last executing test programs: 19.595058255s ago: executing program 0: syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000080)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x20c092, &(0x7f0000000000), 0x6, 0x50d, &(0x7f00000006c0)="$eJzs3U1vI3cZAPBnHLubbQNOWw6lEtvQF2URrJM0fYk4lEbi5VQJUe7ZkDhRFCdeJU67iVaQfgIQqgCJC5y4IPEBkFA/AkKqBDcOnEAVZOmBCzIae9xNHDs4Wsezm/x+0mT+8//Hfp7HiSfzFk8AV9ZURLwdEWMR8UpElLP+QjbFYXtKv+/+0b2VdEqi2Xz3n0kkWV/3cz6VPSz1ve9E/CA5HXd3/2BzuVar7pzsPri1sbW8Xl2vbs/Pz72x8ObC6wuzA1aSFM8afToi3vrmpz/78W++/dYfvvb+35b+cfOHaVq3s/FedQxDu/RSjJ9YvjzS35tiq0IAAB4Hz0bEMxHxYkR8JcoxFmduRgMAAACPoeY3Jq51mgAAAMDlVIiIiUgKlex634koFCqV9jW8X4gnC7X6buOra/W97dV0LGIySoW1jVp1NrtWeDJKSbo812o/WH61a3k+uwb3w/L1dLk1BgAAAIzGYtf+/6fl9v4/AAAAcMn0Phk/NvI8AAAAgIvjYnwAAAC4/Oz/AwAAwKX23XfeSafm/aN7rfsArL63v7dZf+/WanV3s7K1t1JZqe/cqazX6+u1amWA/wio1et3XovtvbszjeJuY2Z3/2Bpq7633Vhq3dd7qfrMCGoCAAAATnr6hY/+kkTE4devt6bUE9lYKdfMgEdIUuzquP3lnDIBhuLcH/IztXcxiQAj1/03Hbg67OMDSXdH14bBeL9NhT92d9z4v7FscwAAQD6mv+j8P1xVhbwTAHLzk7wTAHIz8LH4qYvNAxi9ktv8wZV36vx/l/F+A6fO//fTbJ4rIQAAYOgm2rPDyM4FTkShUKl8dlowWduoVWcj4vMR8edy6Vq6PJdjvgAAAAAAAAAAAAAAAAAAAAAAAADwOGo2k2gCAAAAl1pE4e9Jdv+v6fLLE93HB55I/lNuzSPi/V+++/O7y43Gzlza/6/P+hu/yPpfzeMIBgAAAFxFpTNHO/vpnf14AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABim+0f3VjrTKON+shjXY7JX/GKMt+bjUYqIJ/+dRPHY45KIGBtC/MMPIuK5XvGTNK2YzLLojl+IiOs5x39qCPHhKvtoMSLe7vX+K8RUa977/VfMpof1yWLrTd4zfmf9N9Zn/fe5AWM8//HvZvrG/yDi+WLv9U8nftIn/ksDxr/9/YODfmPNX0dM9/z7k7RnhewbG1t3Znb3D25tbC2vV9er2/Pzc28svLnw+sLszNpGrZp97Rnjp1/6/eGHfetvBzgev1PnZDvDH/Wr/+UB6//vx3ePnm03S6fjR9x8qffP/7nWvPfrn/5OvJK9POn4dKd92G4fd+O3f7rRL7c0/mqf17/98y83H8Qvnqj/5mDlH6/5V4M9BAC4SLv7B5vLtVp1ZwSNF18b3hMmrUa6FTSi5PNudA52PCr5jOcT/VrkW/u3Hvp5OpvDD/M8fx1aXek+Q++hHFdKAADAhXiw0Z93JgAAAAAAAAAAAAAAAAAAAHB1tf7/f+ycHwT4wvk+aaw75mE+pQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnOl/AQAA//9DhsFC") 19.00545292s ago: executing program 0: r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$F2FS_IOC_GARBAGE_COLLECT_RANGE(r0, 0x4018f50b, 0x0) 18.661385471s ago: executing program 0: r0 = openat$kvm(0xffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f00000000c0)=ANY=[@ANYBLOB="010000000000000095000040"]) 18.403600568s ago: executing program 0: r0 = syz_mount_image$btrfs(&(0x7f0000000300), &(0x7f00000015c0)='./file0\x00', 0x0, &(0x7f00000008c0)={[{@metadata_ratio={'metadata_ratio', 0x3d, 0x1}}, {@nodiscard}, {@treelog}]}, 0x0, 0x559e, &(0x7f000000ac40)="$eJzs3X9sVeX9B/BzWwoN+C39jhUYfxAgBoMkyJYtjqB4MQa24eKlgsKcCEQlBivYRDcYqUWSZcaghU4EF5GQaDJjscM/FMywy7CMZfzY5hZjs4JSaZZsAzVrHDG69N77XO49l9tembNOXy/SnvPcz3me+9yT88d9X/qcGwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAURUcSc9+d0f3i0ZE1X77/Hz+e+OjGn4zfvX/roVvu23T/gjMjbto5a1nf+mlN8zdsbDjS/PS+ObdGUSLdL5Htf9u136q/88bbvlsdBly+MLOtrS31lJmuJzON4QUP9vcr/FkRRVFVbIDK7PbV7E5FwQC53cbiAQf0Tuui6O7J8ya1dT01bklyYU/xS6df9VBPYKhkr6ue89dSMv27InZErp136SUKLtFM//gF96m8CADgY5mZSm9yb0ezb3Fz7eZ4PdZOxtotsXZ4h9CS37gYmXGHl5rnpHh9iOaZzESFESXnGatnz3+unYr3j7VjUeNjzLPw0GykqS41z7Wx+lDNEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCzZOzxo2tWtD2y575fdtQceff9OVc+8KWOw22LT4y8eunKHWum/HTWsr7105rmb9jYcKT56X1zbo2i2nS/RKZ74kTL5b9NjZ3fvXfcG427n6vpq8yOG7bD8g6OXg87s0ZH0cq8Sk8Y9q81UZQqLKSb0Y7iwl3pnW+HAgAAAJ8nX0n/rsi1M3GwqqCdSKfJRPpfkAmL77Quiu6ePG9SW9dT45YkF/Zc/HipEuMlLzherl17/ieRF4xD/I2Pd74eDm0sGmdg8RHjef7SMWPefmty/eSvT5v7xA3PjOru+r8nZ2xJ/bGu5oUrru+tf/a6ovxfO3D+D2dO/gcAAOA/If/HxxnYYPn/jqVTt7z+i2Grft3a8MTB+h1/bv3OMzsXneq54Ud9L09N3v7o1UX5f1LBUxbl/zDjkP8roovL/wAAAPBZ9t/O/8micQY2WP5vONM3+wcHX6vr+PucxXt+9dAVi8+e/tv8U7t3DV9zR8v6uoeuLMr/M8vL/8Pypx0e/F2Y8OrRUTSz/JMKAAAAFAj/737+o4WQ1zOfHMTz+rX/vKp5380ffPMbD97zpzff/s2xA7MnrdteN/PgyzfVf1j5ve3dRfk/WV7+r/p0Xi4AAABQhuePrpw773jPucfPvtB18vDu3pMznjyzrqnvdOslLatXbTr2WlH+T5WX/0cMzcsBAAAALuDeO59bsfnVl/oe2H/X2Ck9FVc1XpK4ZduOqU0TPuq8tPfy7VuL8v/y8vL/yOw2u/Ih06kz/BVC6+goqu7fWZspHIparskVAAAAgE9IyOlbP1ixbOzOsb3jj59+rObQG4dn/2Vt55yN13RXdW/uXNZ4WdH9AkJiL3X//3Cng7D+v+D+f0Xr//MKmbv+zXZjAAAAAL6Iitfzh9vjZ765oNT375e7/n9J3cQTiba33lv11XMHzo1ZsP/7129aV9/be8+El37/wz9M/6i6KP83l5f/K/O3n+T3/wEAAMBF+F/7/r+lReMMbLD7/zdV9DWsWrd3+uota7csTCw7UH3qwdV731+w5l9Tb36+qea6A0X5v6W8/B+2o/JfXkc4P5tGR9H4/p3s3QR/Hqa7OlZor8orZE58rMeNoUe20D4ir5C2Ntbja6OjaHL/TnOs8P+h0BIrnK3JFnbFCsdCIXs95Ap7YoWOcKVtq8lON154MRSyCyzawwqKUbklEbEe75Xq0V+4YI+u3JMDAAB8oYTwnM2yVYXNKB5l2xODHTBysAMqBjugcrADhsUOiB9Y6vFoeWEhPH575yMbNjVMSb7y8NzHfvbms40T9j1+WV3v5g9f2XbvxJ3TW6YW5f9d5eX/cCqGZzal1v9HYf1/9nsNc+v/l4dCbazQHgqp+B0DUuE5MmH34fActalsj7PjcwUAAAD4XAufC1QO8TwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/s3evcdJVd0JAj/d9INumqaNE9GMk3TUgGakaWwNw+AoaoxGRZpZddxkNBBoEGmE8FgFURtQZxziZ3ztrJnoCAoiu+qHGFeDwUhcxIw6iWLiA/Cxjq7r+h6VGM2E/XTfOkXVrS67EFDa+X7/6DpVv/O89eg69946FwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/xjuPfjlk4YunP0PHzace8nqqqmL/kfH6Mv+cNW3vvjUPy5b9G9h/i9GnLll3kEXHjd/wbR/6Vi++ogzQmjtKleWFC977oqvPtS613HP3jFw48wbb63fUpWpNxMP/Tr/lGfuXBxbfbF/CHeXhVCRDgypSwKVmft1sb5960LYI2wLZEu01SYl0g2HB2pCWBK2BbJVra4JoS4ncMqG+++7vDNxTU0IXwkhVKfbeKY6aaMmHRhUlQRq04HpFUngt1sT2cBPypMA7LD4Zsi+6Fe15mdo6L5ckddf5U7r2KcrPbw+MdFQPN/rR+3iTuWoSj/QukNPW0F17BIFb4+13m294N1WsJ2v8LTlfpHKfEPZui1UHcontk0aP6d9dnykPDQ19SlW0y56np9+e/6E7Un3mtdh7EDDTnkdXvrYiun9lo2+9OrNvxqz4ayaA3a0m0/lbNLc9K5WHTKvuV7zPEajfJ70grdfwbekRl+6Qghbzz17xtfnTDz7iD63PLnu1QcfrNty9pwFvzhz4nmLLj55w7/Pf6lg/t/w0fP/+HKOt+V5uWOrH9Ync/P4SF1MvFmfzM0BAACg1+gNe01Xnv/6X73+/bWtMxed/u23Dj73w71afz3i/gFVB7yxrqn1/I2ff6Vg/t9Y2vH/eMi/Lne0a0MY1ZVYNCCEvbseTwIrY3e+OyCEL3elWvMDR6UCa0PYpytxULaqVIm+sURjKvByfSYwKhVYHwOtqcDyGLgiFbg4BlalAhNiYG0qcHQMhCn54/hqfWYcJQdqYmBcshFXxbMQ3qmPraW21aZsVQAAADtJZnZYmX8351yHHc0Qp5eranrKEM/ALpqhOlVDegabnVYVraGipxrKe6ohO+6Ojx5+Qc1lPdVccBpGWX6GG9f85X2LXjzsC2P3mvj5xUMvmPKz8eGst++uerx5yYtv7XvEzesK5v/NHz3/r+6mI2UFx/9DGNv1N+Yuz0Tas/FxrXkZAAAAgB1w0R//xR61Lw85oGHT+2X3zl/7xKMrfrl5j1NOf3/c8a//8PCaxnsL5v+jSjv/P+4T6ZOTOTwSd0NMHRBCc34gqXZkYSA56t0vEwAAAIDeIHs8PnssfErmNjlFOz2fLszfup3544H/Ud3m//09/7P2jq3/+mLZBd89d0TNgKX/9GrHhBNOPvqW47/1zj4VB/yyvGD+31ra+f+1+bdJJ9bHXlw9IIS+OYEHYy87A10aY+D5I/MDmfGvjxtgcawqc2JCtqrFscS4GGhOBZYUK/FotsTe+YHMk5VtfFF2HFMyJXICAAAA8ImLuwPicfl4/n/LGSNO++vvzfrbha88eN7qCy75q+Ed80eedP/THzbMvXJp2PTmEQXz/3Hbd/5/1zy44PT+9n4hDK0IoU/6hwGP1CYLA8ZAXVkmcW9tUlefdFULa0MY2TmwdFUvZNb/r0ivMfh4TVJVDOy93y1vD+pMLKsJYWhu4IlvLz2sMzEnFcg2flpNCF/qHG268bv6Jo1Xphu/tm8IX8wJZKua0DeEzsaq0lX9r+rMdQzSVa2qDmHPnEC2quHVIcwNAPRW8X/pxNwHZ82dN3V8e3vbzF2YiDvxa8KkKe1tTROmt0+sLtKniak+561jtKBwTKVe+mZTZo2ixSsnV5aSzv5QsDm3rcyO/IIzBzP345ehyq5xHlKZd7clPeQD9y9sIuR8lSo25PJdPOTa3Eq2PYkF9cf8VaFf6DtnVtvMpvPGz549c1jyt9TshyR/43GmZFsNS2+r2u76VsLLo+hyWSkfd1sNyq1k6OxpM4bOmjtvyJRp4ye3TW47p+XQP2sZMXz410YM7RxUc/K3h5EO6q7m1Ei3Li1xWDtxpF+oyKnkk/jQkJCQ6G2J/f7L5odH77n+nOt/9tqPz+/3zdPu3fvImT889KqpD1Xve/ji24ccWDD/n/HR8//4qRM/+DPrMxQ7/t8QD/Mnj287zD8uBpaUevy/odjR/OyJAY2pQEcMdDjMDwAAwGdD3B0Z92bGndKbb1m/buOSlrk/aHin5dY17Utvuum+U39y58ATvjQ47LXhuhM+VzD/7yjt9/87af3/7NL1JxRb5v+gWKK52Pr/6WX+s+v/dxRb/z+9zH92/f8ln8L6/3OygdQmecf6/wAAwGfBJ7f+f4/L+6cvEFCQocfl/dMXCCjI0OMy/qVeIGC71/9f8+Bff6Wq35g7/qTlN/WXvPZ39xzWeuS6zTP/5Etb10+877qxt6wpmP9fUdr838L9AAAAsPv4z5ddU3H02Xff0bJu6sZxbw5+98m3lgzq80HF0Q+3j3xh4Bu3nlcw/19S2vz/k1//LxQ7/7+xWKC12MKA1v8DAACglyq2/t89Q1sa/zCm/x+eHvab5Q/ePPqnj/z898v3+/mJPyvfZ8Gxz8+8bFLB/H9VafP/eNpFeV7u2JsP65M17UJ6Tbs367M/GQAAAIDeoTw0NVWWmDdvYdSjPn6bT2eWAv2odK7vvXLt2ZtfmH7c46ev+7uaEwbvOWHaBasa/2b4gXd+ftQley7ddGrB/H9tafP/vN9lXPrYiun9lo2+9MOrN/9qzIazag7YdvwfAAAA2HVK3S8BAAAAAAAAAAAAAAB8+s7tWHzhI8uOfe+bt//F/kcseXXwbXcd+Lsh/V664qoHJq1648zJXy/4/X8Y21Wu2O//43X/4u8L/igvd2y15/X/MvdPOfH2uV1LFj5SH8L+uYGpC6fuETLX5h+cG7jvjIMGdiYWpkusefbolzoT30kHjh/yuS2dicNTgXFxkcR90oF4VcUt/VOBuLzi4+lA3B6r0oGqTOCy/sk4ytLb6pW6ZFuVpbfVxroQBuQEstvq7rqkjbL0AK9JBbID/F46EAd4ciZQnu7V7f2SXsVAXSx6Q7+kVwAA7Lbit8DKMGlKe1tz/Aofb79QkX8b5S1ZtqCw2rISm9+UWZps8crJlaWk+6S/i2671nhlqO4cwrCCr6u5Wcq6Rrlzaulh0/1RkSH3tNpbeZFyadu76aqKj6gmGVHThOntEyt7HHhLz1kOqegxy7CCyU5ulvKuTVpCLSX0pYQRlbhtSuhyvF8empr6pHL9eQw2hDw9vSJK/b1+7jp/xV4FuXluO/TKt758zE+f++CfP/9E/2+cVnP7rO+/e+KvX7//wEOOuG5C05otBfP/htLm/9W549qSuRhAR7yy3sgBIYwrcUQAAADw2XfbRbfecfr09a9MWlvx5GOPTS0fc3rl1vl3zp93ycZ7Fx9/2cErdjR+2Fm//f5vBu//b89e9dJPR+7zwA03/58nD3v8z3//8I8eeqduZZ+x7xXM/xtLm//HPViZQ8HJ3o618fr/iwaE0HVp/YYksDIO97sDQvhyV6o1lkguqH9CLNGcBFbGHSYHxRLjWvOr6hsDq1KBl+szgbWpwPoYyOyluCVkduVcWR/CYV2psfklZsQSDanAmBhoTAWaYqA5FegfA6NSgdf6ZwKtqcDDMRCm5G+rH/fPbCsAAIDtkZlnVebfDel53qqKnjKU9ZShtqcM5T1lqO4pQ7FRxPt3xAyVqZNXynIyVaZrrUnVUpAhXgx/u/tVkCE8mp8zXbCg6Xj+QfZ8g7L8DFf+4NlT1w+e/tDqzcd8beBt/zhkz4Obp9e9t+CGp3475pzrnv/TQQXz/+bS5v+1+bdJ6+vj/H/b9f+SwIOxe1fHU8cbY+D5I/MDmR0D6+Nkd3G2qtZMicykfXEsMSoGGlOBGTEwKhUYNzYTWDIwP5CZaWcbX5RtfEqmRE4AAAAAPnFxB0HcTRPn/zce9YOr3x8wccuyeTPvH9vyxMmjv3H1XT+6d/9ld767YvCAce99p2D+P6q0+X9sr19uYxfH3rzYP4S7y7b1JhsYUpcE4n6Muvjz+H3rQtgjZwdHtkRbbVKiKtVweKAm+YV6Vbqq1TXJGgPx/ikb7r/v8s7ENTUhfCVn70u2jWeqkzZq0oFBVUmgNh2YXpEE4p6fbOAn5UkAdlh2r2B8QWVOdclq6L5ckdffZ+WaoOnhFewD7SZfd7+52lWq0w9k9qlmbd/TVlAdu0TB22Otd1tvfLc1eLflfpHKfEPZui1UHcontk0aP6d9dnwk95esBXbR85z7K9VS0jvhddjx8Xvbs+p0B5pTHx/N3Zfr/nVYFqu79LEV0/stG33p1Zt/NWbDWTUHlNyNIuIPhX+05X9XPpWzeXe16pB5zfW6z5NWnye98d9Ao6cthHDZ9cfsu+TdX+/33A3Pnbqu7Maxr/7lrHs2Lf+bysNHrXv/yaGjLy+Y/7eWNv+vSN12+V3cmLMGhHBgzsZ9JG7+YwYkn4M5geRTcs/CQHLI/V/ri35yAgAAwM6W3d2R3V8wJXObnBCenicX5m/dzvxxf8WobvOX2u9j121cedLQN6474G8vOPGNv7/28Kceuv6ysnXL//vYD1avuXzxe08UzP/HffT8v2+qm47/O/7PLuL4f7d2913RfdMPdOzQruiC6tglHP/v1u7+bnP8v1uO/zv+3x3H/3vg+H+3dvenreBb0gxfujonwdff+fPfTbzpg7mN+x180lPPHDrxun+6quXuu0555b+de9601761uWD+P6O0+b/1/7pftC+7/t+4Yuv/zSi2/l+H9f8AAIBdqshCc+l5XsHqfQUZ0qv3FWTocYHAHpcYtP7fdq//t3Dkv1904Q+fb7n2nTvHXb5m07Fnvvr0utXPzFpx3Lnnv9V6112tBfP/jtLm//Hl0C+39d6y/l/j2CJVXREDMywMCAAAwO6o2A4CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPl2HnvbO+5d8/R/aBv1ixc1/f+v/+7/P1q594JvfuGn4L6f86RllazZcM+LMLfMOuvC4+Qum/UvH8tVHnBHClK5yZUnxsueu+OpDrXsd9+wdAzfOvPHW+i3VmXorM7d/nJc7tvphfQhLch6pi4k36zvvbAuccuLtcys6E4/Uh7B/bmDqwql7dCaW14cwODdw3xkHDexMLEyXWPPs0S91Jr6TDhw/5HNbOhOHZwJl6e5e1z/pblm6u5f3D2FATiDb3bP751eVbeO4TKA83caKuqSNGKiLRa+tS9qIgfZYYkrfEIZWhNAnXdU/VydV9UlXdU91UlWfdFUXVYcwMoRQka7quaqkqor0yB+tSqqKgb33u+XtQZ2JpVUhDM0NPPHtpYd1JmamAtnG/1NVCF/qfMmkG/9xZdJ4Zbrx/1oZwhdDCFXpEu9VJCWq0iVeqAhhz5zAto1YEcLcwGdD/PSZmPvgrLnzpo5vb2+buQsTVZm2asKkKe1tTROmt0+sTvWpmLKc9NYFH3/sm96eP6HzdvHKyZWlpCsy5Sq7unxIZd7dlt2997FftbmVbHs+CuqP+atCv9B3zqy2mU3njZ89e+aw5G+p2Q9J/vbJRJNtNay3bKtBuZUMnT1txtBZc+cNmTJt/OS2yW3ntBz6Zy0jhg//2oihnYNqTv7ujJEu/eRH+oWKnEo+ife/hIREb0uU5326Ne/un+MFX/S3dbQyVHd9QBdMK3KzlHWNcmcM+qiPOeKP8zWlxxENK5g4FGQ5pOcsLQWTiW1ZapIsXV/rCiaHuTWVd23SeL88NDX1KbYdGvLv5m7e13dg8z6d2XSlpgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+P/swIEAAAAAAJD/ayNUVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYQcOBAAAAACA/F8boaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgo7cCwAAAAAIMzfOoyeDQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4FAAA//8fSxmR") ioctl$BTRFS_IOC_QGROUP_LIMIT(r0, 