601880221daeccfda56b75cfe2bad94f000066b2ddab614fec2236da7d88ea07c9ee"}, 0x48, 0xfffffffffffffffe)
keyctl$search(0xa, r5, &(0x7f0000000180)='asymmetric\x00', &(0x7f0000000100)={'syz', 0x0}, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r3, 0x1f2f, 0xf, 0x2f, &(0x7f00000007c0)="9f44948721919580684010a49e66", 0x0, 0x241, 0x0, 0xb1, 0x0, &(0x7f0000000700)="389ceff69d08b0af1cc71b6262d50660bbaf31a7f8cd6a6f911beb65d5fe6b54bf21a66489121f24fefd198059288c9b735e1898e77a7469489a249292c02a72bc193a3008ebdbf4e9dd4ee8fcceef55402c913c8dd0ebece1330aaa93ece835c5044a246a5967e3acd7c950b3b19f351830e545eb9bc3a9c6dd22ce97f1f857cfe8b68a2370b69ea336006b589368f92deb68f3dfc6f2bfee09f8342da437fce5dcdf658e453e3132bb42067575318c39"}, 0x23)

11.568574793s ago: executing program 4 (id=53):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x123, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nfc(&(0x7f00000000c0), r4)
sendmsg$NFC_CMD_LLC_SET_PARAMS(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x24, r5, 0x1, 0x0, 0x0, {}, [@NFC_ATTR_LLC_PARAM_LTO={0x5}, @NFC_ATTR_DEVICE_INDEX={0x8}]}, 0x24}}, 0x0)

10.57453259s ago: executing program 4 (id=56):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r4, 0x84, 0x18, 0x0, 0x0)
rmdir(0x0)

10.440136964s ago: executing program 0 (id=58):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x1, 0xfff, 0x7}, 0x48)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000200)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000001080), &(0x7f00000010c0)='%pI4   \x00'}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r1, <r2=>0xffffffffffffffff}, &(0x7f00000002c0), &(0x7f0000000300)}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000060000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000280)='kfree\x00', r3}, 0x10)
r4 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
r5 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r5, 0xc04064a0, &(0x7f0000000700)={0x0, &(0x7f0000000640)=[<r6=>0x0], 0x0, 0x0, 0x0, 0x1})
r7 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r7, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f00000000c0)=[<r8=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(r7, 0xc06864a1, &(0x7f0000000440)={0x0, 0x0, r6, <r9=>0x0})
ioctl$DRM_IOCTL_MODE_PAGE_FLIP(r4, 0xc01864b0, &(0x7f0000000080)={r6, r9})
ioctl$DRM_IOCTL_MODE_PAGE_FLIP(r4, 0xc01864b0, &(0x7f0000000180)={r8, r9})

10.439215128s ago: executing program 1 (id=59):
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000240)='./file0\x00', 0x2000480, &(0x7f0000000080), 0x1, 0x7a9, &(0x7f0000001a00)="$eJzs3c9rG9kdAPDvyLIdO2ntQqFNToZCawiR49RNWughpYdSaCDQnpsIWTGpZStYcoiNoQml0EuhLT0U2kvO/ZHeeu3uXnf/iz0sCdldJ6yXPSxeRh7Zciw5tmNJ3vXnA2O9NzPye1+9+fFG89AEcGpNpH9yEecj4k9JxFg2P4mIwUYqH3F9a72NoYhYXyslsbn5y4+Sxjov19dK0fKe1Nks8+2IePv3ERdze8utrazOFyuV8lKWn6ov3JuqraxeurtQnCvPlRevTs/MXLn2g2tX3yi8r7dmPnlv9dyzP//se/+5/tnvvvXkj+8kcT3OZcta4zguEzGRfSaD6Ue4y0+Pu7A+S/pdAY4k3TUHtvbyOB9jMdBIdTDSy5oBAN3y24jYBABOmcT5HwBOmeb3AC/X10rZdKG/30j01vOfRMSZrfg3smlrST67Z3emcR909GWy685IEhHjx1D+RET843+//lc6RZfuQwK08/BRRNwen2g5/mfHn2TPmIXDurzfws3hxsvEK7Md/6B3/p/2f364q/+X7X+57f5PtOn/DLfZd4/i9ft/7ukxFNNR2v/7cURs7On/bQ9aGx/Icl9r9PkGkzt3K+XL2eCyyRgcTvPTjVXbj4KafPH5i07lt/b/Pv7Lb/6Zlp++7qyRe5of3v2e2WK9+KZxNz1/FHEh3y7+ZLv9kw7935sHLOPnP/rD3zstS+NP421Oe+Pvrs3HEd9t2/47bZnsOz5xqrE5TDU3ijb++/7fRndyu8dXtbZ/OqXlN68FeiFt/9H94x9PWsdr1g5fxruPx97qtOz18bff/oeSXzXSQ9m8B8V6fWk6Yij5xd75V3be28w310/jn/xO+/1/v+0/vSa8fcD4888+/PfR4++uNP7ZQ7X/4RNPNuYHOpV/sPafaaQmszkHOf7t1CK/Z05r4qifGwAAAAAAAAAAAAAAAAAAAAAAAAAcRi4izkWSK2ync7lCYesZ3t+M0VylWqtfvFNdXpyNxrOyx2Mw1/ypy7GW30Odzn4Pv5m/8kr++xHxjYj46/BII18oVSuz/Q4eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADJnOzz/P/XBcL9rBwB0zZl+VwAA6DnnfwA4fQ53/h/pWj0AgN5x/Q8Ap8+Bz/+3u1sPAKB3Dn39n+9OPQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPjKunnjRjptfrq+Vkrzs/dXluer9y/NlmvzhYXlUqFUXbpXmKtW5yrlQqm60PEfPdx6qVSr92ZicfnBVL1cq0/VVlZvLVSXF+u37i4U58q3yoM9iwwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADq62sjpfrFTKSxL7JkZORjVOTCIf88XKWN+r0bm94kRU40ucaD1KjPTvAAUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwwn0RAAD//wBtIzw=")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpuacct.usage_sys\x00', 0x275a, 0x0)
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000600), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0)
r2 = eventfd(0xb)
ioctl$VHOST_SET_LOG_FD(r1, 0x4004af07, &(0x7f0000000240)=r2)
ioctl$VHOST_SET_VRING_KICK(r1, 0x4008af20, &(0x7f0000000040)={0x1, r2})
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000180)=""/53, 0x0})
ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f0000000980))
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, 0x0, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74})
ioctl$VHOST_VSOCK_SET_RUNNING(r1, 0x4004af61, &(0x7f0000000000)=0x1)
write$binfmt_script(r0, &(0x7f0000000040)={'#! ', './file0'}, 0xb)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)

9.563471889s ago: executing program 4 (id=60):
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000018105e04da070000000000010902240001"], 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x0, 0x5, &(0x7f0000000000)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0xad}, [@func, @call={0x85, 0x0, 0x0, 0x5}], {0x95, 0x0, 0x5a5}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x6}, 0x90)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)
fcntl$lock(0xffffffffffffffff, 0x0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x8000040000000001, 0xffffffffffffffff})
write$binfmt_script(r2, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x64, 0x0, 0x0)
sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

9.464031557s ago: executing program 0 (id=61):
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'sit0\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x32, 0x4, 0x0, 0x0, 0xc8, 0x64, 0x0, 0x0, 0x0, 0x0, @broadcast, @remote, {[@timestamp={0x44, 0x18, 0x0, 0x0, 0x0, [0x401, 0x0, 0x0, 0x0, 0x4]}, @timestamp_prespec={0x44, 0x44, 0xc0, 0x3, 0x0, [{@private=0xa010100}, {@multicast1}, {@dev={0xac, 0x14, 0x14, 0xa}}, {@dev={0xac, 0x14, 0x14, 0x32}, 0x659}, {@broadcast}, {@empty}, {@multicast1, 0xffd200}, {@private=0xa010100}]}, @timestamp_prespec={0x44, 0x34, 0x1, 0x3, 0x8, [{@remote}, {@multicast2}, {@private=0xa010101}, {@rand_addr=0x64010101}, {@broadcast, 0x52ae}, {@multicast2}]}, @noop, @noop, @lsrr={0x83, 0xf, 0xdc, [@private=0xa010102, @rand_addr=0x64010102, @multicast1]}, @rr={0x7, 0x13, 0x0, [@dev, @remote, @multicast1, @private=0xa010102]}]}}}}})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000240), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r2, 0x0)
r3 = dup(r1)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000})
ioctl$KVM_NMI(r4, 0xae9a)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

9.437125481s ago: executing program 3 (id=62):
syz_mount_image$erofs(&(0x7f0000000180), &(0x7f0000000040)='./file0\x00', 0x1008801, &(0x7f0000000080)=ANY=[], 0x1, 0x1f8, &(0x7f0000000400)="$eJzsmTGL1EAUx/8zyWbPQxQbCxsLD1T0sklW5ZpDTrC0uhO1DF487py7lb0IdweCi42NpYUfwC8gaLGVhZ2drRYqCBaunZ0wMskkmU3YJSvKLtz7wU7+mcx7897b7AtsQBDEoeXrl1+fn11bWrsI4CgW0NTz361iDTfWf3rx8MLz5evWq48v3+0ce9Qv+2MApKy/vwPg7YqFxuPjybmUw9YL+rgGnuub4Div9S0wuFmssrCOwHBHT28ZunNECxGxux2xfm9TRJ4afDUEamgDRQg2gEGPYV1XRu3AjPh29w/uhwLopkJEmWjIbJ/KpUnFuPol8a1wLBslUN/X7adPeurc1fOeUT8fHL7WbTCsar2EJlzXLUpi5H/KLvxblfz/QZL/Q5xYnIkwquL11m+ZMhvxQN/Sf+1HGU89i7qClWdU9vnMyUH/fdXqW+0tfoaC6R/L1DNNBebScCqXPswLcaO0WDbre3Yw5rYp+pMqx1mjP9mw8/7RircftHb3DxY3t8ONaCPaCYL2Fe+S510OWkkjSscx/W8u6U/zhv/GiLUOc7AXxnHX3wPirp+fB+lodNzVN50fiQ1P+h+/ijOpD6afWfmDsgTTH54clTpnjQyeIAiCIAiCIAiCIAiCIAhiIk6DQb9cYNk7sWHMPyT/BAAA//9cM2SO")
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0xfffffffffffffe16)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000ac0)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000fdffffff850000002d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x4, 0x5}, 0x48)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000007c0)={r3, &(0x7f0000000680)="7c41a3b5dc"}, 0x20)

9.079925107s ago: executing program 1 (id=64):
r0 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000050cb5340450c10108e492940a80909021b00090000000009040002010035040009058dff86"], 0x0)
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
r2 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
write$char_usb(r2, &(0x7f0000000140)='0', 0x1)
syz_usb_disconnect(0xffffffffffffffff)
write$char_usb(r1, &(0x7f0000000140)='0', 0x1)
syz_usb_disconnect(r0)
syz_open_dev$evdev(0x0, 0x0, 0x0)
syz_usb_connect(0x0, 0x2d, 0x0, 0x0)
ioctl$EVIOCGREP(0xffffffffffffffff, 0x80084523, &(0x7f0000001f40)=""/231)
ioctl$EVIOCSKEYCODE_V2(0xffffffffffffffff, 0x40284504, 0x0)
syz_open_dev$evdev(0x0, 0x3, 0x862b01)
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000840)={{0x12, 0x1, 0x5d0ac0932710a843, 0x0, 0x0, 0x0, 0x10, 0x1345, 0x3008, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x3, 0x1, 0x0, 0x0, {0x9}}}]}}]}}, 0x0)

7.258297192s ago: executing program 0 (id=67):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f00000011c0)=ANY=[@ANYBLOB="12010001090003206d0414c340000000000109022400010000a0000904000001030101000921000800012203000905", @ANYRES64], 0x0)
syz_usb_control_io$hid(r0, &(0x7f00000001c0)={0x24, &(0x7f0000001180)=ANY=[@ANYBLOB="00020c0000000c0002"], 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io$hid(r0, 0x0, &(0x7f0000001300)={0x2c, &(0x7f00000000c0)=ANY=[], 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000680)={0x2c, &(0x7f0000000200)=ANY=[@ANYBLOB='@0J'], 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, &(0x7f00000006c0)={0x84, 0x0, 0x0, 0x0, &(0x7f0000000300)={0x20, 0x0, 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000001200)={0x84, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e00)={0x20, 0x0, 0x4, {0x0, 0x20}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

6.689500187s ago: executing program 3 (id=69):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000140))
r1 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r1, 0x0, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFULNL_MSG_CONFIG(r2, 0x0, 0x0)
sendmsg$xdp(r1, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
r3 = syz_mount_image$msdos(&(0x7f0000000200), &(0x7f0000000240)='./file1\x00', 0x80c406, &(0x7f0000000540)=ANY=[@ANYBLOB='dots,dots,dmask=000000000200000,nodots,discard,nfs=nostale_ro,gid=', @ANYRESHEX=0x0, @ANYBLOB="2c646f733178666c6f70707900000000000000003030ffffffff303030303031373737373737373756c0f39fdb37372c004c0f1208ec0c34b7df4ba1c1e6b76697434db8574db9bcaef6a61a12c3f260bebc7ac5b1b11361119b83f1cf9f686b715b8e58fd37cea6623dc422c2ddbcefe94e5c255b5e8c90613e6b598b3b7a2c05de53dab7"], 0x1, 0x291, &(0x7f0000000280)="$eJzs3M9r034YwPGn6dZ0+7Ifpy/oxQe96CXMelQPVTYQC0q3inoQMpZpaG1HErQVwZw97e8YHr0J4j+w/8LbEGSnnYyszbKs+4Wza2f7fkHJkzz5tE8SUp5PId16uv66uupbq3YgRl7FEAllR2RWXNmTiZe5dpxLtsvdgoRyY+7N9sfFZ88fFkul+bLqQnHpVkFVp698ffv+09VvwX9PPk+bpmzOvtj6Wfi++f/mpa1fS69cX11f641AbV1uNAJ7ueboiutXLdXHNcf2HXXrvuMdyK/WGmtrLbXrK1OTa57j+2rXW2pIS4OG5uOq6mpZlk5N7sZ5GSG5Px5R2SiX7eK5FIMLw/OKdlZEJg7dDZWNwVQEAAAG6fj+30j22ev/je7+X+SU/v9DvNf0l573/1lJ+v+q0+7/A6+l9kvbTff/ONHZ+n/jfIrB38iEqZV7B1KeV5w4ehD9PwAAAAAAAAAAAAAAAAAAAAAA/4KdKJqJomhmd2mISBSvmyKSTa0fMXSknq0fVunrH6VeZnyBT7j+GAKpB/fyIj/CZqVZybSXnfzCg9L8nLalHvzbbjYr2SR/s5PXg/lxmYzzhSPzObl+rZPfzd1/VErn15uVCVk5sfKwV6cAAAAAAIChZ2liNtmYl2R+b1lqSne+PX/vROH+7wNd8/sxuTzWv+MAAAAAAADH81vvqnat5nj9CbJ9/KwzByJnG347MntSRlZETtmnvCgy+BN1KDDlQpQxzMGdnr1hlBHpbBmPvwy67gIAAAAAw2V/PjDoSgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGF39+OuyQR8jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcFH8DgAA//8sg70h")
syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000100)='.\x00', 0x1a4243c, &(0x7f0000000640)=ANY=[@ANYRES64=r3, @ANYRES16=r3, @ANYRESOCT=r3, @ANYBLOB="f1bcca05ed588d63a576cc3afd51baf29cde0400000092f4e66ff7ef22aa9af727ceae8a8ec95fc1b73083de2de825a0cb2b0be774fdb33650d7dace27c16bc23b2f7c7fb72585548939698f280d138aa9255a8a924008f8477e82ba11cdb11efd5ca2f1ab049ce2cc7815d2daf8daea25533a558d561654faf5e0924f1376174f374d664fad4a6ab24ec000ccace822e7f9426e8e5de1fe58085a0ae86fd02a118b9365961834d46208b9fb4c91a1fa962a8b00a9717fcbb46c2400dc2e319379ea1e5a07aeb3f9cd4e648df445a1b4213e732300000000000010000758027a472e7d263ef567a84166f26ee56e701c63a8863787889bf1c90fccf31954a940c8b584ca89a512f28edec08eb1c0823c028840eeaf3f5d8769023c01ac63f7f959571e8e899b43c293bc21a2b833e5c9c703c4cfa063dd050045706bde3d7ac373ab04b62b4111b59eabd436dd97e788a36ef25bad99beec474e667589d37100ec36292c15c6", @ANYRESHEX=r3, @ANYRESHEX=r3, @ANYRES64, @ANYRES32, @ANYRES64, @ANYRES8=0x0], 0x5, 0x0, &(0x7f0000000000))
rename(&(0x7f0000000000)='./file1\x00', &(0x7f0000000080)='./file2\x00')
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)

6.441528249s ago: executing program 4 (id=70):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$fou(&(0x7f0000000080), 0xffffffffffffffff)
socket(0x0, 0x0, 0x0)
sendmsg$FOU_CMD_ADD(r3, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000200)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="090200000000000000000100000008000600ac1414aa08000b00", @ANYRES32], 0x24}}, 0x0)

5.219178252s ago: executing program 4 (id=71):
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, 0xffffffffffffffff, 0x0)
openat$vcs(0xffffffffffffff9c, 0x0, 0x4800, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$igmp6(0xa, 0x3, 0x2)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000340)={0x58, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8, 0x6}]}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x14, 0x3, 'hash:ip,port,ip\x00'}]}, 0x58}}, 0x0)
sendmsg$IPSET_CMD_DESTROY(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, 0x3, 0x6, 0x801, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}}, 0x0)

4.859956307s ago: executing program 2 (id=72):
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f00005d4000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="5b0f01c2c29c028ed0660f388236af0083ee2c0f20c06635000004200f22c0643e1f0fb7c2", 0x25}], 0x1, 0x0, 0x0, 0x0)
ioctl$TIOCL_UNBLANKSCREEN(0xffffffffffffffff, 0x541c, &(0x7f0000000340))
preadv(0xffffffffffffffff, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$inet6_buf(r0, 0x29, 0x23, &(0x7f0000000440)="af13e7b22eac482647a4363b17832b05cf230208b9f6d285c333552ebc09f616a8c90c75163cc6132808427f6e3a00120243c98be6bae04f89e6b534ac75d4f5131cccd7c4b013849edb9b45fab9b26c02f7483f4c6a5b215745a2894b0556ffa1a3a08b29b2577c8e321740043ac040b1e898691745e1678a6254914d475b38b5e6fb9a62440c2e129ac522fb55da25046a92b010e87d318f721d1de24b67f25d4db53572a181f329ba765251791c15461a6b2bf6c87bb1e5cd65d0cb9a3911bc1992e0fb9ffd146784c69ce58110f26ab929e23a51a6bae0ecbfe8ab8e874041", 0xe1)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000280)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000640)={&(0x7f00000002c0)=ANY=[@ANYBLOB="98000000", @ANYRES16, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r2, @ANYBLOB="7a00330080000000ffffffffffff080211000000505050505050000000000000000000000000010003010e"], 0x98}}, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r4, 0x5, 0x8000000, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="050000000000000000002e00000008000300", @ANYRES32=r5, @ANYBLOB="0a0034000202020202fb945a2f920200000a0006000802110000000000080035000000006c090000"], 0x44}}, 0x0)

4.859177016s ago: executing program 1 (id=73):
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/custom0\x00', 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
sendmsg$NL80211_CMD_JOIN_IBSS(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000580)={0x0}}, 0x0)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x64, 0x0, 0x0)
sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

4.593177522s ago: executing program 3 (id=74):
ioctl$sock_SIOCGIFVLAN_SET_VLAN_NAME_TYPE_CMD(0xffffffffffffffff, 0x8982, &(0x7f0000000000)={0x6, 'ipvlan0\x00'})
setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000040)={0x0, @dev, 0x0, 0x2, 'sed\x00'}, 0x2c)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x64, 0x0, 0x0)
sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

4.416492072s ago: executing program 2 (id=75):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x11, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000108500000075000000a50000002300000095"], &(0x7f0000000000)='syzkaller\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000140)='mmap_lock_acquire_returned\x00', r3}, 0x10)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)

4.077035112s ago: executing program 1 (id=76):
r0 = dup(0xffffffffffffffff)
write$UHID_INPUT(r0, &(0x7f0000002080)={0x774, {"a2e3ad21ed0d52f91b5d300887f70e06d038e7ff7fc6e5539b3272298b089b07081b4d090890e0878f0e1ac6e7049b3366959bfc9a240d2567f3988f7ef319520100ffe8d178708c523c921b1b9b39070d075d0936cd3b78130d9b61d8e809ea882f5802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb056d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498be0800000000000000f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6efcffac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ec126c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b8247068ae949ed06e288e810bac9c76600025e19c9000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c198045651cf4778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdc80c47ee4f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78ff95b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af0000807e0000000002d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c5409711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b4051db55e0510a6e4114a53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e24919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5136651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a6d8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f00000000000000000000b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d53588a0f9455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d664130bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7899484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ea4cd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f031755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e36bb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb24ee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x6)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f00000004c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000000), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x34, 0x3b, 0x107, 0x0, 0x0, {0x4, 0x7c}, [@typed={0x4}, @nested={0x1c, 0x1, 0x0, 0x1, [@typed={0x6, 0x6, 0x0, 0x0, @str='\x80\n'}, @typed={0x10, 0x15, 0x0, 0x0, @str='A\x90\x8c\xfd[\xac\x9fj+\x00'}]}]}, 0x34}}, 0x0)

3.145585891s ago: executing program 2 (id=77):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r1 = dup(r0)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000002c40)={0x16, 0x17, &(0x7f00000007c0)=ANY=[@ANYBLOB="1807000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000004000000000000000000bf0900000000000055090100000000009500000000000000180100002020702500000000002020207b1af8ff00000000bda1000000000000a7010000f8ffffffb702000008000000b7030000000000006a09000006000000bf91000000000000b5020000000000008500000085000000b7000000000000009500000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
sendmsg$inet(r1, &(0x7f0000000780)={0x0, 0x0, 0x0}, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_CTHELPER_NEW(r3, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000280)={0x58, 0x0, 0x9, 0x201, 0x0, 0x0, {}, [@NFCTH_TUPLE={0x24, 0x2, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0xe, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}]}, @NFCTH_PRIV_DATA_LEN={0x8}, @NFCTH_NAME={0x9, 0x1, 'syz1\x00'}, @NFCTH_POLICY={0xc, 0x4, 0x0, 0x1, {0x4}}]}, 0x58}}, 0x0)
socket$inet6(0xa, 0x3, 0x4)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x10001, 0x9, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES8=r1, @ANYRESOCT=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r4, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
getrandom(0xfffffffffffffffc, 0x0, 0x0)

3.032158709s ago: executing program 0 (id=78):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000300)='sys_enter\x00', r3}, 0x10)
rt_sigprocmask(0x0, &(0x7f000078b000)={[0xfffffffffffffffd]}, 0x0, 0x8)
setgroups(0x0, 0x0)

2.20597728s ago: executing program 3 (id=79):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="00000000d7a20f5cb708003aef0793e3bbaddeea02c935f7ba397a97b89fd6759a0fe747b3d61be5ff0f0000ffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000028f2fd019eb0563f9262d58bc708000000b70400000000000085cade"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00'}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000004c0)={r2, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0x11, 0x4, 0x4, 0x7}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000080)={r3, &(0x7f0000000440), 0x0}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='consume_skb\x00'}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='consume_skb\x00'}, 0x10)

1.600497873s ago: executing program 2 (id=80):
ftruncate(0xffffffffffffffff, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = syz_open_dev$sndctrl(&(0x7f0000000e00), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_INFO(r3, 0x80dc5521, 0xfffffffffffffffd)

1.598880872s ago: executing program 3 (id=81):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$RTC_PIE_OFF(0xffffffffffffffff, 0x7006)
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000500)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
r4 = openat$dsp(0xffffff9c, &(0x7f0000000240), 0x40, 0x0)
ioctl$SOUND_MIXER_READ_VOLUME(r4, 0x80044d08, &(0x7f0000000280))

985.806685ms ago: executing program 0 (id=82):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000140)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmmsg$alg(r1, &(0x7f0000000540)=[{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f00000000c0)="e4e32dd2b696733552eca3e954943a18709f72fbd259a936c67ebe806ab21823f4a0c47bff45323c2b30982dfc67b46cc9a5a07c33fc", 0xff6d}, {&(0x7f0000000100)="3a10bd003aba0c7026336b", 0xb}], 0x2, &(0x7f0000000440)=ANY=[@ANYBLOB="300000000000000017e2ffff01000000180000000100000002f4596a8034a9ab3e395939422ffab456dd833a00000000180000000000000017c70f0004000000060200000000000018000000000000001701000003000000010000000000000089fdef16c6e3ecaa8a7924080d67c0aeac87448793609bd8299d6dfc465829b711ce28eb8f7d62fcca7ebd067fbe96bd1485f6aaa8486ecc079a82e309d80000"], 0x60}], 0x1, 0x8001)
recvmsg(r1, &(0x7f0000001e80)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000000)=""/103, 0x67}, {&(0x7f00000001c0)=""/75, 0x4b}], 0x2}, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000100), 0xfecc)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r2, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r3, &(0x7f0000000100), 0xfecc)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r3, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f00000000c0)={@map}, 0x20)

244.66924ms ago: executing program 3 (id=83):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000200)={[{@nogrpid}, {@jqfmt_vfsv0}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@debug}, {@nombcache}, {@quota}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
chdir(&(0x7f00000003c0)='./bus\x00')
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f00000004c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
r0 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
mknodat$loop(r0, &(0x7f0000001600)='./file1\x00', 0x0, 0x0)
chdir(&(0x7f0000000140)='./bus\x00')
link(&(0x7f0000000200)='./file1\x00', &(0x7f0000000300)='./bus\x00')
r1 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents(r1, &(0x7f0000000300)=""/104, 0x68)

131.86414ms ago: executing program 2 (id=84):
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, 0x0, 0x0)
sendmsg$IPVS_CMD_DEL_DAEMON(0xffffffffffffffff, 0x0, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r2=>0x0})
r3 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000880)=ANY=[@ANYBLOB="700200001300290a000000000000000007000000", @ANYRES32=r2, @ANYBLOB="000000000000000010011a801000f4800400058008000900000000000800038030000180050006000000000014000500714abbd2547de97cbbf6efb226f19bf90d0002003a288e5e5b5b5a40000000006000078014000400293a02149f3b75a67093c28fd6f55a2314000400e48f01e49713f0c2d839f940d9f088d80500060000000000130002006272696467655f736c6176655f30000007000200293a00000500060000000000080001000000000018000180140004004d2906d0880fc8acc30fe2020f9849675000018014000500a1085e7df341b9dc3d8008a2fe5bdaad140004009c7e472c916020fe41bcc5aa8f56c9471400050080ab8be51421cfa3c9e5cbfe8217e0af080001000000000008000100000000006000018005000600000000000500060000000000080001000000000005000600000000000c00020073797a746e6c30000800010000000000130002006272696467655f736c6176655f30000014000500e078d277f38ed3a40a448f3f6b6763e83c000c8008002c000000000005000600000000001400190002dd96197aca85b64424a37dbda7b69414000800eb052fcd3dd4d3e8bbcbf1de857c0e1c3c0001800800010000000000080001000000000014000400b2112a97bf9704ee57915340334b827114000500e8635392a70f36f95f4b9b352920ebec080028000000000060001a8020000a80050008000000000014000700fe8000000000000000000000000000aa"], 0x270}}, 0x0)
sendmsg$FOU_CMD_ADD(0xffffffffffffffff, 0x0, 0x4000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000080)={'bridge_slave_1\x00', <r5=>0x0})
r6 = socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
sendmsg$nl_route(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000300)=ANY=[@ANYBLOB="980000001000010400"/20, @ANYRES32=r5, @ANYBLOB="00000000000000004c001280110001006272696467655f736c6176650000000034000580050019000300"], 0x98}}, 0x0)