0x4010942a, &(0x7f0000000040)={0x0, {0x27}}) 16.101712379s ago: executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000003c0)={'lo\x00', 0x0}) sendmsg$nl_route(r3, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=@newlink={0x3c, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_VFINFO_LIST={0x14, 0x16, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, [@IFLA_VF_SPOOFCHK={0xc, 0x4, {0xfffffff9}}]}]}, @IFLA_MTU={0x8}]}, 0x3c}}, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000780)={0xffffffffffffffff, 0x18000000000002a0, 0x0, 0x0, 0x0, 0x0, 0xf000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) r5 = inotify_init1(0x0) fcntl$getownex(r5, 0x10, &(0x7f0000000140)={0x0, 0x0}) syz_open_procfs(r6, 0x0) 14.498516094s ago: executing program 0: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001f4a46d4850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10) r2 = socket$igmp6(0xa, 0x3, 0x2) setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x36, 0x0, 0x0) 9.034184173s ago: executing program 1: syz_open_procfs$namespace(0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000200), &(0x7f0000000080)='./file0\x00', 0xa08886, &(0x7f0000000040)=ANY=[@ANYRES32=0x0], 0x9, 0x2a8, &(0x7f0000000500)="$eJzs3F9IU38Yx/HHPz/1Z+hGRFBQPeVNRRzcrgMdoRENjHJhCcExz2rstI2dsZqEWxB400U3/buuIEIQoosgELvoKpTwrovuvPMiu0oiOjGnudnUMnWS79fF9rDn+zl8z58dtu9g08fvXouGHSNspqS6oUqq2yUns1XilWpZkJMj10fe7zt34eLpQDDYcVa1M9Dt86tq84HR3pvDh8ZSO86/bH5dL+PeS9Mz/qnx3eN7pr93X404GnE0Fk+pqX3xeMrssy3tv+9EDdUztmU6lkZijpUs6YfteCKRUTPW39SYSFqOo2Yso1Ero6m4ppIZNa+YkZgahqFNjYKVDacfBZbvhp7Puq7MpN65bn1OXNfNv9iwidNDhc2df9ctOv93Kj0lbKKim3qDiD2UDqVDhedCPxCWiNhiSat45JvkrxH38Yg7d6nkH2/4R4KTR9++UVWvDNrZ+Xw2HaopzfvEI95CpqBQd54Kdvi0oDT/nzQW5/3ikV3l8/6y+To53FKUN8Qjk5clLrZMjB78MtU19GAhP+hTPdEVXJL/X/oXD9OzzxU6PwAAAAAAAAAArIWhP5VdvzfyA24PqGrTkn4hX+73gaXr861l1+drZW9tZfcdAAAAAIDtwskMRE3btpJ/WeS/yq/Hdv694smt3x+8v3PlMS1tNRPtH3KJrbBff1B87dkS0ygtZH71abXBNev8TlksPq3Ldqrm57f8mJO9H1+sup26X47PcsY2/q4EAAAAYCMsfuhvk2z4VTrbc+xepecEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMB2s4a/HJt4WK6l+WLn03KtSu8jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADASn4EAAD//xAR0Ao=") r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) getrlimit(0x0, &(0x7f0000000240)) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() setrlimit(0xf, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r1, 0x0, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x80) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x18, 0x3, &(0x7f0000000000)=@framed, &(0x7f0000000340)='GPL\x00'}, 0x90) syz_genetlink_get_family_id$batadv(&(0x7f00000003c0), 0xffffffffffffffff) stat(&(0x7f0000000380)='./file0\x00', &(0x7f0000000a00)) r4 = open(&(0x7f0000000100)='./file0\x00', 0x60c2, 0x0) r5 = open$dir(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) write(r4, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e6", 0x1e0) sendfile(r4, r5, 0x0, 0xef85) 6.695916843s ago: executing program 1: r0 = socket$kcm(0x2, 0x5, 0x84) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) close(r2) recvmsg$unix(r1, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x18}, 0x0) sendmsg$inet(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="020b070002", 0x5}], 0x1}, 0x0) setsockopt$sock_attach_bpf(r0, 0x84, 0x7b, &(0x7f0000000000)=r3, 0x8) sendmsg$inet(r0, &(0x7f0000000380)={&(0x7f0000000100)={0x2, 0x0, @dev}, 0x10, &(0x7f0000000540)=[{&(0x7f0000000240)="b2", 0x1}], 0x1}, 0x0) 5.891478437s ago: executing program 1: syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x818, &(0x7f0000000880)={[{@init_itable}, {@nombcache}, {@commit}, {@errors_remount}, {@resgid, 0x0}, {@usrjquota}, {@nouser_xattr}, {@nombcache}, {@orlov}, {@nobh}, {@data_ordered}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0xff}}, {@sb={'sb', 0x3d, 0x1}}, {@lazytime}], [], 0x2c}, 0x0, 0x4e9, &(0x7f0000000240)="$eJzs3ctvVNUfAPDvnT5of8Cv8+Pni4dSRWPjg9LyXLjRaMLGxERjcFnbQpAChtYESGOrMZiYqOEv8LEz8S9wpRujrjRuNW6NCTHdgC7MNXfm3mHK9DW000Ln80kGzr1z75zzvecces493GkAbas/+yOJ2BYRv0REX3Vz/gH91b9uzE2P/jU3PZpEmr78Z1I57vrc9GhxaHHe1nxjoBRRei+J3QvkO3np8pmRiYnxC/n24FQpT50dOTV+avzc8LFjhw72Hj0yfHhN4szKdH3X2+f37Dz+2tUXR09cff37L7Pypvn79XFUlZvMoaNhT3/0z7+WdR5r8tPvdNvr0knnBhaEpmStNquurkr/74uOuFl5ffHCuxtaOKCl0jRNtzTsrf0sm03rJUn1BGCTSFbepbMxcUvLAqyn4gf99blspjo92jgP3tyuPRuVGVAW9438VX2nM0rZHL5cnRt1tSj/eyLixOzfn2SvaLgP0apcAYB29nU2/nmqOu4oXtV3SnFf3XH/zdeGyhHxv4jYERH/z8cv90ZUjr0/Ih6I7to52Yiy8d7SfP23bDeOP3/qXWWIS8rGf8/ka1vzx3/FelSUO/Kt7ZX4u5KTpyfGD+TXZCC6tmTbQ40fXQv9m+d//nix/Pvrxn/ZK8u/GAvm5fij85aLODYyNbLauAvX3qlM6Wca409qKwFZPe6MiF0r+cCe+ZvZNTv9xBd7Fjt8+fg/WjyvNVhnSj+LeLxa/7NxS/yZ7jw1OHX2zcHJS5efPl2/Pjl09Mjw4cGemBg/MFi0ikY//HjlpTzZMKBfPv7Wyur/Pwu2/9rKZTmpX6+dbD6PK7++v+ic8nbbf3fySiWd1c+HEXFxZGrqwlBEdzJb2x/F/uGb514c6b25f6ga/8C+hfv/joh/Ps3P2x0RWSN+MCIeioi9edkfjohHImLfEvF/99yjbyw2mbsT6n+sqfpvPtFx5tuvGjL+oH+F8Wf1f6iSGsj3jI1M9SwX10oLuOoLCAAAAHeBvRGxLZLS/uo9znQmorR/f8TW2h2UyaknT55/69xY9RmBcnSVijtdfXX3Q4fye8PZdnbWcERnue79g5X7xmmapr3ZdjZ/n9i+saFD29ua9/+efI1jW5Qq/T/ze+MjLcBm09Q62mJPtAF3pdtfR0/XtBzA+vO8NrQv/R/a14r7v+fRYNNZqP/PRNzYgKIA62yh/v/qBpQDWH/m/9C+9H9oX/o/tKXVPNe/VGLH8SWOSTpbk+niiVIs/S0A5YhiT/EfHJf+wN9KEWtTwo41jbR3BXXaE2uRV5SWPaaziS9iyBPF7w5ocZMorW/zWzqxJSKWab21xjZTJC63umCVavh8A/9pAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAWBP/BgAA///OQ84N") r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(r0, 0x40106614, 0x0) 5.47346208s ago: executing program 1: socket$inet6(0xa, 0x0, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000003c0)={'wlan0\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000004f00000008000300", @ANYRES32=r1], 0x2c}}, 0x0) 4.966410941s ago: executing program 1: openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) splice(0xffffffffffffffff, &(0x7f0000000140), 0xffffffffffffffff, 0x0, 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x100002, 0x0) bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) sendto$packet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) prlimit64(0x0, 0x0, &(0x7f0000000140)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r3 = dup(r1) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x11, &(0x7f0000000240)={[{@nombcache}, {@debug}, {@norecovery}, {@grpid}, {@init_itable_val={'init_itable', 0x3d, 0x4}}]}, 0x9, 0x61b, &(0x7f0000000800)="$eJzs3c9rHGUfAPDvTDY/mrzvm7S8vK+92IBIC9qkSVspItjitZT64+YpNmmpTZvSRDS1YAr1oogXD4InD9b/QgtePXj14MWDSCGI9GCl2pXZzKa72Wyy+bG7SfbzgUmemcnO852Eb55nn31mJoCONZx9SSMORsT1JGKwYl8h8p3DSz/34PdbF7IliWLx9d+SuPVBslB5rCT/PpC/+O/BSH5IIw501dY7O3/zysT09NSNfH107ur10dn5m0cvX524NHVp6tr4C+OnTp44eWrs2JbOr1BRPnvn7XcHPzr35ldfPErGvv7pXBKn43EeW3ZeK1/bu6Was9/ZcBSXPHyyNS19PbXFY+8UfwxW/44zycoN7FgX8xzpjoj/x2B0Vfw1B+PDV9saHNBUxSTKbRTQcZL187+7dlNfc4IBWqjcDyi/t1/tfXCttMm9EqAVFs8sDQAs5X53RJTzv7A0Nhh9pbGB/gdJ1ThPEhFbG5lbktXx/Xfn7mRL1BmHA5pj4XZ5lHtl+5+UcnMo+kpr/Q/SqvxPK5Zs+2ubrH94xbr8h9ZZuB0RT+Xtf09sOv/f2mT98h8AAAAAAAC2z70zEfH8avP/0uX5Pz2rzP8ZiIjT21D/+p//pffzQrIN1QEVFs9EvFQz//evytnBQ1355/z/Ls0H6E4vXp6eOhYR/4mII9Hdm62PVR+2aoLw0U8OfF6v/sr5f9mS1V+eC5gf6n5hxYW4kxNzE9tz9tDZFm9HPCzN/z2Ub6me/5O1/0lN+//xK1mCX2+wjgPP3j1fteGXJ/8e1s9/oFmKX0YcXvX6nyfd7WTt+3OMlvoDo+VeQa2n3//0m3r1y39on6z97187/3uTyvv1zG7s+D0RcXy+UKy3f7P9/57kja7y8TPvTczN3RiL6EnO1m4f31jMsFeV86GcL1n+H3lm7fG/5f5/RR7ui4iFBuv83+OBn+vt0/5D+2T5P7l2+z9U3f5vtNAX43eHvs1vMVbjfEPt/4lSm34k32L8DyrV3o+j0QRtS7gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsMulEfGvSNKR5XKajoxEDETEf6M/nZ6ZnXvu4sw71yazfdXP/x9cWk/Kz/8fqlgfX7F+PCL2R8RnXftK6yMXZqYn233yAAAAAAAAAAAAAAAAAAAAsEMMlK75L/auvP4/82tXu6MDmq6Qf5fv0HkKm35lsXdbAwFabvP5D+x2jed/d1PjAFqvfv4/fFQsaWk4QAvp/0Pn2mT++7gA9gDtP3SqBsf0+podB9AODbf/i82NAwAAAAAA2Bb7D937MYmIhRf3lZZMT77PZH/Y29J2BwC0jTm80LkKM+2OAGgX7/GBZLn056oX+9ef/Z80JyAAAAAAAAAAAAAAoMbhg67/h06VRqzxCG9z+2EvW+P6/9WS3+0CYA+p/+iPRtr+RA8BdjHv8YH12nHX/wMAAAAAAAAAAADADtB388rE9PTUjdn53Vd4eWeEsbHCwsSOCGNbC4/X+5nyY+Y3duTuiNgZJ9jqQvkWHG0Mo43/kwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgCr/BAAA///kPC2+") fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='blkio.bfq.io_serviced\x00', 0x275a, 0x0) write$binfmt_script(r4, &(0x7f0000000100), 0x208e24b) 4.620928371s ago: executing program 2: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = syz_genetlink_get_family_id$nl802154(&(0x7f00000006c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_NEW_SEC_DEVKEY(0xffffffffffffffff, &(0x7f0000000980)={0x0, 0x0, &(0x7f0000000940)={&(0x7f0000000000)={0x4c, r0, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}, @NL802154_ATTR_SEC_DEVKEY={0x2c, 0x2f, 0x0, 0x1, [@NL802154_DEVKEY_ATTR_FRAME_COUNTER={0x8}, @NL802154_DEVKEY_ATTR_EXTENDED_ADDR={0xc}, @NL802154_DEVKEY_ATTR_ID={0x14, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_INDEX={0x5}, @NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0x1}]}]}]}, 0x4c}}, 0x0) 4.465038391s ago: executing program 2: syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) sendmsg$NL80211_CMD_VENDOR(0xffffffffffffffff, 0x0, 0x0) openat$incfs(0xffffffffffffffff, 0x0, 0x0, 0x21) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) socket(0x0, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) syz_emit_ethernet(0x52, 0x0, 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) syz_emit_ethernet(0x4e, &(0x7f0000001780)={@multicast, @link_local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00', 0x18, 0x3a, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast2, {[], @ndisc_na={0x88, 0x0, 0x0, 0x0, '\x00', @private1}}}}}}, 0x0) 4.037707017s ago: executing program 2: openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x100002, 0x0) r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x3c1, 0x3, 0x460, 0x258, 0x4c, 0x200, 0x258, 0x0, 0x390, 0x2e8, 0x2e8, 0x390, 0x2e8, 0x3, 0x0, {[{{@ipv6={@mcast2, @mcast2, [], [], 'veth1_to_bond\x00', 'ip6gre0\x00'}, 0x0, 0x230, 0x258, 0x0, {}, [@common=@unspec=@cluster={{0x30}}, @common=@inet=@policy={{0x158}, {[{@ipv4=@dev, [], @ipv4=@broadcast}, {@ipv4, [], @ipv4=@broadcast}, {@ipv4=@multicast2, [], @ipv6=@mcast1}, {@ipv6=@loopback, [], @ipv6=@private2}], 0x1, 0x2000}}]}, @common=@unspec=@NFQUEUE2={0x28}}, {{@ipv6={@ipv4={'\x00', '\xff\xff', @broadcast}, @private1, [], [], 'team_slave_0\x00', 'xfrm0\x00'}, 0x0, 0x100, 0x138, 0x0, {}, [@inet=@rpfilter={{0x28}}, @common=@unspec=@realm={{0x30}}]}, @common=@inet=@SET3={0x38}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x4c0) 3.819702212s ago: executing program 2: r0 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TIOCNXCL(r0, 0x540d) 3.591670284s ago: executing program 2: pipe2$9p(0x0, 0x0) write$FUSE_BMAP(0xffffffffffffffff, 