52.613661ms ago: executing program 0 (id=85):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = dup(r3)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0)
ioctl$KVM_NMI(r5, 0xae9a)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x29, &(0x7f0000000000)=0x97b, 0x4)
sendto$inet(0xffffffffffffffff, &(0x7f0000000e40)="bd3119fab037020de607352a978727cdd46a7ad7671829c16bb1339d3f711b7c5da66f48a8b5842dad66eedf75899eb65d733423ca5651013e1db97f5d192e302ac583ccd19e1e8a3e7812af51f0eea31c5e05cec737cc11a38936d67d4c7cd78351177f51dab5ebe8523e54dd8db33ab6214499c610051df74b67669c9b554b25c70c3238ffaa908675df728ef76e7ae5ee938e025ed07603ec4cc86ee67be10ef6087e7ff0017b358ebee016f08b756cfd2645ccdf335d8b62b630939ba724776a5f2caa487586527f2066b2845e52758b6da2ce07de99165195af70ea9659005901a0f28e90b49a0803ab10698ade4c07337535c2600c45b8c497ab6863ad984815f375df57e5940e5322d90d66c84937e9b7f2356a6e16a026b2393670d370759a4567a87fd2a4d0d5857b9e2559a5a0a857b845f0e1495e8d9b574b0f4d1a55ec8d93c148a50c5c4228c653be69a7d728fa497ee129ec4e7b821ce041be389d37efd40b81a9704e5182b9cdca1f2d3312351e9edaa8ac96088c465a953e0ec3e8f26aa17ea3e1913b4d147141d1aef80b3ed959d14fad4ead4de92e10f0faca7acdce7c712ab95a11ff4c72798565f0794d7bc50f5082b52b34a1de7c5609e31e1fcc05fc7dbd73973b5dfc92896f57f5b76fd9df5067eb273f0960560df3dfd00ba068e28812244f700d76da4197bb332245f00112b73659c63dfb854eb8eed1a9881e5c49399b2c6932b540d3464d470cabb6", 0x216, 0x0, 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000009000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)

0s ago: executing program 2 (id=86):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x4f2, 0x1236, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0xb}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
clock_gettime(0xfffffffffffffffc, &(0x7f0000000080))
set_mempolicy(0x3, &(0x7f0000000080)=0x7, 0x7)
kexec_load(0x0, 0x1, &(0x7f00000008c0)=[{0x0}], 0x0)
r1 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000079381010c2154000fb0707820b0109021b00090000000809040000"], 0x0)
syz_usb_control_io(r1, 0x0, 0x0)
r2 = socket$key(0xf, 0x3, 0x2)
recvmmsg(r2, &(0x7f0000000440), 0x6f5, 0x2000000022, &(0x7f0000000480)={0x77359400})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x0, 0x8, &(0x7f00000004c0)=@framed={{}, [@tail_call]}, 0x0}, 0x90)
setsockopt$sock_int(r2, 0x1, 0x1d, &(0x7f0000000040)=0xfd87, 0x4)
sendmsg$key(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=ANY=[@ANYBLOB="0216000002"], 0x10}}, 0x0)
syz_usb_control_io$printer(r1, &(0x7f0000000140)={0x14, &(0x7f00000000c0)={0x20, 0xf, 0x43, {0x43, 0x7, "2e73a80d56e42cdd99c0a9b5510635953829ca3b39bf61727ea0ca1093bfac81ce05e44d9af667be30a0b949fe8867110b930148cc75a56ad61bc28fe37bb585b5"}}, &(0x7f0000000000)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x1407}}}, &(0x7f00000003c0)={0x34, &(0x7f0000000180)={0x20, 0x14, 0x14, "02dbe10fccebce3fd452e754398722d872e0b03e"}, &(0x7f00000001c0)={0x0, 0xa, 0x1, 0xdf}, &(0x7f0000000200)={0x0, 0x8, 0x1, 0x7}, &(0x7f00000002c0)={0x20, 0x0, 0xb6, {0xb4, "d748f19ffade2ca7eb09574ee0223e100c5f752714f27c8e6598b3477f0bff5c1a004fc7c8ba592daa95519b057c8a007c34aa9950c3cf8a2b63c9ec24c68ea6474ff86bc14d822ee515e077518fc21907d629761bcceea78f33e1d8371644cc782ed6d8bcc01f2681d6519f1860aaeb0c9da24a67ef10685f5a38a9b7770994bc37669f6fbfe61ba6e2e5bb3aa0840c4aef9f794a33b8b05604d932fdecb98a7a5be590b017a07bc10f53da92d01b829b402d0e"}}, &(0x7f0000000240)={0x20, 0x1, 0x1, 0x87}, &(0x7f0000000380)={0x20, 0x0, 0x1, 0x59}})
syz_usb_control_io$hid(r0, &(0x7f0000000280)={0x24, 0x0, 0x0, &(0x7f0000000080)={0x0, 0x22, 0xc, {[@global=@item_012={0x1, 0x1, 0x0, "7f"}, @main=@item_4={0x3, 0x0, 0xb, "2693f5f6"}, @local=@item_4={0x3, 0x2, 0x0, "c4817a32"}]}}, 0x0}, 0x0)

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.0.72' (ED25519) to the list of known hosts.
[   67.034499][ T5214] cgroup: Unknown subsys name 'net'
[   67.170618][ T5214] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   68.685075][ T5214] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   71.545275][ T1272] ieee802154 phy0 wpan0: encryption failed: -22
[   71.551702][ T1272] ieee802154 phy1 wpan1: encryption failed: -22
[   72.641214][ T5234] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   72.649580][ T5234] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   72.656538][ T5237] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   72.658627][ T5234] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   72.664938][ T5237] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   72.672468][ T5234] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   72.686026][ T5234] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   72.694664][ T5237] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   72.703509][ T5234] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   72.712065][ T5234] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   72.713376][ T5237] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   72.719517][ T5234] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   72.733446][ T5234] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   72.734684][ T5237] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   72.746829][ T5234] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   72.755286][ T5234] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[   72.755907][ T5239] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   72.762711][ T5234] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   72.771299][ T5239] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   72.794232][ T5239] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[   72.812635][ T5239] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   72.819794][ T5237] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   72.829986][ T5236] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[   72.838149][ T5236] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   72.866438][ T5239] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   72.880149][ T5239] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   72.888301][ T5239] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   72.901342][ T5239] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   72.910602][ T5239] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[   72.923456][ T5239] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   73.315559][ T5243] chnl_net:caif_netlink_parms(): no params data found
[   73.325431][ T5227] chnl_net:caif_netlink_parms(): no params data found
[   73.416877][ T5224] chnl_net:caif_netlink_parms(): no params data found
[   73.439398][ T5226] chnl_net:caif_netlink_parms(): no params data found
[   73.472293][ T5225] chnl_net:caif_netlink_parms(): no params data found
[   73.547252][ T5243] bridge0: port 1(bridge_slave_0) entered blocking state
[   73.557518][ T5243] bridge0: port 1(bridge_slave_0) entered disabled state
[   73.566793][ T5243] bridge_slave_0: entered allmulticast mode
[   73.574539][ T5243] bridge_slave_0: entered promiscuous mode
[   73.587086][ T5243] bridge0: port 2(bridge_slave_1) entered blocking state
[   73.594360][ T5243] bridge0: port 2(bridge_slave_1) entered disabled state
[   73.601553][ T5243] bridge_slave_1: entered allmulticast mode
[   73.608712][ T5243] bridge_slave_1: entered promiscuous mode
[   73.616500][ T5227] bridge0: port 1(bridge_slave_0) entered blocking state
[   73.623883][ T5227] bridge0: port 1(bridge_slave_0) entered disabled state
[   73.631048][ T5227] bridge_slave_0: entered allmulticast mode
[   73.638321][ T5227] bridge_slave_0: entered promiscuous mode
[   73.680394][ T5227] bridge0: port 2(bridge_slave_1) entered blocking state
[   73.691910][ T5227] bridge0: port 2(bridge_slave_1) entered disabled state
[   73.699162][ T5227] bridge_slave_1: entered allmulticast mode
[   73.706607][ T5227] bridge_slave_1: entered promiscuous mode
[   73.737724][ T5243] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   73.799843][ T5243] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   73.811281][ T5227] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   73.823649][ T5227] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   73.889957][ T5224] bridge0: port 1(bridge_slave_0) entered blocking state
[   73.897335][ T5224] bridge0: port 1(bridge_slave_0) entered disabled state
[   73.904920][ T5224] bridge_slave_0: entered allmulticast mode
[   73.911617][ T5224] bridge_slave_0: entered promiscuous mode
[   73.919522][ T5224] bridge0: port 2(bridge_slave_1) entered blocking state
[   73.926707][ T5224] bridge0: port 2(bridge_slave_1) entered disabled state
[   73.934463][ T5224] bridge_slave_1: entered allmulticast mode
[   73.941333][ T5224] bridge_slave_1: entered promiscuous mode
[   73.958729][ T5225] bridge0: port 1(bridge_slave_0) entered blocking state
[   73.966186][ T5225] bridge0: port 1(bridge_slave_0) entered disabled state
[   73.973658][ T5225] bridge_slave_0: entered allmulticast mode
[   73.980324][ T5225] bridge_slave_0: entered promiscuous mode
[   73.991628][ T5243] team0: Port device team_slave_0 added
[   74.000131][ T5243] team0: Port device team_slave_1 added
[   74.022645][ T5226] bridge0: port 1(bridge_slave_0) entered blocking state
[   74.030738][ T5226] bridge0: port 1(bridge_slave_0) entered disabled state
[   74.038196][ T5226] bridge_slave_0: entered allmulticast mode
[   74.045303][ T5226] bridge_slave_0: entered promiscuous mode
[   74.052260][ T5225] bridge0: port 2(bridge_slave_1) entered blocking state
[   74.059966][ T5225] bridge0: port 2(bridge_slave_1) entered disabled state
[   74.067431][ T5225] bridge_slave_1: entered allmulticast mode
[   74.074364][ T5225] bridge_slave_1: entered promiscuous mode
[   74.092454][ T5227] team0: Port device team_slave_0 added
[   74.107206][ T5226] bridge0: port 2(bridge_slave_1) entered blocking state
[   74.114503][ T5226] bridge0: port 2(bridge_slave_1) entered disabled state
[   74.121626][ T5226] bridge_slave_1: entered allmulticast mode
[   74.128614][ T5226] bridge_slave_1: entered promiscuous mode
[   74.161609][ T5227] team0: Port device team_slave_1 added
[   74.170118][ T5224] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   74.198281][ T5243] batman_adv: batadv0: Adding interface: batadv_slave_0
[   74.205414][ T5243] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   74.231730][ T5243] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   74.244796][ T5243] batman_adv: batadv0: Adding interface: batadv_slave_1
[   74.251762][ T5243] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   74.277803][ T5243] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   74.311346][ T5224] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   74.322447][ T5226] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   74.334310][ T5225] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   74.372647][ T5226] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   74.391807][ T5225] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   74.412714][ T5227] batman_adv: batadv0: Adding interface: batadv_slave_0
[   74.420194][ T5227] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   74.446595][ T5227] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   74.460405][ T5224] team0: Port device team_slave_0 added
[   74.485199][ T5225] team0: Port device team_slave_0 added
[   74.491705][ T5227] batman_adv: batadv0: Adding interface: batadv_slave_1
[   74.499077][ T5227] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   74.525139][ T5227] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   74.538190][ T5224] team0: Port device team_slave_1 added
[   74.554707][ T5226] team0: Port device team_slave_0 added
[   74.569677][ T5225] team0: Port device team_slave_1 added
[   74.603631][ T5226] team0: Port device team_slave_1 added
[   74.609955][ T5224] batman_adv: batadv0: Adding interface: batadv_slave_0
[   74.617359][ T5224] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   74.643934][ T5224] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   74.667738][ T5243] hsr_slave_0: entered promiscuous mode
[   74.677434][ T5243] hsr_slave_1: entered promiscuous mode
[   74.685641][ T5225] batman_adv: batadv0: Adding interface: batadv_slave_0
[   74.692607][ T5225] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   74.718684][ T5225] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   74.730935][ T5225] batman_adv: batadv0: Adding interface: batadv_slave_1
[   74.738134][ T5225] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   74.764381][ T5225] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   74.793073][ T5224] batman_adv: batadv0: Adding interface: batadv_slave_1
[   74.800238][ T5224] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   74.824456][ T5236] Bluetooth: hci1: command tx timeout
[   74.826333][ T5239] Bluetooth: hci0: command tx timeout
[   74.837863][ T5224] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   74.865881][ T5226] batman_adv: batadv0: Adding interface: batadv_slave_0
[   74.873072][ T5226] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   74.900656][ T5226] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   74.903608][ T5239] Bluetooth: hci2: command tx timeout
[   74.911627][ T5236] Bluetooth: hci3: command tx timeout
[   74.919595][ T5226] batman_adv: batadv0: Adding interface: batadv_slave_1
[   74.929517][ T5226] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   74.955989][ T5226] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   74.983475][ T5236] Bluetooth: hci4: command tx timeout
[   75.040446][ T5227] hsr_slave_0: entered promiscuous mode
[   75.047561][ T5227] hsr_slave_1: entered promiscuous mode
[   75.054322][ T5227] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   75.062083][ T5227] Cannot create hsr debugfs directory
[   75.110836][ T5224] hsr_slave_0: entered promiscuous mode
[   75.117490][ T5224] hsr_slave_1: entered promiscuous mode
[   75.124611][ T5224] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   75.132195][ T5224] Cannot create hsr debugfs directory
[   75.141317][ T5225] hsr_slave_0: entered promiscuous mode
[   75.148280][ T5225] hsr_slave_1: entered promiscuous mode
[   75.154776][ T5225] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   75.162349][ T5225] Cannot create hsr debugfs directory
[   75.184499][ T5226] hsr_slave_0: entered promiscuous mode
[   75.191257][ T5226] hsr_slave_1: entered promiscuous mode
[   75.197912][ T5226] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   75.205602][ T5226] Cannot create hsr debugfs directory
[   75.548737][ T5243] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   75.559612][ T5243] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   75.589540][ T5243] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   75.605441][ T5243] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   75.639845][ T5227] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   75.651510][ T5227] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   75.667531][ T5227] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   75.678883][ T5227] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   75.745868][ T5225] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   75.756832][ T5225] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   75.769243][ T5225] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   75.803556][ T5225] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   75.854064][ T5226] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   75.880597][ T5226] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   75.890831][ T5226] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   75.906316][ T5226] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   75.972820][ T5224] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   75.987564][ T5224] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   76.013398][ T5224] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   76.031812][ T5224] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   76.050864][ T5243] 8021q: adding VLAN 0 to HW filter on device bond0
[   76.070038][ T5227] 8021q: adding VLAN 0 to HW filter on device bond0
[   76.102019][ T5243] 8021q: adding VLAN 0 to HW filter on device team0
[   76.151144][ T1069] bridge0: port 1(bridge_slave_0) entered blocking state
[   76.158453][ T1069] bridge0: port 1(bridge_slave_0) entered forwarding state
[   76.178938][ T5227] 8021q: adding VLAN 0 to HW filter on device team0
[   76.197664][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   76.204831][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   76.227170][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   76.234329][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   76.261357][   T35] bridge0: port 2(bridge_slave_1) entered blocking state
[   76.268533][   T35] bridge0: port 2(bridge_slave_1) entered forwarding state
[   76.289668][ T5225] 8021q: adding VLAN 0 to HW filter on device bond0
[   76.347895][ T5243] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   76.358909][ T5243] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   76.392777][ T5226] 8021q: adding VLAN 0 to HW filter on device bond0
[   76.452416][ T5225] 8021q: adding VLAN 0 to HW filter on device team0
[   76.507790][ T5226] 8021q: adding VLAN 0 to HW filter on device team0
[   76.525245][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   76.532375][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   76.542297][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   76.549461][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   76.563656][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   76.570754][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   76.592754][   T35] bridge0: port 2(bridge_slave_1) entered blocking state
[   76.599930][   T35] bridge0: port 2(bridge_slave_1) entered forwarding state
[   76.632707][ T5224] 8021q: adding VLAN 0 to HW filter on device bond0
[   76.691569][ T5243] 8021q: adding VLAN 0 to HW filter on device batadv0
[   76.745976][ T5225] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   76.833764][ T5224] 8021q: adding VLAN 0 to HW filter on device team0
[   76.891459][   T52] bridge0: port 1(bridge_slave_0) entered blocking state
[   76.898679][   T52] bridge0: port 1(bridge_slave_0) entered forwarding state
[   76.917757][ T5236] Bluetooth: hci1: command tx timeout
[   76.919919][ T5239] Bluetooth: hci0: command tx timeout
[   76.938120][ T5243] veth0_vlan: entered promiscuous mode
[   76.954008][   T52] bridge0: port 2(bridge_slave_1) entered blocking state
[   76.961160][   T52] bridge0: port 2(bridge_slave_1) entered forwarding state
[   76.987945][ T5239] Bluetooth: hci3: command tx timeout
[   76.992262][ T5236] Bluetooth: hci2: command tx timeout
[   77.012791][ T5243] veth1_vlan: entered promiscuous mode
[   77.059202][ T5227] 8021q: adding VLAN 0 to HW filter on device batadv0
[   77.069739][ T5236] Bluetooth: hci4: command tx timeout
[   77.124577][ T5226] 8021q: adding VLAN 0 to HW filter on device batadv0
[   77.168797][ T5243] veth0_macvtap: entered promiscuous mode
[   77.197131][ T5243] veth1_macvtap: entered promiscuous mode
[   77.227804][ T5225] 8021q: adding VLAN 0 to HW filter on device batadv0
[   77.252411][ T5227] veth0_vlan: entered promiscuous mode
[   77.294645][ T5243] batman_adv: batadv0: Interface activated: batadv_slave_0
[   77.339286][ T5243] batman_adv: batadv0: Interface activated: batadv_slave_1
[   77.358301][ T5227] veth1_vlan: entered promiscuous mode
[   77.377866][ T5243] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   77.396695][ T5243] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   77.406463][ T5243] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   77.416038][ T5243] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   77.502470][ T5227] veth0_macvtap: entered promiscuous mode
[   77.529596][ T5227] veth1_macvtap: entered promiscuous mode
[   77.586325][ T5225] veth0_vlan: entered promiscuous mode
[   77.612622][ T5227] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   77.628049][ T5227] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   77.639674][ T5227] batman_adv: batadv0: Interface activated: batadv_slave_0
[   77.650650][ T5227] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   77.662680][ T5227] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   77.673951][ T5227] batman_adv: batadv0: Interface activated: batadv_slave_1
[   77.702037][ T5227] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   77.721823][ T5227] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   77.731099][ T5227] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   77.740092][ T5227] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   77.780573][ T5225] veth1_vlan: entered promiscuous mode
[   77.815457][ T5224] 8021q: adding VLAN 0 to HW filter on device batadv0
[   77.835863][ T5226] veth0_vlan: entered promiscuous mode
[   77.865543][ T1831] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   77.877100][ T5225] veth0_macvtap: entered promiscuous mode
[   77.883387][ T1831] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   77.908015][ T5226] veth1_vlan: entered promiscuous mode
[   77.920483][ T5225] veth1_macvtap: entered promiscuous mode
[   77.964271][ T1069] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   77.973720][ T1069] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   77.996642][ T5225] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   78.007272][ T5225] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   78.018734][ T5225] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   78.029825][ T5225] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   78.040832][ T5225] batman_adv: batadv0: Interface activated: batadv_slave_0
[   78.065803][ T1069] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   78.077051][ T1069] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   78.135923][ T5225] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   78.147942][ T5225] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   78.159118][ T5225] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   78.172935][ T5225] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   78.184131][ T5225] batman_adv: batadv0: Interface activated: batadv_slave_1
[   78.197495][ T5225] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   78.206964][ T5225] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   78.216418][ T5225] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   78.225937][ T5225] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   78.246805][ T3022] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   78.262354][ T3022] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   78.351232][ T5224] veth0_vlan: entered promiscuous mode
[   78.363877][ T5224] veth1_vlan: entered promiscuous mode
[   78.586184][ T5226] veth0_macvtap: entered promiscuous mode
[   78.632344][ T5224] veth0_macvtap: entered promiscuous mode
[   78.783273][ T5224] veth1_macvtap: entered promiscuous mode
[   78.983100][ T5236] Bluetooth: hci0: command tx timeout
[   78.991629][ T5226] veth1_macvtap: entered promiscuous mode
[   79.004103][ T5236] Bluetooth: hci1: command tx timeout
[   79.062972][ T5236] Bluetooth: hci3: command tx timeout
[   79.075411][ T5236] Bluetooth: hci2: command tx timeout
[   79.149576][ T5236] Bluetooth: hci4: command tx timeout
[   79.222433][ T5315] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   79.225721][ T5226] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   79.252542][ T5226] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   79.262499][ T5226] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   79.273189][ T5226] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   79.283082][ T5226] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   79.293768][ T5226] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   79.306585][ T5226] batman_adv: batadv0: Interface activated: batadv_slave_0
[   79.340162][ T5226] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   79.351324][ T5226] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   79.361707][ T5226] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   79.372241][ T5226] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   79.382186][ T5226] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   79.392799][ T5226] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   79.403983][ T5226] batman_adv: batadv0: Interface activated: batadv_slave_1
[   79.421676][ T5224] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   79.440470][ T5224] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   79.451762][ T5224] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   79.464733][ T5224] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   79.478918][ T5224] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   79.490751][ T5224] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   79.506560][ T5224] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   79.515517][ T5320] ax25_connect(): syz.3.7 uses autobind, please contact jreuter@yaina.de
[   79.518405][ T5224] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   79.544705][ T5224] batman_adv: batadv0: Interface activated: batadv_slave_0
[   79.591313][ T5226] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   79.602097][ T5226] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   79.621930][ T5226] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   79.638527][ T5226] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   79.716083][ T5224] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   79.737494][ T5224] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   79.751117][ T5224] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   79.767635][ T5224] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   79.780341][ T5224] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   79.796769][ T5224] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   79.812785][ T5224] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   79.829606][ T5224] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   79.843393][ T5224] batman_adv: batadv0: Interface activated: batadv_slave_1
[   79.882360][   T52] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   79.891605][   T52] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   79.895144][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   79.907026][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   79.933187][ T5224] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   79.942132][ T5224] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   79.957910][ T5224] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   79.968312][ T5224] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   80.126499][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   80.148678][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   80.212606][ T3022] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   80.222241][ T3022] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   80.280474][ T3022] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   80.283950][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   80.295235][ T3022] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   80.308115][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   80.424299][ T5278] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[   80.460044][ T5328] loop2: detected capacity change from 0 to 1024
[   80.598870][ T5330] macvtap0: entered promiscuous mode
[   80.610993][ T5330] macvtap0: left promiscuous mode
[   80.716343][ T5278] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   80.784566][ T5278] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   80.794588][ T5278] usb 2-1: New USB device found, idVendor=05ac, idProduct=0265, bcdDevice= 0.00
[   80.803896][ T5278] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   80.984251][    T0] NOHZ tick-stop error: local softirq work is pending, handler #48!!!
[   81.173828][ T5236] Bluetooth: hci1: command tx timeout
[   81.179615][ T5236] Bluetooth: hci0: command tx timeout
[   81.185310][ T5236] Bluetooth: hci2: command tx timeout
[   81.191468][ T5236] Bluetooth: hci3: command tx timeout
[   81.262394][ T5239] Bluetooth: hci4: command tx timeout
[   81.571587][ T5278] usb 2-1: config 0 descriptor??
[   81.753497][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   81.808372][    T8] cfg80211: failed to load regulatory.db
[   82.007809][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   82.021358][ T5278] magicmouse 0003:05AC:0265.0001: unknown main item tag 0x0
[   82.032392][ T5278] magicmouse 0003:05AC:0265.0001: unknown main item tag 0x0
[   82.045011][ T5278] magicmouse 0003:05AC:0265.0001: unknown main item tag 0x0
[   82.068154][ T5278] magicmouse 0003:05AC:0265.0001: hidraw0: USB HID v0.00 Device [HID 05ac:0265] on usb-dummy_hcd.1-1/input0
[   82.080965][ T5278] magicmouse 0003:05AC:0265.0001: magicmouse input not registered
[   82.101775][ T5278] magicmouse 0003:05AC:0265.0001: probe with driver magicmouse failed with error -12
[   82.503155][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[   83.132111][ T5308] usb 2-1: USB disconnect, device number 2
[   83.374126][ T5347] vcan0: entered allmulticast mode
[   83.414110][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   83.423700][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   83.543079][    T0] NOHZ tick-stop error: local softirq work is pending, handler #142!!!
[   83.553488][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   83.610689][ T5347] netlink: 8 bytes leftover after parsing attributes in process `syz.3.14'.
[   83.953340][    T0] NOHZ tick-stop error: local softirq work is pending, handler #242!!!
[   84.055056][    T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!!
[   84.757316][ T5309] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[   84.953158][ T5309] usb 4-1: Using ep0 maxpacket: 32
[   84.970522][ T5309] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   85.180395][ T5309] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   85.201069][ T5309] usb 4-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[   85.201439][ T5309] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   85.439674][ T5309] usb 4-1: config 0 descriptor??
[   85.473851][ T5309] hub 4-1:0.0: USB hub found
[   85.613554][ T5363] tty tty24: ldisc open failed (-12), clearing slot 23
[   85.657028][ T5309] hub 4-1:0.0: config failed, can't read hub descriptor (err -90)
[   85.880080][ T5309] usbhid 4-1:0.0: can't add hid device: -71
[   85.895179][ T5309] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[   85.970079][ T5309] usb 4-1: USB disconnect, device number 2
[   86.064204][ T5383] loop2: detected capacity change from 0 to 128
[   86.093854][ T5383] =======================================================
[   86.093854][ T5383] WARNING: The mand mount option has been deprecated and
[   86.093854][ T5383]          and is ignored by this kernel. Remove the mand
[   86.093854][ T5383]          option from the mount to silence this warning.
[   86.093854][ T5383] =======================================================
[   86.202240][ T5383] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   86.232607][ T5383] ext4 filesystem being mounted at /5/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   86.319972][ T5383] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[   86.526491][ T5375] loop0: detected capacity change from 0 to 40427
[   86.562970][ T5375] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[   86.571020][ T5375] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[   86.721266][ T5389] __find_get_block_slow() failed. block=144115188075855872, b_blocknr=0, b_state=0x00106019, b_size=4096, device sda1 blocksize: 4096
[   86.748890][ T5375] F2FS-fs (loop0): Found nat_bits in checkpoint
[   86.765829][ T5389] grow_buffers: requested out-of-range block 144115188075855872 for device sda1
[   86.803898][ T5381] loop1: detected capacity change from 0 to 40427
[   86.813664][ T5381] F2FS-fs (loop1): Invalid Fs Meta Ino: node(0) meta(2) root(0)
[   86.814202][ T5389] EXT4-fs warning (device sda1): ext4_resize_fs:2018: can't read last block, resize aborted
[   86.823104][ T5381] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[   86.911920][ T5381] F2FS-fs (loop1): invalid crc value
[   86.936452][ T5381] F2FS-fs (loop1): Found nat_bits in checkpoint
[   86.980362][ T5375] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[   86.990908][ T5375] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[   87.044376][ T5383] syz.2.26 (5383) used greatest stack depth: 17296 bytes left
[   87.069992][ T5381] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[   87.092999][ T5381] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4
[   87.099430][ T5224] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   87.175421][ T5381] syz.1.24: attempt to access beyond end of device
[   87.175421][ T5381] loop1: rw=2051, sector=36912, nr_sectors = 8144 limit=40427
[   87.193487][ T5381] syz.1.24: attempt to access beyond end of device
[   87.193487][ T5381] loop1: rw=2051, sector=45096, nr_sectors = 85976 limit=40427
[   87.330999][ T5375] F2FS-fs (loop0): Inconsistent error blkaddr:5663, sit bitmap:0
[   87.363869][ T5375] CPU: 1 UID: 0 PID: 5375 Comm: syz.0.23 Not tainted 6.11.0-rc4-next-20240822-syzkaller #0
[   87.374145][ T5375] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[   87.375152][ T5381] F2FS-fs (loop1): Issue discard(4614, 4614, 1018) failed, ret: -5
[   87.384219][ T5375] Call Trace:
[   87.384246][ T5375]  <TASK>
[   87.384258][ T5375]  dump_stack_lvl+0x241/0x360
[   87.403190][ T5375]  ? __pfx_dump_stack_lvl+0x10/0x10
[   87.404848][ T5381] F2FS-fs (loop1): Issue discard(5637, 5637, 10747) failed, ret: -5
[   87.408415][ T5375]  ? filemap_dirty_folio+0x9e/0x350
[   87.421723][ T5375]  ? f2fs_dirty_node_folio+0x510/0xaf0
[   87.427232][ T5375]  __f2fs_is_valid_blkaddr+0xd4d/0x1460
[   87.432842][ T5375]  f2fs_truncate_data_blocks_range+0x658/0x1000
[   87.439135][ T5375]  ? f2fs_do_truncate_blocks+0x666/0xdf0
[   87.444819][ T5375]  f2fs_do_truncate_blocks+0x666/0xdf0
[   87.450335][ T5375]  ? __pfx_f2fs_do_truncate_blocks+0x10/0x10
[   87.456371][ T5375]  ? f2fs_inode_dirtied+0x2a3/0x2e0
[   87.461664][ T5375]  f2fs_truncate_blocks+0x10d/0x300