0x0, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg$nl_route(r1, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="70000000200001002cbd7000fddbdf250a0020440000000c12000000050016003a00000014000200fe80000000004000000000000000000008000a000000010014000100fe8800000000000000000000010000000000030062726964"], 0x70}, 0x1, 0x0, 0x0, 0x4}, 0x24000006) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000003c0)=ANY=[@ANYBLOB="5c0000001000390400"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000003c0012800b000100697036746e6c00002c000280140003002001000000000000000000000000010114000200fc0200"/68], 0x5c}}, 0x0) 3.357031844s ago: executing program 2: bpf$PROG_LOAD(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8}, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000800)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000008000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r1}, 0x10) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(0x0, 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000b40), 0x2b842ac, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) 3.343408562s ago: executing program 4: r0 = openat$vmci(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0) ioctl$IOCTL_VMCI_CTX_REMOVE_NOTIFICATION(r0, 0x7b0, 0x0) 3.119426676s ago: executing program 4: r0 = syz_init_net_socket$ax25(0x3, 0x5, 0x0) getsockname$ax25(r0, 0x0, 0x0) 2.965746547s ago: executing program 4: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = syz_genetlink_get_family_id$nl802154(&(0x7f00000006c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_NEW_SEC_DEVKEY(0xffffffffffffffff, &(0x7f0000000980)={0x0, 0x0, &(0x7f0000000940)={&(0x7f0000000000)={0x4c, r0, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}, @NL802154_ATTR_SEC_DEVKEY={0x2c, 0x2f, 0x0, 0x1, [@NL802154_DEVKEY_ATTR_FRAME_COUNTER={0x8}, @NL802154_DEVKEY_ATTR_EXTENDED_ADDR={0xc}, @NL802154_DEVKEY_ATTR_ID={0x14, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_INDEX={0x5}, @NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0x1}]}]}]}, 0x4c}}, 0x0) 2.862947698s ago: executing program 4: r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x3c1, 0x3, 0x460, 0x258, 0x4c, 0x200, 0x258, 0x0, 0x390, 0x2e8, 0x2e8, 0x390, 0x2e8, 0x3, 0x0, {[{{@ipv6={@mcast2, @mcast2, [], [], 'veth1_to_bond\x00', 'ip6gre0\x00'}, 0x0, 0x230, 0x258, 0x0, {}, [@common=@unspec=@cluster={{0x30}}, @common=@inet=@policy={{0x158}, {[{@ipv4=@dev, [], @ipv4=@broadcast}, {@ipv4, [], @ipv4=@broadcast, [], 0x4}, {@ipv4=@multicast2, [], @ipv6=@mcast1}, {@ipv6=@loopback, [], @ipv6=@private2}], 0x1, 0x2000}}]}, @common=@unspec=@NFQUEUE2={0x28}}, {{@ipv6={@ipv4={'\x00', '\xff\xff', @broadcast}, @private1, [], [], 'team_slave_0\x00', 'xfrm0\x00'}, 0x0, 0x100, 0x138, 0x0, {}, [@inet=@rpfilter={{0x28}}, @common=@unspec=@realm={{0x30}}]}, @common=@inet=@SET3={0x38}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x4c0) 2.615655587s ago: executing program 4: r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) ioctl$SNDCTL_SEQ_TESTMIDI(r0, 0x40045108, &(0x7f0000000200)) ioctl$SNDCTL_SEQ_RESET(0xffffffffffffffff, 0x5100) r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001280)={0x18, 0x3, &(0x7f0000000940)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000440)='GPL\x00'}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='contention_end\x00', r2}, 0x10) ioctl$SNDCTL_SEQ_RESET(r1, 0x5100) 2.268726503s ago: executing program 4: syz_mount_image$bcachefs(&(0x7f0000005d80), &(0x7f0000005dc0)='./file1\x00', 0x480, &(0x7f0000000040)=ANY=[@ANYRES64=0x0, @ANYRES32=0x0], 0x1, 0x5e05, &(0x7f00000119c0)="$eJzs3X2QHOWZGPDumVntrlYfK1k2KyTEYoQdccEWKBDLd0Qb5+zYjmxkYQEWp5NkWNk6C0nWBwLpEgTkMMFOSlVQB4E4pQOXc5W6SnDpEuI7pUrGGF/5qihkx39w5Ouow/njfER1ljgiOd6r3e3enentt3t2ZlZI+Per2p15e9553ufpeae/dnc2AgAA4JfCi7+z981PX/rRHzwwfOa+j//RXfdHfdWx5T1ph/7k9p63K0Nm0oofnmt4ZbtrA2O32XlxyR8verP/wbWfemT1x3645U8WDC1bPnzDt47d9NCDz9/48+cff3Jt2TjpfLp6sh3/VRxFy14/9vhD3/vTS0aXxaPjx/2HowUL4oXfWRBnQqw8G0XRnRN5Nj547MyqbaO393+1u2H5/EwQ8/2XW08yzw5t/vzTJ7409L1jg7tX/fT09bsOT3aJe+rmUxTN21L//K4oinqTr1HpbBtIn5zcrouiaHbd8z5UkteV2QXd+f2uCbSXJrezktu+kvHSx6/ItGslz4sy/WrF6XZMZYbjZ2XXX3ZjNFPSOuclt88lt1dPM041/YqjShzVJtLfEU/OkajudYujeGxu90y0K2PtaKIdZdtxpl3JtKtdmbrGxk1WbDWOG5en/TLL081xLVl+Rf22Osf6wPLFyW1P8kZ9K21H2Tvj+qbcmawjqsvr1PmaGAGVwHsvXT6RXvJi9CXL+uKFU54zkiN97NT3t25845WDz/UH8oifjZP4cUvxh4afOvHN244vHgjF31JJ4ldaiv9i9aWz3zg9MCcY/0gav9pS/A2/+MnDD9x8YFFw/ZxK10+tpfjLvzbn0JkD67sHQ/GPpvF7Wop/w6Zlqy87vf/uYP4r0/XT21L8Hz+64tymI98+HowfpfFntxT/1aeeWVpd/NjJYPwT6frpayn+LaueWPPJJQ8+GVz/L6fx57YUf+PJh7bsfvqFFcH5uS5dP/0txT+75kevnetf+0xo2xkfPd97WIB3lnclx1gPJ+1WzzPH/EXredSdLzwxWBs/5puTfM1tPWypuO7cBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABa9dia//Tl+vZVf3n3hpP/edn2WtLurkVRHEXRG9Xxdrp8VhTFvVEU7d23dc++7Tu/MPhbu/bv2bl1x+DWfYPDO/ftuXfw7/3dwT3Du3dsvXf00ZXXrBp/3sKxaFG0ML5sSi4jIyMjURQN1i9Lx/u9Tzz7/zY8+defi6KV7/7Rslqwng/+99c+uijne0Y8NLLu31z/6MFZfzF/fEF/kld/KK/+xmVpBn1DL//ZR557ZTSv9xTl9fhLt/7fhoTGFkzGSVS6o8rYne54dm4eE1lP5jO2vmrbtu8YXlm+fuPA+n3/C394+j/es+Ffjq/fnmAdTa7f0bVaG3nkZw+8//BHhj98Ab/uZeu7roSx/NL115Os73lJXfMCdVUCdd09+Oqpf/Uf/us3Dkcraz+7fOrYZXV1JROgK17c1LjpCLPjBQ19e5L+6SuePu+D++7a/cG99x68ZvtdW78w/IXhnatWXb/62lXXXrd61QfHSh//3rH60/Hf32T9c5JIc+IluestuzQd9/Kx79UoSTu9qbvTqCvqG7/NrOe0e7bqvuSxvnjhlFgjOdLHTn1/68Y3Xjn4XOidFz87PmJvNHf8Nl4a6Lkj88TqRMJ545+f9+Wu3+3ZkX5v7n1ZllfZvBrNq3xe1WdUsB176cqHf/b0V/717U1sL+q6juWX5jl79O1ybVT3vp26rvLqauL1GcpbD3dcs+cP792+8UjZ9rz+lan/nhEPjfzvpfGn9u/9sz3jC87L/rI+oRb3lxNZT+Yztr56ktfjQl2/3VE1qasvN6/18dM3vv+u478ykd+sWdE9W/ft23Pt+PeLta4/nzV/0fb7l1w2pa7rxr+Xbfcvz7RLt/uV/PrKtvvZcSb758cbzLT7ompL+4kNv/jJww/cfGBRcD9xqtn9xG83tKpt7icqgff7I3/99cE3b//sm2Xz6aa9S+5blPM9W97QyLf/4Fev/fCtN39sfMF52Q7VJ9Tidmgi6ySfdH2NbYeuu3DqePte54Y3Yjw0cvm33nfLuTNf/sz4grL1O9E7b/2uKt/OVwN13d713gWP/nTJezs3f/du/psrPzB7zoUzf0cTqPQk67cnsH4nsk7yqdav3w/csWvHnePtC/e4bVx3yflPut/Ze+/BL23dsWN4z97m6mp2f5qOk13Lre5P073HwpK60tdrsq6Zu9PM+mr2/Zbmf2cmRqvvN4DU5H5hVsPy7PYzve63bF604QNf+e5L8eD4/rJT11vTcS7N7Mpbvd5adp703ky78TypFtXVPW7qedLYU8rOk7LjlJ0nXZlpl5/HPJxbSej160r2vHnXTTP51kYjhObHQBJ/IGmnx5vLPhBdX33uqk/EQ83Nj2aPp9Nx/k5mBbV6PF02P5ZH+Xl1en68L/Ok8tf7SG5mPYHXo+z1Xt4QaGSk3fPy/kDW6Xl5XxS3FH9o+KkT37zt+OJg/C2VJH6lpfgvVl86+43TA3OC8Y+k8WstxV/+tTmHzhxY3x2MfzRdPz0txb9h07LVl53ef3cw/so0/96W4v/40RXnNh359vFg/CiN39dS/FtWPbHmk0sefDIY/+U4GWf0vRtFx86s2jbejqOuZP6neYy2o8PRRP+uhjyjONPO1BFV6x+vjP+sd2KAahw3Lk/7ZZanddSS5VfU5ZhnQ2B5+q7tSd7Yb6XtKHuneHm6eUrzOhXY/5wvlbpjj7zlZdcnO+WN1wd+r76d/vw/nQPdtfHX7rrM+irbf2S33mm84HXYwCWMsuOFqT9/m93S++/Vp55ZWl382MngddUTzV5X3d3Qml1yXbXdfIPbixPp9rS97dFAKP7Lafz29gfB+Mn+oGyeXZVpl86zrvzxyuZZ9jilL5rbUt0bTz60ZffTL6wIzrN142/48nn2WENrbuk8a+/n0sF59mzckfURjL+uM8c1wXmWHNeUzbOrM+3251nj8einktt7Jhf9/7SUVuo+u+ZHr53rX/tMcJ4dbXae/X5Dq790nrV3fBt8nSaOb7PH571NxW/++PziPv5s+vhwol16fFjJtPOPD5Mf587U8eH6wPLpHh/2TbkzWUd0MR4fBrYzAFDkB4/c+3/q2+n5f7rvTs//v5t5Xrvnldnfh0p16rwyGP9oZ85XgsepE+crM32+NdPH2TN7vjXz19kv7uP4mb8u1D+j55XOQ5J2lL0zznkIAABvhyv+3dd/vb591V9GY+f/E7/3lvz9/wtpO/N857mB+OftPHemr5M4j87orW/M/HWwmb5O5TqA6wDlXAcAAHhn2Lxtz/Dw3t1b7xjevH3n9n0Ty7vGzpym/p7q309u16ULDk/2jwp+f3pdpj0ZP7//Z3L6Rzn5fCjQP6SWnMB9/o4vXrf5zuG7p1t/aLyy+vP6F9WfPb8I1b860D+k3fpD45XVn9e/qP6bg/Eb8/lwoH9Iu/WHxiurP69/Uf2fzY+/Jsrk86uB/iHt1h8ar6z+vP5F9Wf/Hiz0+v9aoH9Iu/WHxiurP69/Uf23BOM35nPjZP9zoWth9dqt/8bS/Jqvp6j+W4PxG/P5B4H+IeH6Q/k1N15u/XFxPUX13xaM35jPmnSkJq8Ptfv6rynNr/l6CuqvfC4YvzGf9EN3sv1D2q0/NF5Z/Xn9i17/jcH4jfn8w0D/kNL6u7L5NTdeWf15/Yvqvz0YvzGfjwT6h7T7+ofGK6s/r39R/b8RjN+Yzz8K9A9pt/7QeGX15/Uvqn9TMH5jPr8e6B/Sbv2h8crqz+tfVP9vBuM35vPRQP+QKfWnP49osv7QeGX15/Uvqn9zMH5jPh8L9A9p9/UPjVdWf17/ovq3BOM35vOPA/1D2q0/NF5Z/Xn9i+rfGozfmM/HA/1D2q0/NF5Z/Xn9Z9fCnzv++WD8xnw+Eegf0m79ofHK6s/rX/T63xGM35jPJwP9Q9qtPzReWf15/Yvqz37eYaj+fxLoH9Ju/aHxuqKR+4rGzaunqP7hnP5RTj5rA/1D2q0/NF7Z65/Xv6j+bcH4+Z8bkO0f0m79ofHK6s/rX1T/F4LxG/P5dKB/SLv1h8Yrqz+vf1H9XwzGb8znpkD/kHbrD41XVn9e/6L6twfjN+azLtA/pN36Q+OV1Z/Xv6j+3wrGb8znM4H+Ie3WHxqvrP68/kX1fykYvzGf9YH+Ie3WHxqvrP68/kX17wjGb8zn5kD/kHbrD41XVn9e/6L67wrGb8zns4H+Ie3WHxqvrP68/kX17wzGb8xnQ6B/SLv1h8Yrqz+vf1H9u4LxG/O5JdA/pN36Q+OV1Z/Xv6j+3cH4jfncGugf0m79ofHK6s/rX1T/l4PxG/O5LdA/pN36Q+OV1Z/Xv6j+PcH4jfl8LtA/pN36Q+OV1Z/Xv6j+vcH4jflsDPQPabf+0Hhl9ef1L6p/XzB+Yz63B/qHTLf+nibHK6s/r39R/fuD8Rvz+Y1A/5B2X//QeGX15/Uvqv/uYPzGfDYF+oe0W39ovLL68/oX1X8gGL8xn98M9A9pt/7QeGX15/Uvqv+eYPzGfDYH+odM1L9vz/Dw5v2779y6b3jzzl13Du/dfGDP9n37hpMDtXb/riz8d0Fv8x+yUKjh/TE+Sbbv3Du8Z+r2u7dw/tbPiWjsz57G/2yuJ35PU/2zH3vd6qy5UOZ7V1QrXF+XZtrzk8+jnR/4PNps/zTskrE7Uz+PNjtsreRzXMu2T9nxQ9unuKB/3vY1tD0r2/9Ne/tXOr97CuvPLu5O/rCvO353U/2jgv/v1tx8be/vToPz9eXm5mv2c9fL5mu2/3Tna1+b8zU7fmg+VQr6Fx0PNTtfNwb6p5qfn3Gw3rx5Nd3/M5iGndb/Gcx8m6KF/2XQ/Puhvb8jD74fkqTL3g/Zv+Muez9k+0/3/dDb5vshO37Z+yGvf9H5cbPvh1sD/UOanw/tfW5BcD6sbG4+ZP+PVdl8yPaf7nzoaXM+ZMcvmw95/YuuFzY7Hz4b6N+s5udHe58rEpwfW5qbH9n/J1E2P7L9pzs/4jbnR3b8svmR17/o5ynNzo/PBPqnGvaf2/aOndRv37pj+8HML2D0J/vPt3t/eF72y3/za3/+1vi3JI/KlDzKjifiTB4LkkwWhP7vYSDvO/7bv9/w3Z9/5etRtPLd1aXhvCdTnvyWEQ+NLLxv+Tdve8/Jj4zmXynMf6Jn+n+LS/7fcbZ/Wk9tx669+35l2679O5v9jati6eehVCbaM/R5KMnCapOfbxL6e4Lpfr5J15Q7F6amP98E4B1i/tFn59a308//T/dHA8m2rzfZAKbLmz/Obu/z9YLH2UeaO85eka235Dg72z+tt9nj7Eqbx9nZ8cuOs/P6F/3eXrPH2Z8O9J+uxnkyOkHG5sfw5gO79tT/TlwT86Srvpk+1uz/re18vjP7f3zbz29mP7exVc3nP7OfCznz+c/s/wGe+fxn9v88t+q8nS8lHxZZ9vmROedRc+obob9Ln+551Kwpdy48yUcBOY8CgAvcv9jz+r+tb6fn/8lZ7MT5/1eTdrXD48/0eVS71x/Kzitn+jj54v/8/Zk9D7oIzgca/DKdD0R+rgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQ9Pv/8798p77dXRsYu33xd/a++elLP/qDB4bP3PfxP7rr/kv+eNGb/Q+u/dQjqz/2wy1/smBo2fLhG7517KaHHnz+xp8///iTa0sH6h+/uTpp9kRR/FdxFC17/djjD33vTy8ZXRaPjh/3H44WLIgXfmdBnImw8mwURXdO5Nn44LEzq7aN3t7/1e6G5fMzQbJ1RX3VNJ+GPKN7SiviItSTzLNDmz//9IkvDX3v2ODuVT89ff2uw5Nd4p66+RRF87bUP78riqLe5GtUOtsG0icnt+uiKJpd97wPleR1ZZP5XxNoL01uZyW3fSVx0sevyLRrTeZRy9x2N/m8VlVmOH5Wdv1lN0YzJa1zXnL7XHJ79TTjVNOvOKrEUW0i/R3x5ByJ6l63OIrH5nbPRLsy1o4m2lG2HWfalUy72pWpa2zcZMVW47hxedovszzdHNeS5VfUb6tzrA8sX5zc9iRv1LfSdpS9M65vyp3JOqK6vE6dr4kRUAm899LlE+klL0ZfsqwvXjjlOSM50sdOfX/rxjdeOfhcfyCP+Nk4iR+3FH9o+KkT37zt+OKBUPwtlSR+paX4L1ZfOvuN0wNzgvGPpPGrLcXf8IufPPzAzQcWBdfPqXT91FqKv/xrcw6dObC+ezAU/2gav6el+DdsWrb6stP77w7mvzJdP70txf/xoyvObTry7ePB+FEaf3ZL8V996pml1cWPnQzGP5Gun76W4t+y6ok1n1zy4JPB9f9yGn9uS/E3nnxoy+6nX1gRnJ/r0vXT31L8s2t+9Nq5/rXPhLad8dHzvYcFeGd5V3KM9XDSbvU8s1115wtPDNbGj/nmJF9zOzlQRlx37lJg1gymAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADARWDXSHV/ffu144/c9MX/tfl/1OIoigPPGcmRPladNTQ02EIey78259CZA+u70/bo2AMtxAEAAACmWvLqV75c307PwytJO456ooHoQNwbLcl9fnqNYEnaihuXZ68h9E727EicSofiVDsUp9ahOF0dijOrQ3G6OxSnpyROT9RcnN7COJWm85ndfpyxlPs6lM+cDsWZ26E48zoUZ36H4vQXxbkpnrI8FGdBYT7Nz+eFHYrzrg7FWdShOO/uUJz3dCjOJR2Kk72mPN15ODfpeWkoztidammcWlydeCDveno6zmVtjtPX5DhZ0x2nt8lxrmxznJ4mx3lfm+PETY6zIvO8SnacWcXjVErGSeftPaF60laT8//eDsU52KE4hzoU57czj7Qa5592KJ9/No042WPG+jj3tZkPQMjvPn/1H9S30/P/9Pwzjvqj7tp10exki5M9Wki3XZePfZ+6Xw1tkNJ4SzPL03G75zY+P84OGIh3+XTzy15AyMR7b2G82pTz1Zx4tfp4yzsUDwAAAKbjn5891PCjuann/wNRd23RxPnrVZnnp/2C59fZH2Qn0nhXdygeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwt+zaa2wc9bUA8P9417t7zSMGJWFDXlaSS0CIPIhydeHewipSkagKDqUJjwi5KRgcYRKIEyBpq1ComsgSFW3og9eHBooqhApISBGtK1FBi/qhUSNKxaOuwUXwBRVKXkBot1p7xh6vd7GzLUnT/n5CM3tmzvmf/wwS0hkDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8K/v99/9y/PpeLCvt71roKM/RKHyT03lGpJ7mVyp1NbAPt57Ye3Vf35l6+4krvTOZxtYCAAAABjnyQtmnJmOkzk8Gb2jUAj57NKQj3Jj6orxd4BiHDe1Dp/nLArLM7v/++Ko1DQUnxqdMqauENcV4jgT1/Vs2Xrj2u7uzo2f4o9Kn+rnqN5PFMLQ54s5J4dVi7Y/tydqG36OlgmeoymuW7zpppsX92zZes66m9be0HlD5/ply5aft3TZ0nPPW7b4+nXdnUuGjyE/wXohhNLY9zLBv0gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgKtv169zfS8WBfb3vXQEd/SxRCVKemXENyL5Mrldoa2MdrDzw8KzPj3r1JXOmdzzawEAAAADDOL56ccWE6TubwZPSOQiHks7mQCTOG4nmjqdkQyuXk+oKq60dj7wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwNG172D7H9PxYF9ve9dAR/8JUQhRnZpyDcm9TK5UamtgH6uX/eDCz8286/4krvQuNrAOAAAAMN5LZzbflY6TObwpjqNQCMUwPzRHM8bUJd8GTq9arzovWWf2JPOqvx3Uy5s/ybwzJpl31gR5l8bn2wMAAAAcf65q/c3qdJzM/81xHIXWkM8WQyaOJ5rjk+8Cc6vykvqJ5vukfl6d+onm/qS+eu4HAACA/2TnvP3Ux+l4/PxfDPlsYWT+nujv6ZfEZ38nBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADq+eXBi3+Wjgf7etu7Bjr6M1EIUZ2acg3JvUyuVGprYB+r/vbWjjsvv21qEld657MNLAQAAACM83juf29Lx8kcnozeUSiEfLYlNIcThub+N3JTpq77+szZIYTSUEIuF25fu2nTxnOHj0neF6Jdn1l4U9/Z4/KWDh+P/pMCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/qGWP7VyTjgf7etu7Bjr6/ysKIapTU64huZfJlUptDezjpZ1nHb7mnmf6krjSu9jAOgAAAMB4s7qf/VM6TubwZPaPQiEUQy7kwvShOD3rVzRVrVfvmwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADw76Nny9Yb13Z3d270ww8//Bj5caz/ywQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwrP13/nXfT8WBfb3vXQEd/IQohqlNTriG5l8mVSm0N7ON/rplz3uz9m29N4krvYgPrAAAAAOOteWfz/nSczOHJ7B+FQiiG5tAcpsXxeEPzf+vR2C0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHAszQ1RKB+h01Ye610DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAn4YDL696IB0P9vW2dw109J8UhRDVqSnXkNzL5Eqltgb2cfXeb37p5l3Pn5XEld75bOVXqYHVAAAAgLTmt1/+cjpO5vBsHEehEPLZWSEfZsVXuscuEGWSxJrfBUbrvjqmLDPpuh1VOx7eWSH+DlEY2WcY+uwwWnfPJ9YV46tNrZN7TwAAAHA8m7bj0q+l42T+b47jKLSGfHZaaq6+eUx9y6Tn+HvH1J006bofj6lrnaDun/BKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAG3b3yhdPS8WBfb3vXQEd/FIUQ1akp15Dcy+RKpbYG9lHqfODZR6/sm5HEld7FBtYBAAAAxrv8rcK303EyhyezfxQKoRhmh5PD7KG5P7SOrU/yTij99tUVu1+5KoQl01+ck63b7/t7rng3HPr/Nz4YPgyFITSNTWoKYUrcL6rT79rfPbbquY+3PxTCkmmZWfX7jbYaPVSJSuVTty149Mrpe1fUXQYAAACOa4WHD/woHSfzfzJRR6E15LPr687/Sd4Rzf/tPTO3TY2P8ReAqoqm1rhfU51+ve8/1HZwzRcPVub/F+cURv5fgTPnj81Pt0ofq745RKXy3KfOWH34wC2XDV9I+mfq9F/TPO+Une/MnJf0L8TXrwuT7R+q+vd0HJq/qOXEi8b2DyG01er/w4uf/HDV/e9fNdy//vte/IfBz04NG75X6E6Ow1fG91/54PKdW3NvThnbP6rTf+HzT+9/4vZVd1c//+nZWv3HH6tUumbLvfvuXHjHis7zU/2b6vS/te219771k58/Uum/b27LSP+Fn/D8E/bfM3/Hvl3b71sz9v2XavW/9pyNT29Zd/U91c/fUrVw+s2nj+Pf/+uzoks297y6sfoWAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA8a3jiY8OpePBvt72roGO/qYohKhOTbmG5F4mVyrljqB/Nj7/KrPno0f2F09Mrld6F4/0YQAAAICaLlvx+g3pOJnDk9k/CoVQDLmQCy1Dc/+p2xY8euX0vStCa3w/Pme7N/RsOvv6DZvXX3e0HwEAAACYwK4LPlyRjpP5P/m7fBRaQz67IDTH8//KB5fv3Jp7c0oy/4cQ2iqH7PXrujuXhJHvBD0dh+YvajnxoiQvE58LlbxF127ojj8TJOs+8/j/LT3/istH8pvS+eeO5s196ozVhw/cclnNvGWjea/Pii7Z3PPqxtQ+SyN5S0fzevfdufCOFZ3nJ88RxedC/DxJ3p75O/bt2n7fmiSvKT63xOsBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACGc8sFfv5KOB/t627sGOvpDJoSoTk25huReJlcqtTWwj48ufHHwcOvnH07iSu98toGFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+zg4cCAAAAAAA+b82QlVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVRV26ifErSKOA/hMkpq0KXW3FJqVurTYiwWhsFjsQdyLf5D6h4qiQnEV14uKgmjFHuwfLKIeCgoVexEVz0oORe1hLbSKgqDgQTx50JPKHnaLVFFJdiabvPax64MVkc8HwuQ3yXzf700mDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgP+0B364tTFcNxud/nj+pWcu3HnVzV8cnV188baPnzyy9ZMtF8aO7bvjlb23fDPz+fj05M7ZPR927zp+7OyNf5w9+da+FS/0/NKwK5WtEOIvMYTJH7snj5/7cmtvLvauH8cOh/HxuPnT8VhI2H0xhPDooM/RD7uLU4/1xiOvNkfmryyEFO8rtOu5nyVjo/3y/9JK5+zQQ4+8M/f49Lnu9qenfl64/qnDy1+JraHzFMKmmeH160II69OrJ5+2Tl6cxrtDCBuG1t2wQl/XrLL/60rqbWm8Io3tFXLy5zuao3VjlX00CmNzleuqqq1xflFx/4oPo7WS73NTGk+ncdc/zKnnVwy1GBqD9p+Iy2ckDP1uMcT+2W4N6lq/DoM6FOtYqGuFur6ucF/966aNrcc4Op+/V5jPj+NGmt8x/Ky+jP0l8xNpbKU/6m+5DsU3S9qXvFm+jzDU1/y/dTBK1Er+e3l+0F76Mdpprh03X7Lmr8vIn81/9vCDv373wumxkj7iBzHlx0r507On5t6//8xEpyx/ppbya5Xyz9e/uvjeQmdjaf6JnF+vlH/vnz+9fPSeg1tK92c+70+jUv7O1zYeWjy4v7m9LP/tnN+qlL/nwOTeqxeefa60/915f9ZXyv/29Wt/P3DiozOl+SHnb6iU//2pd7fVJ974ujR/Lu9Pu1L+fVNv3nT73+zXvwkCMRQHYA5sBA8OLG1sncIFLKytHMEdBHEEsRJdxQEUN3AMbSxMJAhp4h9Qvg+uuOY9eITk/XrzdXb+h1i/Lqo/OS6ms+1+kD2f4zifpqj+ZXg6X5vRLnd3Vptvv7AA/6Ubdqxl+C/Nma9K8sKq37rvfJ3w1e9s9KRKsstD+4MNAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+Am3AAAA//8ncmVi") mknodat$loop(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x1) open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) 1.812282734s ago: executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x3000480, &(0x7f0000000380), 0x45, 0x7a5, &(0x7f0000001740)="$eJzs3c9rG1ceAPDvyPLPZNdeWNjNngwLu4YQeZ31Jlso1KWHUmgg0J6bGFkxqWUrWHKIjWkTSqGXQlt6ay859+el9Nofh17a/6MkpK0TmtJDcRn9sJVYcuTElpLm84Gx3pt50nvfeaOZJ81YE8Bjazz9k4k4EhFvJRGj9flJRPRXU9mImVq52xvr+XRKYnPzhR+TaplbG+v5aHpO6lA98/eI+Or1iKOZnfWWV9cWZovFwnI9P1lZvDBZXl07dn5xdr4wX1g6MTU9ffzk/06e2L9Yf/5u7fD1t5/998czv772t0/e/DqJmThcX9Ycx34Zj/H6OulPV+Edntnvynrms1c6KNS0BWQPsjHsUdoxffVeORKj0bdb/wx3s2UAwEF5NSI22+lruwQAeKQlteP/U71uBwDQLY3vAW5trOcbU2+/keiuG09HxFAt/sb5zdqSbP2c3VD1POjIreSOMyNJRIztQ/3jEfH+5y99mE5xQOchAVq5fCUizo6N79z/JzuuWdir/3RQZvyuvP0fdM8X6fjn/63Gf5mt8U+0GP8Mtnjv3o97v/8z1/ahmrbS8d+TTde23W6Kv26sr577U3XM15+cO18spPu2P0fERPQPpvmpXeqYuPnbzXbLmsd/P73z8gdp/enjdonMtezgnc+Zm63MPkjMzW5cifhHtlX8yVb/J23Gv6c7rOO5J954r92yNP403sa0M/6DtXk14l8t+z/ZKpPsen3iZHVzmGxsFC18OhMj7eofz273fzql9Tc+C3RD2v8ju8c/ljRfr1nu+KW3rhb79urol+0KNW//reNvvf0PJC9W0wP1eZdmK5XlqYiB5Pmd849vP7eRb5RP45/4Z+v3/27bf/qZ8GyHKyJ7/YeP7j/+g5XGP7en/t9zIoZuL/S1q7+z/p+upibqczrZ/3XawAdZdwAAAAAAAAAAAAAAAAAAAAAAAADQqUxEHI4kk9tKZzK5XO0e3n+NkUyxVK4cPVdaWZqL6r2yx6I/0/ipy9Gm30Odqv8efiN//K78fyPiLxHx7uBwNZ/Ll4pzvQ4eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOoOtbn/f+r7wV63DgA4MEN9vW4BANBlSTbb6yYAAN02tKfSwwfWDgCge/Z2/AcA/ggc/wHg8XOP479/AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBBnT51Kp02f9lYz6f5uYurKwuli8fmCuWF3OJKPpcvLV/IzZdK88VCLl9abPtCl2sPxVLpwnQsrVyarBTKlcny6tqZxdLKUuXM+cXZ+cKZQn/XIgMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAzpVX1xZmi8XCskRPEgvf1PrhYWmPxN4ScbnWfw9Le/YvEQPbe4nh3uycAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4BvwcAAP//JJMi3A==") r0 = openat(0xffffffffffffff9c, &(0x7f0000002540)='./file1\x00', 0x42, 0x0) ftruncate(r0, 0xf2d) r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4) setsockopt$packet_fanout_data(r1, 0x107, 0x16, 0x0, 0x0) bpf$ENABLE_STATS(0x20, 0x0, 0x0) syz_emit_ethernet(0x83, &(0x7f0000000040)=ANY=[], 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) read$FUSE(r2, &(0x7f0000007000)={0x2020}, 0x20a0) r3 = dup(r0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) prlimit64(0x0, 0xe, 0x0, 0x0) r4 = getpid() sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sendfile(r2, r3, 0x0, 0xe0000000) 1.265544612s ago: executing program 3: pipe2$9p(0x0, 0x0) write$FUSE_BMAP(0xffffffffffffffff, 0x0, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg$nl_route(r1, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="70000000200001002cbd7000fddbdf250a0020440000000c12000000050016003a00000014000200fe80000000004000000000000000000008000a000000010014000100fe8800000000000000000000010000000000030062726964"], 0x70}, 0x1, 0x0, 0x0, 0x4}, 0x24000006) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000003c0)=ANY=[@ANYBLOB="5c0000001000390400"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000003c0012800b000100697036746e6c00002c000280140003002001000000000000000000000000010114000200fc0200"/68], 0x5c}}, 0x0) 1.04564408s ago: executing program 3: openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) socket$kcm(0x10, 0x2, 0x10) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) r1 = socket$kcm(0x2, 0x1000000000000002, 0x0) setsockopt$sock_attach_bpf(r1, 0x1, 0x3e, &(0x7f00000002c0)=r0, 0x161) sendmsg$inet(r1, &(0x7f0000007940)={&(0x7f00000001c0)={0x2, 0x4e24, @dev}, 0x10, 0x0, 0x0, &(0x7f0000000000)=[@ip_retopts={{0x24, 0x0, 0x7, {[@timestamp_prespec={0x44, 0x14, 0x5, 0x3, 0x0, [{@multicast1}, {@broadcast}]}]}}}], 0x28}, 0x0) 809.095627ms ago: executing program 3: r0 = syz_init_net_socket$ax25(0x3, 0x5, 0x0) getsockname$ax25(r0, 0x0, 0x0) 631.399643ms ago: executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl802154(&(0x7f00000006c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_NEW_SEC_DEVKEY(r0, 0x0, 0x0) 395.542595ms ago: executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x3, &(0x7f0000000100)={&(0x7f0000000540)=ANY=[@ANYBLOB="14000000100001000b000000000000000000000a20000000000a03000000000000000000010000000900010073797a300000000044000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a3000000000080005400000001f08000340000000045c0000000c0a01020000000000000000010000000900020073797a32000000000900010073797a3000000000300003802c00008028000180230001"], 0xe8}}, 0x0) 0s ago: executing program 3: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001280)={0x0, 0x3, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) socket(0x2, 0x0, 0x0) syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff) r0 = socket(0x10, 0x80002, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000180)) socket$nl_route(0x10, 0x3, 0x0) socket(0x10, 0x803, 0x0) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000700)={{{@in=@local, @in6=@local}}, {{@in=@multicast1}, 0x0, @in6=@empty}}, 0x0) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000007bc0), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_PMKSA(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000a00)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000003400000008000300", @ANYRES32=r3, @ANYBLOB="14005500f2a061aa1180009b0e07efaadd67505c0a0006000802110000010000050020013f00000008001f0116000000"], 0x4c}}, 0x0) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.140' (ED25519) to the list of known hosts. 