[   87.466910][ T5375]  do_convert_inline_dir+0xf84/0x2400
[   87.472332][ T5375]  ? __pfx_do_convert_inline_dir+0x10/0x10
[   87.478190][ T5375]  ? pagecache_get_page+0xcb/0x200
[   87.483330][ T5375]  ? f2fs_grab_cache_page+0x38/0x320
[   87.488676][ T5375]  ? f2fs_room_for_filename+0x94/0xb0
[   87.494088][ T5375]  f2fs_add_inline_entry+0x476/0x860
[   87.499393][ T5375]  ? __pfx_f2fs_add_inline_entry+0x10/0x10
[   87.505221][ T5375]  ? __pfx_f2fs_setup_filename+0x10/0x10
[   87.510877][ T5375]  f2fs_add_dentry+0xba/0x1e0
[   87.515570][ T5375]  f2fs_do_add_link+0x21f/0x340
[   87.520543][ T5375]  ? __pfx_f2fs_do_add_link+0x10/0x10
[   87.525948][ T5375]  ? __pfx_f2fs_new_inode+0x10/0x10
[   87.531159][ T5375]  ? f2fs_encrypted_get_link+0x90/0x110
[   87.536727][ T5375]  ? f2fs_dquot_initialize+0xdf/0x280
[   87.542175][ T5375]  ? f2fs_create+0x139/0x530
[   87.546806][ T5375]  f2fs_create+0x32c/0x530
[   87.551249][ T5375]  ? __pfx_f2fs_create+0x10/0x10
[   87.556202][ T5375]  path_openat+0x1c06/0x3590
[   87.560836][ T5375]  ? __pfx_path_openat+0x10/0x10
[   87.565811][ T5375]  do_filp_open+0x235/0x490
[   87.570360][ T5375]  ? __pfx_do_filp_open+0x10/0x10
[   87.575428][ T5375]  ? _raw_spin_unlock+0x28/0x50
[   87.580295][ T5375]  ? alloc_fd+0x5a1/0x640
[   87.584654][ T5375]  do_sys_openat2+0x13e/0x1d0
[   87.589352][ T5375]  ? __pfx_do_futex+0x10/0x10
[   87.594050][ T5375]  ? __pfx_do_sys_openat2+0x10/0x10
[   87.599279][ T5375]  __x64_sys_creat+0x123/0x170
[   87.604074][ T5375]  ? __pfx___x64_sys_creat+0x10/0x10
[   87.609479][ T5375]  ? do_syscall_64+0x100/0x230
[   87.614306][ T5375]  ? do_syscall_64+0xb6/0x230
[   87.619095][ T5375]  do_syscall_64+0xf3/0x230
[   87.623619][ T5375]  ? clear_bhb_loop+0x35/0x90
[   87.628338][ T5375]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   87.634258][ T5375] RIP: 0033:0x7fa157979e79
[   87.638694][ T5375] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   87.658326][ T5375] RSP: 002b:00007fa158844038 EFLAGS: 00000246 ORIG_RAX: 0000000000000055
[   87.666825][ T5375] RAX: ffffffffffffffda RBX: 00007fa157b15f80 RCX: 00007fa157979e79
[   87.674923][ T5375] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000e00
[   87.682911][ T5375] RBP: 00007fa1579e7916 R08: 0000000000000000 R09: 0000000000000000
[   87.690899][ T5375] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   87.698885][ T5375] R13: 0000000000000000 R14: 00007fa157b15f80 R15: 00007ffcad382648
[   87.706997][ T5375]  </TASK>
[   87.824129][   T29] audit: type=1800 audit(1724322660.211:2): pid=5375 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.23" name="bus" dev="loop0" ino=27 res=0 errno=0
[   88.198592][ T5419] Bluetooth: MGMT ver 1.23
[   88.628443][ T5428] overlayfs: failed to resolve './file0': -2
[   88.642376][ T5429] loop2: detected capacity change from 0 to 512
[   88.750207][ T5431] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[   90.681709][ T5429] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   90.742918][ T5450] syz.4.38 uses obsolete (PF_INET,SOCK_PACKET)
[   90.752392][ T5429] ext4 filesystem being mounted at /7/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   90.798914][ T5448] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   90.854222][ T5446] loop1: detected capacity change from 0 to 256
[   90.899040][   T29] audit: type=1800 audit(1724322663.291:3): pid=5429 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.34" name="file1" dev="loop2" ino=15 res=0 errno=0
[   90.963458][   T29] audit: type=1804 audit(1724322663.331:4): pid=5429 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.34" name="/newroot/7/bus/bus" dev="loop2" ino=19 res=1 errno=0
[   91.092965][ T1170] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[   91.200503][ T5224] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   91.233445][   T25] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[   91.274069][ T1170] usb 1-1: too many configurations: 9, using maximum allowed: 8
[   91.283993][ T1170] usb 1-1: config 0 has no interfaces?
[   91.303704][ T1170] usb 1-1: config 0 has no interfaces?
[   91.333054][ T1170] usb 1-1: config 0 has no interfaces?
[   91.344854][ T1170] usb 1-1: config 0 has no interfaces?
[   91.363705][ T1170] usb 1-1: config 0 has no interfaces?
[   91.374877][ T1170] usb 1-1: config 0 has no interfaces?
[   91.392777][ T1170] usb 1-1: config 0 has no interfaces?
[   91.401566][ T1170] usb 1-1: config 0 has no interfaces?
[   91.418678][ T5461] loop3: detected capacity change from 0 to 512
[   91.461427][ T5461] EXT4-fs (loop3): unable to read superblock
[   91.494677][   T25] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[   91.515202][   T25] usb 5-1: New USB device found, idVendor=1e7d, idProduct=319c, bcdDevice= 0.00
[   91.537795][   T25] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   91.547047][ T1170] usb 1-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[   91.559168][ T1170] usb 1-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[   91.571022][   T25] usb 5-1: config 0 descriptor??
[   91.579269][ T1170] usb 1-1: Product: syz
[   91.584608][ T1170] usb 1-1: Manufacturer: syz
[   91.590289][ T1170] usb 1-1: SerialNumber: syz
[   91.598894][   T25] usbhid 5-1:0.0: couldn't find an input interrupt endpoint
[   91.613909][ T1170] usb 1-1: config 0 descriptor??
[   91.832568][   T25] usb 5-1: USB disconnect, device number 2
[   91.894442][    T9] usb 1-1: USB disconnect, device number 2
[   91.896273][ T5455] loop1: detected capacity change from 0 to 32768
[   91.910536][ T5455] XFS: ikeep mount option is deprecated.
[   91.951549][ T5469] binder: 5468:5469 ioctl c0306201 20000580 returned -14
[   91.959098][ T5455] XFS (loop1): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[   92.018101][ T5455] XFS (loop1): Ending clean mount
[   92.043672][ T5455] XFS (loop1): Quotacheck needed: Please wait.
[   92.112619][ T5480] process 'syz.3.48' launched '/dev/fd/8' with NULL argv: empty string added
[   92.139853][ T5455] XFS (loop1): Quotacheck: Done.
[   92.281263][ T5225] XFS (loop1): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[   92.480586][ T5486] block nbd3: not configured, cannot reconfigure
[   93.296986][ T5493] 9pnet_fd: Insufficient options for proto=fd
[   94.433872][ T5508] loop1: detected capacity change from 0 to 2048
[   94.576242][ T5517] loop3: detected capacity change from 0 to 16
[   94.576379][ T5508] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   94.620076][ T5517] erofs: (device loop3): mounted with root inode @ nid 36.
[   94.783885][   T25] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[   94.912367][ T5513] kvm: emulating exchange as write
[   94.931089][ T5225] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   95.129974][ T5525] netlink: 8 bytes leftover after parsing attributes in process `syz.2.63'.
[   95.142982][   T25] usb 5-1: Using ep0 maxpacket: 16
[   95.156066][   T25] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   95.202908][   T25] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[   95.211978][   T25] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[   95.253768][   T25] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   95.314189][   T25] usb 5-1: config 0 descriptor??
[   95.444670][    T9] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[   95.659168][    T9] usb 2-1: too many configurations: 9, using maximum allowed: 8
[   96.585628][    T9] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[   96.626368][    T9] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   96.713273][    T9] usb 2-1: config 0 interface 0 has no altsetting 0
[   96.744679][    T9] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[   96.771761][    T9] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   96.813405][    T9] usb 2-1: config 0 interface 0 has no altsetting 0
[   96.830100][    T9] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[   96.840047][    T9] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   96.857403][    T9] usb 2-1: config 0 interface 0 has no altsetting 0
[   96.877250][    T9] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[   96.892994][    T9] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   96.922481][    T9] usb 2-1: config 0 interface 0 has no altsetting 0
[   96.931919][ T5230] usb 5-1: USB disconnect, device number 3
[   96.944625][    T9] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[   96.962893][    T9] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   96.991169][    T9] usb 2-1: config 0 interface 0 has no altsetting 0
[   97.073535][    T9] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[   97.086292][    T9] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   97.133090][ T5278] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[   97.170259][    T9] usb 2-1: config 0 interface 0 has no altsetting 0
[   97.180489][    T9] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[   97.199506][    T9] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   97.222396][    T9] usb 2-1: config 0 interface 0 has no altsetting 0
[   97.235304][    T9] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[   97.244778][    T9] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   97.255828][    T9] usb 2-1: config 0 interface 0 has no altsetting 0
[   97.290098][    T9] usb 2-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[   97.299982][    T9] usb 2-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[   97.312591][    T9] usb 2-1: Product: syz
[   97.348653][    T9] usb 2-1: Manufacturer: syz
[   97.370954][    T9] usb 2-1: SerialNumber: syz
[   97.382941][ T5278] usb 1-1: Using ep0 maxpacket: 32
[   97.390285][ T5278] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[   97.417900][ T5278] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[   97.432546][    T9] usb 2-1: config 0 descriptor??
[   97.830538][ T5547] loop3: detected capacity change from 0 to 128
[   97.846311][ T5278] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[   97.863327][    T9] yurex 2-1:0.0: USB YUREX device now attached to Yurex #0
[   98.789645][ T5278] usb 1-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[   98.798861][ T5278] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   98.811210][ T5278] usb 1-1: config 0 descriptor??
[   98.817220][ T5539] raw-gadget.2 gadget.0: fail, usb_ep_enable returned -22
[   98.844211][ T5278] hub 1-1:0.0: USB hub found
[   99.014151][ T5308] usb 2-1: USB disconnect, device number 3
[   99.037216][ T5308] yurex 2-1:0.0: USB YUREX #0 now disconnected
[   99.052514][ T5278] hub 1-1:0.0: 2 ports detected
[   99.167707][ T5556] FAT-fs (loop3): error, corrupted directory (invalid i_start)
[   99.180933][ T5556] FAT-fs (loop3): Filesystem has been set read-only
[   99.339735][ T5564] netlink: 28 bytes leftover after parsing attributes in process `syz.2.72'.
[  100.874526][ T1170] usb 1-1: USB disconnect, device number 3
[  101.073799][ T5577] netlink: 'syz.2.77': attribute type 2 has an invalid length.
[  101.076289][ T5578] openvswitch: netlink: Unexpected mask (mask=200040, allowed=10048)
[  101.763940][ T5577] netlink: 'syz.2.77': attribute type 1 has an invalid length.
[  101.772608][ T5577] netlink: 4 bytes leftover after parsing attributes in process `syz.2.77'.
[  101.795729][ T5577] netlink: 'syz.2.77': attribute type 1 has an invalid length.
[  101.839836][ T5585] Illegal XDP return value 4294967294 on prog  (id 22) dev N/A, expect packet loss!
[  103.869348][ T5603] netlink: 'syz.2.84': attribute type 25 has an invalid length.
[  103.877442][ T5603] netlink: 'syz.2.84': attribute type 8 has an invalid length.
[  103.888476][ T5603] netlink: 44 bytes leftover after parsing attributes in process `syz.2.84'.
[  103.897480][ T5603] netlink: 40 bytes leftover after parsing attributes in process `syz.2.84'.
[  104.028040][ T5607] loop3: detected capacity change from 0 to 512
[  104.065775][ T5607] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  104.101312][ T5607] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  106.850472][ T5607] workqueue: Failed to create a rescuer kthread for wq "ext4-rsv-conversion": -EINTR
[  106.851008][ T5607] EXT4-fs: failed to create workqueue
[  106.866420][ T5607] EXT4-fs (loop3): mount failed
[  132.984195][ T1272] ieee802154 phy0 wpan0: encryption failed: -22
[  132.990666][ T1272] ieee802154 phy1 wpan1: encryption failed: -22
[  194.448137][ T1272] ieee802154 phy0 wpan0: encryption failed: -22
[  194.456083][ T1272] ieee802154 phy1 wpan1: encryption failed: -22
[  196.512942][ T5242] Bluetooth: hci0: command 0x0406 tx timeout
[  196.513085][ T5240] Bluetooth: hci1: command 0x0406 tx timeout
[  196.519064][ T5242] Bluetooth: hci4: command 0x0406 tx timeout
[  196.530164][ T5240] Bluetooth: hci3: command 0x0406 tx timeout
[  196.539313][ T5237] Bluetooth: hci2: command 0x0406 tx timeout
[  251.384317][   T30] INFO: task syz-executor:5224 blocked for more than 143 seconds.
[  251.392234][   T30]       Not tainted 6.11.0-rc4-next-20240822-syzkaller #0
[  251.402857][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  251.411573][   T30] task:syz-executor    state:D stack:20432 pid:5224  tgid:5224  ppid:5221   flags:0x00004000
[  251.428963][   T30] Call Trace:
[  251.432391][   T30]  <TASK>
[  251.435467][   T30]  __schedule+0x184a/0x4b30
[  251.440050][   T30]  ? __pfx___schedule+0x10/0x10
[  251.450694][   T30]  ? preempt_schedule_common+0x84/0xd0
[  251.456263][   T30]  ? __pfx_lock_release+0x10/0x10
[  251.461350][   T30]  ? preempt_schedule+0xe1/0xf0
[  251.468283][   T30]  ? schedule+0x90/0x320
[  251.472573][   T30]  schedule+0x14b/0x320
[  251.476833][   T30]  ? percpu_rwsem_wait+0x34c/0x450
[  251.482855][   T30]  percpu_rwsem_wait+0x3c2/0x450
[  251.487852][   T30]  ? preempt_schedule+0xe1/0xf0
[  251.494092][   T30]  ? __pfx_percpu_rwsem_wait+0x10/0x10
[  251.499838][   T30]  ? __pfx_percpu_rwsem_wake_function+0x10/0x10
[  251.506312][   T30]  __percpu_down_read+0xee/0x130
[  251.511308][   T30]  cgroup_can_fork+0xb97/0xc80
[  251.516197][   T30]  ? debug_mutex_init+0x38/0x70
[  251.521093][   T30]  copy_process+0x219b/0x3d50
[  251.526133][   T30]  ? copy_process+0x9fa/0x3d50
[  251.531035][   T30]  ? __lock_acquire+0x1384/0x2050
[  251.536479][   T30]  ? __pfx_copy_process+0x10/0x10
[  251.541671][   T30]  kernel_clone+0x226/0x8f0
[  251.546614][   T30]  ? __pfx_kernel_clone+0x10/0x10
[  251.551808][   T30]  __x64_sys_clone+0x258/0x2a0
[  251.556679][   T30]  ? __pfx___x64_sys_clone+0x10/0x10
[  251.562145][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  251.568445][   T30]  ? exc_page_fault+0x590/0x8c0
[  251.573475][   T30]  ? do_syscall_64+0xb6/0x230
[  251.578361][   T30]  do_syscall_64+0xf3/0x230
[  251.588654][   T30]  ? clear_bhb_loop+0x35/0x90
[  251.593716][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  251.599790][   T30] RIP: 0033:0x7f2ef41706d3
[  251.620117][   T30] RSP: 002b:00007ffe8e566148 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  251.632802][   T30] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f2ef41706d3
[  251.640847][   T30] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011
[  251.649056][   T30] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  251.657110][   T30] R10: 0000555569f9e7d0 R11: 0000000000000246 R12: 0000000000000000
[  251.665167][   T30] R13: 00000000000195c3 R14: 000000000001958c R15: 00007ffe8e5662d0