2024/06/02 02:03:35 fuzzer started 2024/06/02 02:03:35 dialing manager at 10.128.0.169:30010 [ 55.748185][ T5096] cgroup: Unknown subsys name 'net' [ 55.929497][ T5096] cgroup: Unknown subsys name 'rlimit' 2024/06/02 02:03:37 starting 5 executor processes [ 56.999877][ T5099] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 57.012554][ T5099] syz-executor (5099) used greatest stack depth: 18968 bytes left [ 58.548631][ T53] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 58.576222][ T53] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 58.583918][ T53] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 58.616996][ T53] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 58.624770][ T53] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 58.636715][ T53] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 58.705528][ T53] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 58.716579][ T53] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 58.724338][ T53] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 58.756849][ T5121] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 58.765400][ T5121] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 58.773420][ T5121] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 58.775666][ T5127] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 58.781296][ T5121] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 58.789180][ T5127] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 58.796802][ T5121] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 58.806873][ T5128] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 58.809117][ T5121] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 58.825893][ T5127] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 58.833389][ T5128] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 58.842028][ T5127] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 58.849315][ T4491] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 58.862355][ T5127] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 58.870274][ T5127] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 58.870761][ T53] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 58.886320][ T53] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 58.897891][ T4491] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 58.906791][ T4491] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 58.914531][ T53] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 58.923050][ T5116] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 59.168243][ T5114] chnl_net:caif_netlink_parms(): no params data found [ 59.309629][ T5114] bridge0: port 1(bridge_slave_0) entered blocking state [ 59.318052][ T5114] bridge0: port 1(bridge_slave_0) entered disabled state [ 59.325377][ T5114] bridge_slave_0: entered allmulticast mode [ 59.333437][ T5114] bridge_slave_0: entered promiscuous mode [ 59.361553][ T5114] bridge0: port 2(bridge_slave_1) entered blocking state [ 59.369401][ T5114] bridge0: port 2(bridge_slave_1) entered disabled state [ 59.377018][ T5114] bridge_slave_1: entered allmulticast mode [ 59.383868][ T5114] bridge_slave_1: entered promiscuous mode [ 59.499320][ T5114] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 59.512205][ T5114] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 59.560766][ T5119] chnl_net:caif_netlink_parms(): no params data found [ 59.575507][ T5114] team0: Port device team_slave_0 added [ 59.617059][ T5114] team0: Port device team_slave_1 added [ 59.694219][ T5120] chnl_net:caif_netlink_parms(): no params data found [ 59.738303][ T5117] chnl_net:caif_netlink_parms(): no params data found [ 59.781884][ T5114] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 59.789668][ T5114] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 59.816103][ T5114] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 59.848082][ T5114] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 59.855161][ T5114] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 59.881246][ T5114] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 59.944106][ T5126] chnl_net:caif_netlink_parms(): no params data found [ 59.977970][ T5114] hsr_slave_0: entered promiscuous mode [ 59.984180][ T5114] hsr_slave_1: entered promiscuous mode [ 60.022481][ T5119] bridge0: port 1(bridge_slave_0) entered blocking state [ 60.031033][ T5119] bridge0: port 1(bridge_slave_0) entered disabled state [ 60.038443][ T5119] bridge_slave_0: entered allmulticast mode [ 60.045127][ T5119] bridge_slave_0: entered promiscuous mode [ 60.075517][ T5119] bridge0: port 2(bridge_slave_1) entered blocking state [ 60.082963][ T5119] bridge0: port 2(bridge_slave_1) entered disabled state [ 60.090344][ T5119] bridge_slave_1: entered allmulticast mode [ 60.097137][ T5119] bridge_slave_1: entered promiscuous mode [ 60.151080][ T5120] bridge0: port 1(bridge_slave_0) entered blocking state [ 60.158551][ T5120] bridge0: port 1(bridge_slave_0) entered disabled state [ 60.165836][ T5120] bridge_slave_0: entered allmulticast mode [ 60.175716][ T5120] bridge_slave_0: entered promiscuous mode [ 60.183653][ T5120] bridge0: port 2(bridge_slave_1) entered blocking state [ 60.191006][ T5120] bridge0: port 2(bridge_slave_1) entered disabled state [ 60.198931][ T5120] bridge_slave_1: entered allmulticast mode [ 60.205635][ T5120] bridge_slave_1: entered promiscuous mode [ 60.287344][ T5119] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 60.299895][ T5119] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 60.312987][ T5117] bridge0: port 1(bridge_slave_0) entered blocking state [ 60.323977][ T5117] bridge0: port 1(bridge_slave_0) entered disabled state [ 60.331285][ T5117] bridge_slave_0: entered allmulticast mode [ 60.338785][ T5117] bridge_slave_0: entered promiscuous mode [ 60.352499][ T5120] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 60.365418][ T5120] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 60.399563][ T5117] bridge0: port 2(bridge_slave_1) entered blocking state [ 60.406775][ T5117] bridge0: port 2(bridge_slave_1) entered disabled state [ 60.413910][ T5117] bridge_slave_1: entered allmulticast mode [ 60.421982][ T5117] bridge_slave_1: entered promiscuous mode [ 60.517758][ T5120] team0: Port device team_slave_0 added [ 60.525858][ T5120] team0: Port device team_slave_1 added [ 60.535052][ T5119] team0: Port device team_slave_0 added [ 60.544735][ T5119] team0: Port device team_slave_1 added [ 60.551533][ T5126] bridge0: port 1(bridge_slave_0) entered blocking state [ 60.561721][ T5126] bridge0: port 1(bridge_slave_0) entered disabled state [ 60.569276][ T5126] bridge_slave_0: entered allmulticast mode [ 60.575959][ T5126] bridge_slave_0: entered promiscuous mode [ 60.584776][ T5126] bridge0: port 2(bridge_slave_1) entered blocking state [ 60.591966][ T5126] bridge0: port 2(bridge_slave_1) entered disabled state [ 60.599272][ T5126] bridge_slave_1: entered allmulticast mode [ 60.606309][ T5126] bridge_slave_1: entered promiscuous mode [ 60.614919][ T5117] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 60.627381][ T5117] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 60.666951][ T5116] Bluetooth: hci0: command tx timeout [ 60.706732][ T5120] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 60.713708][ T5120] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 60.739832][ T5120] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 60.752108][ T5119] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 60.761875][ T5119] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 60.788156][ T5119] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 60.801262][ T5119] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 60.808485][ T5119] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 60.834927][ T5119] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 60.849450][ T5126] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 60.861984][ T5126] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 60.883474][ T5117] team0: Port device team_slave_0 added [ 60.890124][ T5120] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 60.897699][ T5120] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 60.923893][ T5116] Bluetooth: hci1: command tx timeout [ 60.929418][ T5120] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 60.986372][ T53] Bluetooth: hci4: command tx timeout [ 60.986389][ T5121] Bluetooth: hci2: command tx timeout [ 60.998807][ T5116] Bluetooth: hci3: command tx timeout [ 61.007904][ T5117] team0: Port device team_slave_1 added [ 61.035590][ T5120] hsr_slave_0: entered promiscuous mode [ 61.041849][ T5120] hsr_slave_1: entered promiscuous mode [ 61.049774][ T5120] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 61.058358][ T5120] Cannot create hsr debugfs directory [ 61.067660][ T5126] team0: Port device team_slave_0 added [ 61.104690][ T5126] team0: Port device team_slave_1 added [ 61.111212][ T5117] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 61.119086][ T5117] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 61.145077][ T5117] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 61.159437][ T5117] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 61.166484][ T5117] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 61.192459][ T5117] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 61.260275][ T5119] hsr_slave_0: entered promiscuous mode [ 61.267417][ T5119] hsr_slave_1: entered promiscuous mode [ 61.273644][ T5119] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 61.281660][ T5119] Cannot create hsr debugfs directory [ 61.313225][ T5126] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 61.320587][ T5126] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 61.347072][ T5126] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 61.359082][ T5114] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 61.371378][ T5114] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 61.414750][ T5126] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 61.421866][ T5126] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 61.448368][ T5126] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 61.460789][ T5114] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 61.471951][ T5114] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 61.513029][ T5117] hsr_slave_0: entered promiscuous mode [ 61.519453][ T5117] hsr_slave_1: entered promiscuous mode [ 61.525464][ T5117] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 61.533657][ T5117] Cannot create hsr debugfs directory [ 61.656894][ T5126] hsr_slave_0: entered promiscuous mode [ 61.665357][ T5126] hsr_slave_1: entered promiscuous mode [ 61.672460][ T5126] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 61.680460][ T5126] Cannot create hsr debugfs directory [ 61.973360][ T5120] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 61.984108][ T5120] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 61.999409][ T5120] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 62.011288][ T5120] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 62.105899][ T5119] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 62.131074][ T5114] 8021q: adding VLAN 0 to HW filter on device bond0 [ 62.138273][ T5119] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 62.151211][ T5119] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 62.173878][ T5119] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 62.212262][ T5114] 8021q: adding VLAN 0 to HW filter on device team0 [ 62.243280][ T5161] bridge0: port 1(bridge_slave_0) entered blocking state [ 62.250630][ T5161] bridge0: port 1(bridge_slave_0) entered forwarding state [ 62.284921][ T5162] bridge0: port 2(bridge_slave_1) entered blocking state [ 62.292085][ T5162] bridge0: port 2(bridge_slave_1) entered forwarding state [ 62.327369][ T5117] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 62.361181][ T5117] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 62.393797][ T5117] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 62.410594][ T5117] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 62.436643][ T5120] 8021q: adding VLAN 0 to HW filter on device bond0 [ 62.495282][ T5120] 8021q: adding VLAN 0 to HW filter on device team0 [ 62.522571][ T5126] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 62.543412][ T783] bridge0: port 1(bridge_slave_0) entered blocking state [ 62.550573][ T783] bridge0: port 1(bridge_slave_0) entered forwarding state [ 62.562548][ T5126] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 62.572276][ T5126] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 62.596406][ T5126] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 62.622482][ T5164] bridge0: port 2(bridge_slave_1) entered blocking state [ 62.629610][ T5164] bridge0: port 2(bridge_slave_1) entered forwarding state [ 62.738371][ T5120] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 62.749690][ T5116] Bluetooth: hci0: command tx timeout [ 62.761551][ T5120] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 62.789931][ T5119] 8021q: adding VLAN 0 to HW filter on device bond0 [ 62.891036][ T5119] 8021q: adding VLAN 0 to HW filter on device team0 [ 62.931608][ T5117] 8021q: adding VLAN 0 to HW filter on device bond0 [ 62.958684][ T783] bridge0: port 1(bridge_slave_0) entered blocking state [ 62.965862][ T783] bridge0: port 1(bridge_slave_0) entered forwarding state [ 62.986990][ T5116] Bluetooth: hci1: command tx timeout [ 63.059588][ T25] bridge0: port 2(bridge_slave_1) entered blocking state [ 63.066943][ T25] bridge0: port 2(bridge_slave_1) entered forwarding state [ 63.069051][ T5116] Bluetooth: hci2: command tx timeout [ 63.078735][ T53] Bluetooth: hci3: command tx timeout [ 63.079958][ T5121] Bluetooth: hci4: command tx timeout [ 63.114864][ T5117] 8021q: adding VLAN 0 to HW filter on device team0 [ 63.128732][ T5126] 8021q: adding VLAN 0 to HW filter on device bond0 [ 63.143902][ T5114] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 63.170348][ T5163] bridge0: port 1(bridge_slave_0) entered blocking state [ 63.177648][ T5163] bridge0: port 1(bridge_slave_0) entered forwarding state [ 63.205943][ T5126] 8021q: adding VLAN 0 to HW filter on device team0 [ 63.223939][ T25] bridge0: port 1(bridge_slave_0) entered blocking state [ 63.231111][ T25] bridge0: port 1(bridge_slave_0) entered forwarding state [ 63.266690][ T5165] bridge0: port 2(bridge_slave_1) entered blocking state [ 63.273783][ T5165] bridge0: port 2(bridge_slave_1) entered forwarding state [ 63.287447][ T5165] bridge0: port 2(bridge_slave_1) entered blocking state [ 63.294595][ T5165] bridge0: port 2(bridge_slave_1) entered forwarding state [ 63.311251][ T5120] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 63.503238][ T5126] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 63.560025][ T5117] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 63.614677][ T5120] veth0_vlan: entered promiscuous mode [ 63.637600][ T5120] veth1_vlan: entered promiscuous mode [ 63.679119][ T5119] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 63.809902][ T5114] veth0_vlan: entered promiscuous mode [ 63.869843][ T5120] veth0_macvtap: entered promiscuous mode [ 63.894904][ T5119] veth0_vlan: entered promiscuous mode [ 63.925069][ T5120] veth1_macvtap: entered promiscuous mode [ 63.935551][ T5114] veth1_vlan: entered promiscuous mode [ 63.980650][ T5119] veth1_vlan: entered promiscuous mode [ 64.004041][ T5117] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 64.019593][ T5126] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 64.035131][ T5114] veth0_macvtap: entered promiscuous mode [ 64.045848][ T5114] veth1_macvtap: entered promiscuous mode [ 64.065048][ T5120] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 64.092901][ T5120] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 64.111147][ T5114] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 64.123008][ T5114] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 64.135644][ T5114] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 64.148204][ T5120] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.157755][ T5120] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.166587][ T5120] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.175422][ T5120] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.204917][ T5119] veth0_macvtap: entered promiscuous mode [ 64.218279][ T5119] veth1_macvtap: entered promiscuous mode [ 64.248411][ T5114] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 64.260052][ T5114] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 64.273405][ T5114] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 64.285606][ T5114] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.296956][ T5114] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.305701][ T5114] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.314684][ T5114] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.338750][ T5117] veth0_vlan: entered promiscuous mode [ 64.399904][ T5117] veth1_vlan: entered promiscuous mode [ 64.420751][ T5126] veth0_vlan: entered promiscuous mode [ 64.447461][ T5119] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 64.460663][ T5119] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 64.471347][ T5119] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 64.482202][ T5119] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 64.493482][ T5119] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 64.513528][ T5126] veth1_vlan: entered promiscuous mode [ 64.534748][ T5119] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 64.548755][ T5119] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 64.559121][ T5119] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 64.571751][ T5119] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 64.582932][ T5119] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 64.675687][ T5126] veth0_macvtap: entered promiscuous mode [ 64.686990][ T5119] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.698368][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 64.703925][ T5119] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.709106][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 64.715050][ T5119] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.731558][ T5119] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.747269][ T1050] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 64.755530][ T1050] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 64.765384][ T5126] veth1_macvtap: entered promiscuous mode [ 64.828687][ T5121] Bluetooth: hci0: command tx timeout [ 64.831247][ T5117] veth0_macvtap: entered promiscuous mode [ 64.867136][ T1050] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 64.873208][ T5117] veth1_macvtap: entered promiscuous mode [ 64.874964][ T1050] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 64.887301][ T5126] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 64.902783][ T5126] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 64.916695][ T5126] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 64.927443][ T5126] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 64.937470][ T5126] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 64.948057][ T5126] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 64.959648][ T5126] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 64.990835][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 65.002780][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 65.025104][ T5117] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 65.028607][ T1050] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 65.049083][ T5117] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 65.055467][ T1050] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 65.059687][ T5117] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 65.077533][ T5121] Bluetooth: hci1: command tx timeout [ 65.082885][ T5117] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 65.093526][ T5117] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 65.104105][ T5117] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 65.114866][ T5117] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 65.125517][ T5117] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 65.138316][ T5117] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 65.146251][ T5126] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 65.147711][ T5116] Bluetooth: hci2: command tx timeout [ 65.159133][ T53] Bluetooth: hci3: command tx timeout [ 65.162300][ T5121] Bluetooth: hci4: command tx timeout [ 65.168859][ T5126] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 65.183368][ T5126] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 65.193976][ T5126] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 65.209451][ T5126] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 65.220834][ T5126] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 65.233850][ T5126] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 65.273483][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 65.281841][ T5117] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 65.301374][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 65.319785][ T5117] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 65.340178][ T5194] syz-executor.0 (pid 5194) is setting deprecated v1 encryption policy; recommend upgrading to v2. [ 65.352579][ T5117] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 65.368835][ T5117] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 65.388469][ T5117] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 65.401859][ T5117] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 65.412229][ T5117] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 