[  251.673255][   T30]  </TASK>
[  251.676585][   T30] INFO: task syz.4.71:5555 blocked for more than 143 seconds.
[  251.684818][   T30]       Not tainted 6.11.0-rc4-next-20240822-syzkaller #0
[  251.691967][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  251.700709][   T30] task:syz.4.71        state:D stack:26480 pid:5555  tgid:5554  ppid:5226   flags:0x00004002
[  251.721044][   T30] Call Trace:
[  251.724432][   T30]  <TASK>
[  251.727401][   T30]  __schedule+0x184a/0x4b30
[  251.731967][   T30]  ? __pfx___schedule+0x10/0x10
[  251.736890][   T30]  ? __pfx_lock_release+0x10/0x10
[  251.741928][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  251.747980][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  251.754409][   T30]  ? schedule+0x90/0x320
[  251.758655][   T30]  schedule+0x14b/0x320
[  251.762879][   T30]  ? percpu_rwsem_wait+0x34c/0x450
[  251.768018][   T30]  percpu_rwsem_wait+0x3c2/0x450
[  251.773076][   T30]  ? __pfx_percpu_rwsem_wait+0x10/0x10
[  251.778651][   T30]  ? __pfx_percpu_rwsem_wake_function+0x10/0x10
[  251.784984][   T30]  ? rcu_is_watching+0x15/0xb0
[  251.790293][   T30]  __percpu_down_read+0xee/0x130
[  251.795401][   T30]  exit_signals+0x4a9/0x5c0
[  251.799949][   T30]  ? _raw_spin_lock_irq+0xdf/0x120
[  251.806800][   T30]  ? __pfx_exit_signals+0x10/0x10
[  251.811887][   T30]  ? _raw_spin_unlock_irq+0x23/0x50
[  251.817203][   T30]  ? lockdep_hardirqs_on+0x99/0x150
[  251.822473][   T30]  do_exit+0x6b4/0x28e0
[  251.826824][   T30]  ? __pfx_do_exit+0x10/0x10
[  251.831464][   T30]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  251.839640][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  251.845811][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  251.852181][   T30]  ? _raw_spin_lock_irq+0xdf/0x120
[  251.857367][   T30]  do_group_exit+0x207/0x2c0
[  251.861986][   T30]  ? _raw_spin_unlock_irq+0x23/0x50
[  251.867539][   T30]  ? lockdep_hardirqs_on+0x99/0x150
[  251.872863][   T30]  get_signal+0x176f/0x1810
[  251.877429][   T30]  ? __pfx_get_signal+0x10/0x10
[  251.882345][   T30]  ? task_work_add+0x2d8/0x450
[  251.887272][   T30]  arch_do_signal_or_restart+0x96/0x860
[  251.893519][   T30]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  251.899753][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  251.905905][   T30]  ? syscall_exit_to_user_mode+0xa3/0x370
[  251.911685][   T30]  syscall_exit_to_user_mode+0xc9/0x370
[  251.917303][   T30]  do_syscall_64+0x100/0x230
[  251.921925][   T30]  ? clear_bhb_loop+0x35/0x90
[  251.926805][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  251.932744][   T30] RIP: 0033:0x7f8c4a379e79
[  251.937253][   T30] RSP: 002b:00007f8c4b115038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  251.948818][   T30] RAX: 0000000000018ff8 RBX: 00007f8c4a515f80 RCX: 00007f8c4a379e79
[  251.956877][   T30] RDX: 0000000000018ff8 RSI: 0000000020019680 RDI: 0000000000000004
[  251.965010][   T30] RBP: 00007f8c4a3e7916 R08: 0000000000000000 R09: 0000000000000000
[  251.973093][   T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  251.981087][   T30] R13: 0000000000000000 R14: 00007f8c4a515f80 R15: 00007fffa1440e38
[  251.989216][   T30]  </TASK>
[  251.993867][   T30] INFO: task syz.3.83:5601 blocked for more than 143 seconds.
[  252.001352][   T30]       Not tainted 6.11.0-rc4-next-20240822-syzkaller #0
[  252.008646][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  252.017427][   T30] task:syz.3.83        state:D stack:22608 pid:5601  tgid:5601  ppid:5227   flags:0x00004004
[  252.028069][   T30] Call Trace:
[  252.031377][   T30]  <TASK>
[  252.034441][   T30]  __schedule+0x184a/0x4b30
[  252.039011][   T30]  ? __pfx___schedule+0x10/0x10
[  252.044226][   T30]  ? __pfx_lock_release+0x10/0x10
[  252.049301][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  252.055869][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  252.062254][   T30]  ? schedule+0x90/0x320
[  252.066838][   T30]  schedule+0x14b/0x320
[  252.071052][   T30]  ? percpu_rwsem_wait+0x34c/0x450
[  252.076470][   T30]  percpu_rwsem_wait+0x3c2/0x450
[  252.081465][   T30]  ? __pfx_percpu_rwsem_wait+0x10/0x10
[  252.087129][   T30]  ? __pfx_percpu_rwsem_wake_function+0x10/0x10
[  252.094581][   T30]  ? rcu_is_watching+0x15/0xb0
[  252.099409][   T30]  __percpu_down_read+0xee/0x130
[  252.104467][   T30]  exit_signals+0x4a9/0x5c0
[  252.108996][   T30]  ? _raw_spin_lock_irq+0xdf/0x120
[  252.114309][   T30]  ? __pfx_exit_signals+0x10/0x10
[  252.119368][   T30]  ? _raw_spin_unlock_irq+0x23/0x50
[  252.124648][   T30]  ? lockdep_hardirqs_on+0x99/0x150
[  252.129876][   T30]  do_exit+0x6b4/0x28e0
[  252.134274][   T30]  ? __pfx_do_exit+0x10/0x10
[  252.138899][   T30]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  252.144349][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  252.150365][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  252.156924][   T30]  ? _raw_spin_lock_irq+0xdf/0x120
[  252.162072][   T30]  do_group_exit+0x207/0x2c0
[  252.166945][   T30]  ? _raw_spin_unlock_irq+0x23/0x50
[  252.172264][   T30]  ? lockdep_hardirqs_on+0x99/0x150
[  252.180455][   T30]  get_signal+0x176f/0x1810
[  252.185092][   T30]  ? __pfx_get_signal+0x10/0x10
[  252.190009][   T30]  ? do_futex+0x33b/0x560
[  252.194428][   T30]  arch_do_signal_or_restart+0x96/0x860
[  252.200823][   T30]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  252.207090][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  252.213257][   T30]  ? syscall_exit_to_user_mode+0xa3/0x370
[  252.219004][   T30]  syscall_exit_to_user_mode+0xc9/0x370
[  252.224715][   T30]  do_syscall_64+0x100/0x230
[  252.229334][   T30]  ? clear_bhb_loop+0x35/0x90
[  252.234129][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  252.240135][   T30] RIP: 0033:0x7feb75179e79
[  252.244629][   T30] RSP: 002b:00007ffc15acb678 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  252.253115][   T30] RAX: fffffffffffffdfc RBX: 000000000001a5fc RCX: 00007feb75179e79
[  252.261108][   T30] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007feb75315f8c
[  252.269189][   T30] RBP: 00007feb75315f8c R08: 00007feb75315f80 R09: 00007ffc15acb95f
[  252.277243][   T30] R10: 00007ffc15acb770 R11: 0000000000000246 R12: 0000000000000fd2
[  252.285582][   T30] R13: 00007ffc15acb770 R14: 00007ffc15acb790 R15: 000000000001962a
[  252.293777][   T30]  </TASK>
[  252.297004][   T30] INFO: task syz.3.83:5607 blocked for more than 144 seconds.
[  252.305509][   T30]       Not tainted 6.11.0-rc4-next-20240822-syzkaller #0
[  252.312685][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  252.321437][   T30] task:syz.3.83        state:D stack:25248 pid:5607  tgid:5601  ppid:5227   flags:0x00004006
[  252.332138][   T30] Call Trace:
[  252.335687][   T30]  <TASK>
[  252.338641][   T30]  __schedule+0x184a/0x4b30
[  252.343437][   T30]  ? __pfx___schedule+0x10/0x10
[  252.348331][   T30]  ? preempt_schedule_common+0x84/0xd0
[  252.357763][   T30]  ? __pfx_lock_release+0x10/0x10
[  252.362900][   T30]  ? preempt_schedule+0xe1/0xf0
[  252.367777][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  252.377508][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  252.384081][   T30]  ? schedule+0x90/0x320
[  252.388356][   T30]  schedule+0x14b/0x320
[  252.392518][   T30]  ? percpu_rwsem_wait+0x34c/0x450
[  252.397824][   T30]  percpu_rwsem_wait+0x3c2/0x450
[  252.403589][   T30]  ? preempt_schedule+0xe1/0xf0
[  252.408497][   T30]  ? __pfx_percpu_rwsem_wait+0x10/0x10
[  252.414071][   T30]  ? __pfx_percpu_rwsem_wake_function+0x10/0x10
[  252.420354][   T30]  __percpu_down_read+0xee/0x130
[  252.425595][   T30]  exit_signals+0x4a9/0x5c0
[  252.430147][   T30]  ? _raw_spin_lock_irq+0xdf/0x120
[  252.435385][   T30]  ? __pfx_exit_signals+0x10/0x10
[  252.440455][   T30]  ? _raw_spin_unlock_irq+0x23/0x50
[  252.445738][   T30]  ? lockdep_hardirqs_on+0x99/0x150
[  252.450948][   T30]  do_exit+0x6b4/0x28e0
[  252.455285][   T30]  ? __pfx_do_exit+0x10/0x10
[  252.459992][   T30]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  252.465501][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  252.471523][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  252.477962][   T30]  ? _raw_spin_lock_irq+0xdf/0x120
[  252.483182][   T30]  do_group_exit+0x207/0x2c0
[  252.487803][   T30]  ? _raw_spin_unlock_irq+0x23/0x50
[  252.493188][   T30]  ? lockdep_hardirqs_on+0x99/0x150
[  252.498435][   T30]  get_signal+0x176f/0x1810
[  252.503725][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  252.510103][   T30]  ? __pfx_get_signal+0x10/0x10
[  252.515152][   T30]  ? kasan_quarantine_put+0xdc/0x230
[  252.520609][   T30]  ? lockdep_hardirqs_on+0x99/0x150
[  252.525936][   T30]  arch_do_signal_or_restart+0x96/0x860
[  252.531522][   T30]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  252.537810][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  252.543943][   T30]  ? syscall_exit_to_user_mode+0xa3/0x370
[  252.549696][   T30]  syscall_exit_to_user_mode+0xc9/0x370
[  252.555345][   T30]  do_syscall_64+0x100/0x230
[  252.559989][   T30]  ? clear_bhb_loop+0x35/0x90
[  252.564803][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  252.570741][   T30] RIP: 0033:0x7feb7517b61a
[  252.575289][   T30] RSP: 002b:00007feb75fc6e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  252.583912][   T30] RAX: fffffffffffffff4 RBX: 00007feb75fc6ef0 RCX: 00007feb7517b61a
[  252.591917][   T30] RDX: 0000000020000040 RSI: 00000000200001c0 RDI: 00007feb75fc6eb0
[  252.600157][   T30] RBP: 0000000020000040 R08: 00007feb75fc6ef0 R09: 0000000000000404
[  252.608814][   T30] R10: 0000000000000404 R11: 0000000000000246 R12: 00000000200001c0
[  252.616911][   T30] R13: 00007feb75fc6eb0 R14: 000000000000042f R15: 0000000020000200
[  252.624983][   T30]  </TASK>
[  252.628133][   T30] INFO: task syz.0.85:5604 blocked for more than 144 seconds.
[  252.635743][   T30]       Not tainted 6.11.0-rc4-next-20240822-syzkaller #0
[  252.642929][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  252.651678][   T30] task:syz.0.85        state:D stack:24384 pid:5604  tgid:5604  ppid:5243   flags:0x00000004
[  252.662012][   T30] Call Trace:
[  252.665367][   T30]  <TASK>
[  252.668310][   T30]  __schedule+0x184a/0x4b30
[  252.673001][   T30]  ? __pfx___schedule+0x10/0x10
[  252.677904][   T30]  ? __pfx_lock_release+0x10/0x10
[  252.683051][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  252.689236][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  252.695711][   T30]  ? schedule+0x90/0x320
[  252.699989][   T30]  schedule+0x14b/0x320
[  252.704236][   T30]  ? percpu_rwsem_wait+0x34c/0x450
[  252.709975][   T30]  percpu_rwsem_wait+0x3c2/0x450
[  252.715048][   T30]  ? __pfx_percpu_rwsem_wait+0x10/0x10
[  252.720560][   T30]  ? __pfx_percpu_rwsem_wake_function+0x10/0x10
[  252.726930][   T30]  ? rcu_is_watching+0x15/0xb0
[  252.731728][   T30]  __percpu_down_read+0xee/0x130
[  252.736827][   T30]  cgroup_can_fork+0xb97/0xc80
[  252.741629][   T30]  ? debug_mutex_init+0x38/0x70
[  252.747180][   T30]  copy_process+0x219b/0x3d50
[  252.752077][   T30]  ? copy_process+0x9fa/0x3d50
[  252.761496][   T30]  ? __pfx_copy_process+0x10/0x10
[  252.766714][   T30]  ? __might_fault+0xc6/0x120
[  252.771566][   T30]  ? __asan_memset+0x23/0x50
[  252.776410][   T30]  kernel_clone+0x226/0x8f0
[  252.780977][   T30]  ? __pfx_kernel_clone+0x10/0x10
[  252.786097][   T30]  __se_sys_clone3+0x2cb/0x350
[  252.790921][   T30]  ? __pfx___se_sys_clone3+0x10/0x10
[  252.796400][   T30]  ? do_syscall_64+0x100/0x230
[  252.801219][   T30]  ? do_syscall_64+0xb6/0x230
[  252.806018][   T30]  do_syscall_64+0xf3/0x230
[  252.811657][   T30]  ? clear_bhb_loop+0x35/0x90
[  252.816662][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  252.822634][   T30] RIP: 0033:0x7fa1579adea9
[  252.827216][   T30] RSP: 002b:00007ffcad382518 EFLAGS: 00000206 ORIG_RAX: 00000000000001b3
[  252.835799][   T30] RAX: ffffffffffffffda RBX: 00007fa1579307f0 RCX: 00007fa1579adea9
[  252.843889][   T30] RDX: 00007fa1579307f0 RSI: 0000000000000058 RDI: 00007ffcad382560
[  252.851888][   T30] RBP: 00007fa1588026c0 R08: 00007fa1588026c0 R09: 00007ffcad382647
[  252.859958][   T30] R10: 0000000000000008 R11: 0000000000000206 R12: ffffffffffffffa8
[  252.870378][   T30] R13: 000000000000006e R14: 00007ffcad382560 R15: 00007ffcad382648
[  252.878475][   T30]  </TASK>
[  252.881599][   T30] INFO: task syz.0.85:5605 blocked for more than 144 seconds.
[  252.889172][   T30]       Not tainted 6.11.0-rc4-next-20240822-syzkaller #0
[  252.896518][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  252.905333][   T30] task:syz.0.85        state:D stack:26008 pid:5605  tgid:5604  ppid:5243   flags:0x00004004
[  252.916257][   T30] Call Trace:
[  252.919566][   T30]  <TASK>
[  252.922499][   T30]  __schedule+0x184a/0x4b30
[  252.927123][   T30]  ? __pfx___schedule+0x10/0x10
[  252.932059][   T30]  ? __pfx_lock_release+0x10/0x10
[  252.937309][   T30]  ? schedule+0x90/0x320
[  252.941575][   T30]  schedule+0x14b/0x320
[  252.945828][   T30]  schedule_timeout+0xb0/0x310
[  252.950639][   T30]  ? __pfx_schedule_timeout+0x10/0x10
[  252.956133][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  252.962168][   T30]  ? wait_for_completion+0x2fe/0x620
[  252.967570][   T30]  ? wait_for_completion+0x2fe/0x620
[  252.976579][   T30]  ? _raw_spin_unlock_irq+0x23/0x50
[  252.981839][   T30]  ? lockdep_hardirqs_on+0x99/0x150
[  252.987218][   T30]  ? wait_for_completion+0x2fe/0x620
[  252.992538][   T30]  wait_for_completion+0x355/0x620
[  252.997760][   T30]  ? __pfx_wait_for_completion+0x10/0x10
[  253.003463][   T30]  kvm_vm_create_worker_thread+0x1d7/0x2c0
[  253.009283][   T30]  ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10
[  253.016915][   T30]  ? __pfx_kvm_vm_create_worker_thread+0x10/0x10
[  253.023486][   T30]  ? up_write+0x1a9/0x590
[  253.027871][   T30]  ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10
[  253.034752][   T30]  kvm_mmu_post_init_vm+0x40/0x90
[  253.039804][   T30]  kvm_dev_ioctl+0x1556/0x2370
[  253.044683][   T30]  ? __pfx_kvm_dev_ioctl+0x10/0x10
[  253.049825][   T30]  ? __fget_files+0x3f6/0x470
[  253.054609][   T30]  ? __fget_files+0x29/0x470
[  253.059236][   T30]  ? __pfx_kvm_dev_ioctl+0x10/0x10
[  253.064534][   T30]  __se_sys_ioctl+0xfc/0x170
[  253.069156][   T30]  do_syscall_64+0xf3/0x230
[  253.073852][   T30]  ? clear_bhb_loop+0x35/0x90
[  253.078601][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  253.086390][   T30] RIP: 0033:0x7fa157979e79
[  253.090852][   T30] RSP: 002b:00007fa158844038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  253.100326][   T30] RAX: ffffffffffffffda RBX: 00007fa157b15f80 RCX: 00007fa157979e79
[  253.108684][   T30] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003
[  253.116771][   T30] RBP: 00007fa1579e7916 R08: 0000000000000000 R09: 0000000000000000
[  253.125747][   T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  253.133813][   T30] R13: 0000000000000000 R14: 00007fa157b15f80 R15: 00007ffcad382648
[  253.141816][   T30]  </TASK>
[  253.144919][   T30] INFO: task syz.0.85:5608 blocked for more than 145 seconds.
[  253.152389][   T30]       Not tainted 6.11.0-rc4-next-20240822-syzkaller #0
[  253.159572][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  253.168279][   T30] task:syz.0.85        state:D stack:27056 pid:5608  tgid:5604  ppid:5243   flags:0x00004004
[  253.178592][   T30] Call Trace:
[  253.181887][   T30]  <TASK>
[  253.184887][   T30]  __schedule+0x184a/0x4b30
[  253.189439][   T30]  ? __pfx___schedule+0x10/0x10
[  253.194518][   T30]  ? __pfx_lock_release+0x10/0x10
[  253.199602][   T30]  ? schedule+0x90/0x320
[  253.207114][   T30]  schedule+0x14b/0x320
[  253.211322][   T30]  schedule_timeout+0xb0/0x310
[  253.216171][   T30]  ? __pfx_schedule_timeout+0x10/0x10
[  253.222419][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  253.228559][   T30]  ? wait_for_completion+0x2fe/0x620
[  253.234023][   T30]  ? wait_for_completion+0x2fe/0x620
[  253.239345][   T30]  ? _raw_spin_unlock_irq+0x23/0x50
[  253.244658][   T30]  ? lockdep_hardirqs_on+0x99/0x150
[  253.249891][   T30]  ? wait_for_completion+0x2fe/0x620
[  253.255275][   T30]  wait_for_completion+0x355/0x620
[  253.260444][   T30]  ? __pfx_wait_for_completion+0x10/0x10
[  253.266167][   T30]  ? __init_swait_queue_head+0xae/0x150
[  253.271764][   T30]  kvm_vm_create_worker_thread+0x1d7/0x2c0
[  253.277686][   T30]  ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10
[  253.284650][   T30]  ? __pfx_kvm_vm_create_worker_thread+0x10/0x10
[  253.291036][   T30]  ? up_write+0x1a9/0x590
[  253.295495][   T30]  ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10
[  253.302316][   T30]  kvm_mmu_post_init_vm+0x40/0x90
[  253.308013][   T30]  kvm_dev_ioctl+0x1556/0x2370
[  253.313115][   T30]  ? __pfx_kvm_dev_ioctl+0x10/0x10
[  253.318277][   T30]  ? __fget_files+0x3f6/0x470
[  253.327503][   T30]  ? __fget_files+0x29/0x470
[  253.332224][   T30]  ? __pfx_kvm_dev_ioctl+0x10/0x10
[  253.337445][   T30]  __se_sys_ioctl+0xfc/0x170
[  253.342078][   T30]  do_syscall_64+0xf3/0x230
[  253.346777][   T30]  ? clear_bhb_loop+0x35/0x90
[  253.351487][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  253.357461][   T30] RIP: 0033:0x7fa157979e79
[  253.361912][   T30] RSP: 002b:00007fa158823038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  253.370629][   T30] RAX: ffffffffffffffda RBX: 00007fa157b16058 RCX: 00007fa157979e79
[  253.378654][   T30] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000005
[  253.386826][   T30] RBP: 00007fa1579e7916 R08: 0000000000000000 R09: 0000000000000000
[  253.395298][   T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  253.403388][   T30] R13: 0000000000000000 R14: 00007fa157b16058 R15: 00007ffcad382648
[  253.411400][   T30]  </TASK>
[  253.414511][   T30] INFO: task kvm-nx-lpage-re:5609 blocked for more than 145 seconds.
[  253.422604][   T30]       Not tainted 6.11.0-rc4-next-20240822-syzkaller #0
[  253.430585][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  253.439665][   T30] task:kvm-nx-lpage-re state:D stack:29176 pid:5609  tgid:5609  ppid:2      flags:0x00004000
[  253.450169][   T30] Call Trace:
[  253.453647][   T30]  <TASK>
[  253.456616][   T30]  __schedule+0x184a/0x4b30
[  253.461165][   T30]  ? __pfx___schedule+0x10/0x10
[  253.466227][   T30]  ? __pfx_lock_release+0x10/0x10
[  253.471289][   T30]  ? __mutex_trylock_common+0x92/0x2e0
[  253.477219][   T30]  ? schedule+0x90/0x320
[  253.481518][   T30]  schedule+0x14b/0x320
[  253.486987][   T30]  schedule_preempt_disabled+0x13/0x30
[  253.492503][   T30]  __mutex_lock+0x6a7/0xd70
[  253.497311][   T30]  ? __mutex_lock+0x52a/0xd70
[  253.502195][   T30]  ? cgroup_attach_task_all+0x27/0xe0
[  253.507651][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  253.512719][   T30]  ? lockdep_hardirqs_on+0x99/0x150
[  253.517993][   T30]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  253.523977][   T30]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  253.531181][   T30]  cgroup_attach_task_all+0x27/0xe0
[  253.536486][   T30]  kvm_vm_worker_thread+0xd5/0x580
[  253.541656][   T30]  ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10
[  253.548759][   T30]  ? __pfx_kvm_vm_worker_thread+0x10/0x10
[  253.555564][   T30]  kthread+0x2f0/0x390
[  253.559696][   T30]  ? __pfx_kvm_vm_worker_thread+0x10/0x10
[  253.565709][   T30]  ? __pfx_kthread+0x10/0x10
[  253.570336][   T30]  ret_from_fork+0x4b/0x80
[  253.574828][   T30]  ? __pfx_kthread+0x10/0x10
[  253.579463][   T30]  ret_from_fork_asm+0x1a/0x30
[  253.584337][   T30]  </TASK>
[  253.587383][   T30] 
[  253.587383][   T30] Showing all locks held in the system:
[  253.595252][   T30] 1 lock held by kthreadd/2:
[  253.599865][   T30]  #0: ffffffff8e9679d0 (cgroup_threadgroup_rwsem){++++}-{0:0}, at: copy_process+0x219b/0x3d50
[  253.610415][   T30] 2 locks held by kworker/u8:1/12:
[  253.615586][   T30] 1 lock held by khungtaskd/30:
[  253.620461][   T30]  #0: ffffffff8e939ae0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0
[  253.631158][   T30] 4 locks held by kworker/u8:5/1069:
[  253.636519][   T30]  #0: ffff8880b903ea58 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0xb0/0x140
[  253.646596][   T30]  #1: ffffc900042b7d00 ((work_completion)(&rdev->wiphy_work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850
[  253.659247][   T30]  #2: ffff88807f4b8768 (&rdev->wiphy.mtx){+.+.}-{3:3}, at: cfg80211_wiphy_work+0xd9/0x490
[  253.669785][   T30]  #3: ffffffff8e939ae0 (rcu_read_lock){....}-{1:2}, at: ieee80211_sta_active_ibss+0xc7/0x330
[  253.680451][   T30] 1 lock held by syslogd/4664:
[  253.685532][   T30] 1 lock held by udevd/4682:
[  253.690138][   T30]  #0: ffffffff8e9679d0 (cgroup_threadgroup_rwsem){++++}-{0:0}, at: copy_process+0x219b/0x3d50
[  253.700569][   T30] 1 lock held by dhcpcd/4896:
[  253.705325][   T30]  #0: ffffffff8e9679d0 (cgroup_threadgroup_rwsem){++++}-{0:0}, at: copy_process+0x219b/0x3d50
[  253.715838][   T30] 2 locks held by getty/4981:
[  253.720528][   T30]  #0: ffff88802ad9e0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  253.730442][   T30]  #1: ffffc900031232f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6ac/0x1e00
[  253.741414][   T30] 1 lock held by syz-executor/5223:
[  253.746704][   T30]  #0: ffffffff8e9679d0 (cgroup_threadgroup_rwsem){++++}-{0:0}, at: do_exit+0x6b4/0x28e0
[  253.756629][   T30] 1 lock held by syz-executor/5224:
[  253.761823][   T30]  #0: ffffffff8e9679d0 (cgroup_threadgroup_rwsem){++++}-{0:0}, at: copy_process+0x219b/0x3d50
[  253.772267][   T30] 1 lock held by udevd/5231:
[  253.777031][   T30]  #0: ffffffff8e9679d0 (cgroup_threadgroup_rwsem){++++}-{0:0}, at: do_exit+0x6b4/0x28e0
[  253.791123][   T30] 1 lock held by udevd/5238:
[  253.795963][   T30]  #0: ffffffff8e9679d0 (cgroup_threadgroup_rwsem){++++}-{0:0}, at: do_exit+0x6b4/0x28e0
[  253.805933][   T30] 1 lock held by udevd/5241:
[  253.810540][   T30]  #0: ffffffff8e9679d0 (cgroup_threadgroup_rwsem){++++}-{0:0}, at: do_exit+0x6b4/0x28e0
[  253.820585][   T30] 1 lock held by udevd/5245:
[  253.825241][   T30]  #0: ffffffff8e9679d0 (cgroup_threadgroup_rwsem){++++}-{0:0}, at: do_exit+0x6b4/0x28e0
[  253.835952][   T30] 1 lock held by udevd/5246:
[  253.840576][   T30]  #0: ffffffff8e9679d0 (cgroup_threadgroup_rwsem){++++}-{0:0}, at: do_exit+0x6b4/0x28e0
[  253.850565][   T30] 1 lock held by syz.4.71/5555:
[  253.855470][   T30]  #0: ffffffff8e9679d0 (cgroup_threadgroup_rwsem){++++}-{0:0}, at: do_exit+0x6b4/0x28e0
[  253.865639][   T30] 1 lock held by syz.1.76/5578:
[  253.870523][   T30] 1 lock held by syz.3.83/5601:
[  253.875440][   T30]  #0: ffffffff8e9679d0 (cgroup_threadgroup_rwsem){++++}-{0:0}, at: do_exit+0x6b4/0x28e0
[  253.885370][   T30] 1 lock held by syz.3.83/5607:
[  253.890215][   T30]  #0: ffffffff8e9679d0 (cgroup_threadgroup_rwsem){++++}-{0:0}, at: do_exit+0x6b4/0x28e0
[  253.900579][   T30] 1 lock held by syz.0.85/5604:
[  253.905522][   T30]  #0: ffffffff8e9679d0 (cgroup_threadgroup_rwsem){++++}-{0:0}, at: copy_process+0x219b/0x3d50
[  253.916186][   T30] 3 locks held by kvm-nx-lpage-re/5606:
[  253.921758][   T30]  #0: ffffffff8e9677e8 (cgroup_mutex){+.+.}-{3:3}, at: cgroup_attach_task_all+0x27/0xe0
[  253.931740][   T30]  #1: ffffffff8e7d3a30 (cpu_hotplug_lock){++++}-{0:0}, at: cgroup_attach_lock+0x11/0x40
[  253.942390][   T30]  #2: ffffffff8e9679d0 (cgroup_threadgroup_rwsem){++++}-{0:0}, at: cgroup_attach_task_all+0x31/0xe0
[  253.953609][   T30] 1 lock held by kvm-nx-lpage-re/5609:
[  253.959097][   T30]  #0: ffffffff8e9677e8 (cgroup_mutex){+.+.}-{3:3}, at: cgroup_attach_task_all+0x27/0xe0
[  253.969164][   T30] 
[  253.971513][   T30] =============================================
[  253.971513][   T30] 
[  253.980069][   T30] NMI backtrace for cpu 1
[  253.984428][   T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.11.0-rc4-next-20240822-syzkaller #0
[  253.994438][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  254.004499][   T30] Call Trace:
[  254.007810][   T30]  <TASK>
[  254.010745][   T30]  dump_stack_lvl+0x241/0x360
[  254.015443][   T30]  ? __pfx_dump_stack_lvl+0x10/0x10
[  254.020653][   T30]  ? __pfx__printk+0x10/0x10
[  254.025254][   T30]  ? __pfx_vprintk_emit+0x10/0x10
[  254.030381][   T30]  nmi_cpu_backtrace+0x49c/0x4d0
[  254.035345][   T30]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  254.040821][   T30]  ? _printk+0xd5/0x120
[  254.044992][   T30]  ? __pfx__printk+0x10/0x10
[  254.049596][   T30]  ? __wake_up_klogd+0xcc/0x110
[  254.054458][   T30]  ? __pfx__printk+0x10/0x10
[  254.059075][   T30]  ? __rcu_read_unlock+0xa1/0x110
[  254.064116][   T30]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  254.070112][   T30]  nmi_trigger_cpumask_backtrace+0x198/0x320
[  254.076114][   T30]  watchdog+0xff4/0x1040
[  254.080368][   T30]  ? watchdog+0x1ea/0x1040
[  254.084798][   T30]  ? __pfx_watchdog+0x10/0x10
[  254.089479][   T30]  kthread+0x2f0/0x390
[  254.093556][   T30]  ? __pfx_watchdog+0x10/0x10
[  254.098243][   T30]  ? __pfx_kthread+0x10/0x10
[  254.102841][   T30]  ret_from_fork+0x4b/0x80
[  254.107297][   T30]  ? __pfx_kthread+0x10/0x10
[  254.111896][   T30]  ret_from_fork_asm+0x1a/0x30
[  254.116685][   T30]  </TASK>
[  254.120773][   T30] Sending NMI from CPU 1 to CPUs 0:
[  254.126541][    C0] NMI backtrace for cpu 0
[  254.126555][    C0] CPU: 0 UID: 0 PID: 12 Comm: kworker/u8:1 Not tainted 6.11.0-rc4-next-20240822-syzkaller #0
[  254.126576][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  254.126587][    C0] Workqueue: events_unbound cfg80211_wiphy_work
[  254.126619][    C0] RIP: 0010:ieee80211_sta_get_rates+0x2ff/0x660
[  254.126648][    C0] Code: 84 db 0f 99 c0 44 08 f0 88 44 24 07 4c 8b 74 24 28 49 bc 00 00 00 00 00 fc ff df 45 31 ff 4c 89 f0 48 c1 e8 03 42 80 3c 20 00 <74> 08 4c 89 f7 e8 27 1b c1 f6 49 63 c7 4d 8b 36 4c 8d 2c 40 4b 8d
[  254.126663][    C0] RSP: 0018:ffffc90000117798 EFLAGS: 00000246
[  254.126678][    C0] RAX: 1ffff1100fab461a RBX: 000000000000003c RCX: ffff888017a95a00
[  254.126691][    C0] RDX: 0000000000000000 RSI: 000000000000003c RDI: 000000000000005a
[  254.126702][    C0] RBP: 000000000000005a R08: ffffffff8b3b6cac R09: 1ffffffff203825d
[  254.126715][    C0] R10: dffffc0000000000 R11: fffffbfff203825e R12: dffffc0000000000
[  254.126728][    C0] R13: 000000000000000c R14: ffff88807d5a30d0 R15: 0000000000000005
[  254.126740][    C0] FS:  0000000000000000(0000) GS:ffff8880b9000000(0000) knlGS:0000000000000000
[  254.126755][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  254.126767][    C0] CR2: 0000557bf000f100 CR3: 000000007d7a2000 CR4: 00000000003526f0
[  254.126783][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  254.126793][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  254.126804][    C0] Call Trace:
[  254.126810][    C0]  <NMI>
[  254.126817][    C0]  ? nmi_cpu_backtrace+0x3c2/0x4d0
[  254.126844][    C0]  ? __pfx_lock_acquire+0x10/0x10
[  254.126872][    C0]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  254.126897][    C0]  ? nmi_handle+0x2a/0x5a0
[  254.126923][    C0]  ? nmi_cpu_backtrace_handler+0xc/0x20
[  254.126946][    C0]  ? nmi_handle+0x14f/0x5a0
[  254.126963][    C0]  ? nmi_handle+0x2a/0x5a0
[  254.126981][    C0]  ? ieee80211_sta_get_rates+0x2ff/0x660
[  254.127006][    C0]  ? default_do_nmi+0x63/0x160
[  254.127033][    C0]  ? exc_nmi+0x123/0x1f0
[  254.127058][    C0]  ? end_repeat_nmi+0xf/0x53
[  254.127088][    C0]  ? ieee80211_sta_get_rates+0x37c/0x660
[  254.127115][    C0]  ? ieee80211_sta_get_rates+0x2ff/0x660
[  254.127143][    C0]  ? ieee80211_sta_get_rates+0x2ff/0x660
[  254.127169][    C0]  ? ieee80211_sta_get_rates+0x2ff/0x660
[  254.127194][    C0]  </NMI>
[  254.127199][    C0]  <TASK>
[  254.127213][    C0]  ieee80211_ibss_rx_queued_mgmt+0x11e1/0x2d70
[  254.127240][    C0]  ? ieee80211_ibss_rx_queued_mgmt+0xf7e/0x2d70
[  254.127258][    C0]  ? __pfx_ieee80211_ibss_rx_queued_mgmt+0x10/0x10
[  254.127281][    C0]  ? mark_lock+0x9a/0x360
[  254.127299][    C0]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  254.127326][    C0]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  254.127354][    C0]  ? do_raw_spin_unlock+0x13c/0x8b0
[  254.127384][    C0]  ieee80211_iface_work+0x8a5/0xf20
[  254.127408][    C0]  cfg80211_wiphy_work+0x2db/0x490
[  254.127435][    C0]  ? process_scheduled_works+0x976/0x1850
[  254.127460][    C0]  process_scheduled_works+0xa63/0x1850
[  254.127497][    C0]  ? __pfx_process_scheduled_works+0x10/0x10
[  254.127525][    C0]  ? assign_work+0x364/0x3d0
[  254.127550][    C0]  worker_thread+0x86d/0xd10
[  254.127580][    C0]  ? __kthread_parkme+0x169/0x1d0
[  254.127607][    C0]  ? __pfx_worker_thread+0x10/0x10
[  254.127631][    C0]  kthread+0x2f0/0x390
[  254.127647][    C0]  ? __pfx_worker_thread+0x10/0x10
[  254.127670][    C0]  ? __pfx_kthread+0x10/0x10
[  254.127687][    C0]  ret_from_fork+0x4b/0x80
[  254.127711][    C0]  ? __pfx_kthread+0x10/0x10
[  254.127727][    C0]  ret_from_fork_asm+0x1a/0x30
[  254.127760][    C0]  </TASK>
[  254.128746][   T30] Kernel panic - not syncing: hung_task: blocked tasks
[  254.484168][   T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.11.0-rc4-next-20240822-syzkaller #0
[  254.494157][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  254.504216][   T30] Call Trace:
[  254.507587][   T30]  <TASK>
[  254.510522][   T30]  dump_stack_lvl+0x241/0x360
[  254.515215][   T30]  ? __pfx_dump_stack_lvl+0x10/0x10
[  254.520433][   T30]  ? __pfx__printk+0x10/0x10
[  254.525022][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  254.531026][   T30]  ? vscnprintf+0x5d/0x90
[  254.535373][   T30]  panic+0x349/0x880
[  254.539291][   T30]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[  254.545460][   T30]  ? __pfx_panic+0x10/0x10
[  254.549889][   T30]  ? tick_nohz_tick_stopped+0x82/0xb0
[  254.555280][   T30]  ? __irq_work_queue_local+0x137/0x410
[  254.560849][   T30]  ? preempt_schedule_thunk+0x1a/0x30
[  254.566227][   T30]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[  254.572406][   T30]  ? nmi_trigger_cpumask_backtrace+0x2d4/0x320
[  254.578573][   T30]  ? nmi_trigger_cpumask_backtrace+0x2d9/0x320
[  254.584744][   T30]  watchdog+0x1033/0x1040
[  254.589088][   T30]  ? watchdog+0x1ea/0x1040
[  254.593517][   T30]  ? __pfx_watchdog+0x10/0x10
[  254.598198][   T30]  kthread+0x2f0/0x390
[  254.602277][   T30]  ? __pfx_watchdog+0x10/0x10
[  254.606957][   T30]  ? __pfx_kthread+0x10/0x10
[  254.611555][   T30]  ret_from_fork+0x4b/0x80
[  254.615986][   T30]  ? __pfx_kthread+0x10/0x10
[  254.620595][   T30]  ret_from_fork_asm+0x1a/0x30
[  254.625380][   T30]  </TASK>
[  254.628758][   T30] Kernel Offset: disabled
[  254.633100][   T30] Rebooting in 86400 seconds..