65.424134][ T5117] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 65.441173][ T5117] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 65.449607][ T5126] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.465437][ T5126] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.478148][ T5126] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.487308][ T5126] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.542493][ T5117] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.581385][ T5117] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.592398][ T5117] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.601863][ T5117] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.630339][ T5200] capability: warning: `syz-executor.4' uses deprecated v2 capabilities in a way that may be insecure [ 65.668457][ T5194] fscrypt: AES-128-CBC-CTS using implementation "cts-cbc-aes-aesni" [ 65.769396][ T5200] loop4: detected capacity change from 0 to 512 [ 65.771641][ T5205] loop1: detected capacity change from 0 to 1024 [ 65.835759][ T5205] hfsplus: invalid catalog max_key_len 1536 [ 65.861387][ T5205] hfsplus: failed to load catalog file [ 65.889388][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 65.919897][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 65.932767][ T5200] loop4: detected capacity change from 0 to 512 [ 65.939436][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 65.961773][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 65.975165][ T5108] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 66.069001][ T329] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 66.092505][ T329] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 66.208286][ T5194] fscrypt (sda1): Missing crypto API support for AES-128-CBC-ESSIV (API name: "essiv(cbc(aes),sha256)") [ 66.331167][ T5194] overlayfs: upper fs does not support tmpfile. [ 66.382743][ T5194] fscrypt (sda1): Missing crypto API support for AES-128-CBC-ESSIV (API name: "essiv(cbc(aes),sha256)") [ 66.411435][ T5222] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 66.963217][ T5116] Bluetooth: hci0: command tx timeout [ 66.995485][ T5222] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 67.147378][ T5116] Bluetooth: hci1: command tx timeout [ 67.226256][ T5116] Bluetooth: hci3: command tx timeout [ 67.228478][ T5116] Bluetooth: hci2: command tx timeout [ 67.228522][ T5116] Bluetooth: hci4: command tx timeout [ 67.295418][ T29] audit: type=1800 audit(1717293827.702:2): pid=5217 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="sda1" ino=1963 res=0 errno=0 [ 67.401464][ T5235] loop3: detected capacity change from 0 to 1024 [ 67.645227][ T29] audit: type=1800 audit(1717293828.062:3): pid=5239 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="sda1" ino=1945 res=0 errno=0 [ 67.738225][ T5241] loop2: detected capacity change from 0 to 1024 [ 67.828370][ T5241] hfsplus: invalid catalog max_key_len 1536 [ 67.884587][ T5241] hfsplus: failed to load catalog file [ 67.912432][ T29] audit: type=1326 audit(1717293828.332:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5249 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f683687cee9 code=0x0 [ 68.044405][ T5248] sg_write: data in/out 624/1 bytes for SCSI command 0xcb-- guessing data in; [ 68.044405][ T5248] program syz-executor.3 not setting count and/or reply_len properly [ 69.247970][ T5122] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 69.355665][ T5262] loop2: detected capacity change from 0 to 512 [ 69.407301][ T5253] fscrypt (sda1): Missing crypto API support for AES-128-CBC-ESSIV (API name: "essiv(cbc(aes),sha256)") [ 69.458139][ T5253] overlayfs: upper fs does not support tmpfile. [ 69.468169][ T5122] usb 2-1: Using ep0 maxpacket: 32 [ 69.489630][ T5122] usb 2-1: New USB device found, idVendor=0424, idProduct=9530, bcdDevice=cb.35 [ 69.504348][ T5253] fscrypt (sda1): Missing crypto API support for AES-128-CBC-ESSIV (API name: "essiv(cbc(aes),sha256)") [ 69.544829][ T5122] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 69.625916][ T5122] usb 2-1: config 0 descriptor?? [ 69.698834][ T5122] smsc95xx v2.0.0 [ 69.702924][ T5122] smsc95xx 2-1:0.0 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -22 [ 69.746480][ T5122] smsc95xx 2-1:0.0: probe with driver smsc95xx failed with error -22 [ 69.893587][ T5268] fscrypt: AES-128-CBC-ESSIV using implementation "essiv(cbc-aes-aesni,sha256-avx2)" [ 70.403217][ T5309] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 70.449541][ T5309] bond0: (slave macvlan2): Enslaving as an active interface with an up link [ 70.770393][ T5320] netlink: 'syz-executor.2': attribute type 1 has an invalid length. [ 70.936694][ T5162] usb 2-1: USB disconnect, device number 2 [ 71.011067][ T5332] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'. [ 71.061095][ T5332] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 71.105437][ T5332] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 71.170285][ T5332] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 71.228916][ T5332] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 71.644692][ T1245] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.651447][ T1245] ieee802154 phy1 wpan1: encryption failed: -22 [ 71.923790][ T5369] syz-executor.0[5369] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 71.923938][ T5369] syz-executor.0[5369] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 72.582231][ T5387] bridge0: port 1(bridge_slave_0) entered disabled state [ 72.989601][ T5408] Zero length message leads to an empty skb [ 74.221609][ T5461] rtc_cmos 00:00: Alarms can be up to one day in the future [ 74.283514][ T5461] loop0: detected capacity change from 0 to 512 [ 74.397888][ T5461] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 74.410538][ T5461] ext4 filesystem being mounted at /root/syzkaller-testdir489477436/syzkaller.6NTEtc/21/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 74.450814][ T5468] loop3: detected capacity change from 0 to 16 [ 74.486703][ T5468] erofs: (device loop3): mounted with root inode @ nid 36. [ 74.524775][ T5468] erofs: (device loop3): erofs_fill_dentries: bogus dirent @ nid 46 [ 74.594987][ T5120] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 74.880178][ T5481] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 75.515809][ T5505] loop1: detected capacity change from 0 to 512 [ 75.560890][ T5505] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 75.639868][ T0] NOHZ tick-stop error: local softirq work is pending, handler #10!!! [ 75.758781][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 75.767753][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 75.776723][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 75.823359][ T5505] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 75.879696][ T5505] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters [ 75.908243][ T5505] EXT4-fs warning (device loop1): ext4_expand_extra_isize_ea:2856: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 75.939667][ T5505] EXT4-fs (loop1): 1 truncate cleaned up [ 75.950425][ T5505] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 75.971301][ T5505] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 76.097986][ T8] usb 5-1: new full-speed USB device number 2 using dummy_hcd [ 76.298573][ T8] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 76.335737][ T8] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 255, setting to 64 [ 76.369607][ T8] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 76.399723][ T8] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 76.403724][ T5517] loop3: detected capacity change from 0 to 2048 [ 76.419458][ T8] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 76.442678][ T8] usb 5-1: config 0 descriptor?? [ 76.471739][ T5507] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 76.517985][ T5517] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 76.647174][ T5489] loop0: detected capacity change from 0 to 32768 [ 76.734735][ T5489] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 76.770639][ T45] cfg80211: failed to load regulatory.db [ 76.930120][ T8] plantronics 0003:047F:FFFF.0001: No inputs registered, leaving [ 76.977181][ T5489] XFS (loop0): Ending clean mount [ 76.997320][ T8] plantronics 0003:047F:FFFF.0001: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0 [ 77.148855][ T5120] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 78.139030][ C0] plantronics 0003:047F:FFFF.0001: usb_submit_urb(ctrl) failed: -1 [ 78.966876][ T5564] loop4: detected capacity change from 0 to 2048 [ 79.022058][ T932] usb 5-1: USB disconnect, device number 2 [ 79.025006][ T5564] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 1024) [ 79.196200][ T5570] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 79.219680][ T5569] loop2: detected capacity change from 0 to 64 [ 79.442981][ T29] audit: type=1800 audit(1717293839.862:5): pid=5574 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=1948 res=0 errno=0 [ 79.698013][ T1050] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm kworker/u8:6: bg 0: block 234: padding at end of block bitmap is not set [ 79.768023][ T1050] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 285 with error 28 [ 79.811592][ T5579] loop0: detected capacity change from 0 to 4096 [ 79.825061][ T1050] EXT4-fs (loop3): This should not happen!! Data will be lost [ 79.825061][ T1050] [ 79.859268][ T1050] EXT4-fs (loop3): Total free blocks count 0 [ 79.877814][ T1050] EXT4-fs (loop3): Free/Dirty block details [ 79.914977][ T1050] EXT4-fs (loop3): free_blocks=0 [ 79.936837][ T1050] EXT4-fs (loop3): dirty_blocks=288 [ 79.975466][ T1050] EXT4-fs (loop3): Block reservation details [ 79.998393][ T1050] EXT4-fs (loop3): i_reserved_data_blocks=18 [ 80.043789][ T5584] loop4: detected capacity change from 0 to 16 [ 80.073122][ T5584] erofs: (device loop4): mounted with root inode @ nid 36. [ 80.085424][ T5126] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 80.119852][ T5584] erofs: (device loop4): erofs_fill_dentries: bogus dirent @ nid 36 [ 80.374033][ T5587] loop4: detected capacity change from 0 to 512 [ 80.392332][ T5589] loop0: detected capacity change from 0 to 512 [ 80.428893][ T5589] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended [ 80.453744][ T5587] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended [ 80.500368][ T5589] EXT4-fs error (device loop0): ext4_orphan_get:1394: inode #17: comm syz-executor.0: iget: bad i_size value: -6917529027641081756 [ 80.550581][ T5587] EXT4-fs error (device loop4): ext4_orphan_get:1394: inode #17: comm syz-executor.4: iget: bad i_size value: -6917529027641081756 [ 80.565021][ T5589] EXT4-fs error (device loop0): ext4_orphan_get:1399: comm syz-executor.0: couldn't read orphan inode 17 (err -117) [ 80.565034][ T5587] EXT4-fs error (device loop4): ext4_orphan_get:1399: comm syz-executor.4: couldn't read orphan inode 17 (err -117) [ 80.611971][ T5587] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 80.639664][ T5589] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 80.704148][ T5587] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz-executor.4: bg 0: block 65: padding at end of block bitmap is not set [ 80.727335][ T5587] Quota error (device loop4): write_blk: dquota write failed [ 80.747267][ T5587] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota [ 80.758566][ T5120] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 80.758988][ T5576] loop2: detected capacity change from 0 to 32768 [ 80.782867][ T5587] EXT4-fs error (device loop4): ext4_acquire_dquot:6860: comm syz-executor.4: Failed to acquire dquot type 0 [ 80.797361][ T5576] ======================================================= [ 80.797361][ T5576] WARNING: The mand mount option has been deprecated and [ 80.797361][ T5576] and is ignored by this kernel. Remove the mand [ 80.797361][ T5576] option from the mount to silence this warning. [ 80.797361][ T5576] ======================================================= [ 80.903698][ T5114] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 81.020847][ T5576] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 81.261314][ T5576] XFS (loop2): Ending clean mount [ 81.335417][ T5576] XFS (loop2): Quotacheck needed: Please wait. [ 81.404038][ T5576] XFS (loop2): Quotacheck: Done. [ 81.482416][ T5117] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 81.582501][ T5618] loop4: detected capacity change from 0 to 64 [ 81.728257][ T5590] loop3: detected capacity change from 0 to 32768 [ 81.763818][ T5590] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz-executor.3 (5590) [ 81.837818][ T5590] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 81.867347][ T5590] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm [ 81.886510][ T5590] BTRFS info (device loop3): using free-space-tree [ 81.953232][ T5627] loop4: detected capacity change from 0 to 128 [ 81.982086][ T5627] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256 [ 82.047629][ T5627] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 82.094206][ T5624] loop2: detected capacity change from 0 to 2048 [ 82.179697][ T29] audit: type=1800 audit(1717293842.602:6): pid=5627 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="loop4" ino=115 res=0 errno=0 [ 82.203897][ T5624] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 82.451489][ T5126] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 82.497955][ T5643] loop4: detected capacity change from 0 to 2048 [ 82.514198][ T5614] loop1: detected capacity change from 0 to 32768 [ 82.521064][ T5643] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 1024) [ 82.558747][ T5644] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 82.653638][ T5614] BTRFS: device /dev/loop1 (7:1) using temp-fsid 5158843d-9984-41a7-8261-f6673c3b582d [ 82.698075][ T5614] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz-executor.1 (5614) [ 82.750512][ T5614] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 82.796376][ T5614] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm [ 82.823230][ T5614] BTRFS info (device loop1): using free-space-tree [ 82.979950][ T5616] loop0: detected capacity change from 0 to 32768 [ 83.003195][ C0] TCP: request_sock_TCP: Possible SYN flooding on port [::]:2. Sending cookies. [ 83.038871][ T5616] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz-executor.0 (5616) [ 83.116809][ T5616] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 83.128607][ T5662] loop3: detected capacity change from 0 to 128 [ 83.166195][ T5616] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm [ 83.175393][ T5662] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [ 83.185624][ T5616] BTRFS info (device loop0): using free-space-tree [ 83.455754][ T5119] BTRFS info (device loop1): last unmount of filesystem 5158843d-9984-41a7-8261-f6673c3b582d [ 83.698667][ T5120] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 84.356412][ T5695] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 84.667312][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 85.706305][ T5641] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm ext4lazyinit: bg 0: block 234: padding at end of block bitmap is not set [ 86.516177][ T5116] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 86.524930][ T5116] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 86.533013][ T5116] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 86.541621][ T5116] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 86.549378][ T5116] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 86.581361][ T5116] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 86.645660][ T61] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 86.842932][ T5738] netlink: 68 bytes leftover after parsing attributes in process `syz-executor.4'. [ 86.913366][ T61] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 86.927152][ T35] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1840 with error 28 [ 86.977327][ T35] EXT4-fs (loop2): This should not happen!! Data will be lost [ 86.977327][ T35] [ 87.016625][ T35] EXT4-fs (loop2): Total free blocks count 0 [ 87.045623][ T35] EXT4-fs (loop2): Free/Dirty block details [ 87.062627][ T5710] loop3: detected capacity change from 0 to 32768 [ 87.074759][ T35] EXT4-fs (loop2): free_blocks=0 [ 87.099833][ T35] EXT4-fs (loop2): dirty_blocks=1840 [ 87.109421][ T61] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 87.121599][ T35] EXT4-fs (loop2): Block reservation details [ 87.145538][ T35] EXT4-fs (loop2): i_reserved_data_blocks=115 [ 87.174500][ T5710] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 87.365499][ T61] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 87.496529][ T5710] XFS (loop3): Ending clean mount [ 87.504686][ T5117] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 87.589401][ T5710] XFS (loop3): Quotacheck needed: Please wait. [ 87.775227][ T5710] XFS (loop3): Quotacheck: Done. [ 88.081606][ T5126] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 88.125829][ T5731] chnl_net:caif_netlink_parms(): no params data found [ 88.464945][ T61] bridge_slave_1: left allmulticast mode [ 88.538354][ T61] bridge_slave_1: left promiscuous mode [ 88.577803][ T61] bridge0: port 2(bridge_slave_1) entered disabled state [ 88.651441][ T61] bridge_slave_0: left allmulticast mode [ 88.666765][ T5116] Bluetooth: hci3: command tx timeout [ 88.671126][ T61] bridge_slave_0: left promiscuous mode [ 88.707005][ T61] bridge0: port 1(bridge_slave_0) entered disabled state [ 89.189457][ T5789] loop3: detected capacity change from 0 to 2048 [ 89.230228][ T5789] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 89.416230][ T45] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 89.494209][ T61] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 89.526937][ T61] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 89.567920][ T61] bond0 (unregistering): (slave macvlan2): Releasing backup interface [ 89.594748][ T61] bond0 (unregistering): Released all slaves [ 89.618018][ T45] usb 2-1: Using ep0 maxpacket: 8 [ 89.629818][ T45] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 89.654470][ T45] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a5, bcdDevice= 0.40 [ 89.676113][ T45] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 89.690473][ T45] usb 2-1: SerialNumber: syz [ 89.731240][ T45] usb-storage 2-1:1.0: USB Mass Storage device detected [ 89.792640][ T45] usb-storage 2-1:1.0: Quirks match for vid 0525 pid a4a5: 10000 [ 89.803898][ T5801] loop4: detected capacity change from 0 to 512 [ 89.924057][ T5801] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 89.951519][ T45] usb 2-1: USB disconnect, device number 3 [ 89.975096][ T5807] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.2'. [ 90.035192][ T5801] ext4 filesystem being mounted at /root/syzkaller-testdir259440414/syzkaller.LrmKh1/36/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 90.170810][ T5114] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 90.257217][ T5731] bridge0: port 1(bridge_slave_0) entered blocking state [ 90.264384][ T5731] bridge0: port 1(bridge_slave_0) entered disabled state [ 90.308253][ T5731] bridge_slave_0: entered allmulticast mode [ 90.335889][ T5731] bridge_slave_0: entered promiscuous mode [ 90.399783][ T5731] bridge0: port 2(bridge_slave_1) entered blocking state [ 90.423203][ T5731] bridge0: port 2(bridge_slave_1) entered disabled state [ 90.440064][ T5731] bridge_slave_1: entered allmulticast mode [ 90.455857][ T5731] bridge_slave_1: entered promiscuous mode [ 90.659506][ T5822] syz-executor.4[5822] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 90.659649][ T5822] syz-executor.4[5822] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 90.746218][ T5116] Bluetooth: hci3: command tx timeout [ 90.858775][ T5827] loop1: detected capacity change from 0 to 128 [ 90.922167][ T5731] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 91.113975][ T61] hsr_slave_0: left promiscuous mode [ 91.149816][ T61] hsr_slave_1: left promiscuous mode [ 91.294016][ T61] veth1_macvtap: left promiscuous mode [ 91.320631][ T61] veth0_macvtap: left promiscuous mode [ 91.347260][ T61] veth1_vlan: left promiscuous mode [ 91.366514][ T61] veth0_vlan: left promiscuous mode [ 91.406310][ T29] audit: type=1800 audit(1717293851.822:7): pid=5839 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="loop1" ino=1048595 res=0 errno=0 [ 91.531502][ T29] audit: type=1804 audit(1717293851.852:8): pid=5839 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir1640426117/syzkaller.HbhnN4/32/file0/file0" dev="loop1" ino=1048595 res=1 errno=0 [ 91.569273][ T5792] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm ext4lazyinit: bg 0: block 234: padding at end of block bitmap is not set [ 91.682795][ T5813] loop2: detected capacity change from 0 to 32768 [ 91.814402][ T5813] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 91.910084][ T35] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 2048 with error 28 [ 91.999202][ T35] EXT4-fs (loop3): This should not happen!! Data will be lost [ 91.999202][ T35] [ 92.045406][ T35] EXT4-fs (loop3): Total free blocks count 0 [ 92.078551][ T35] EXT4-fs (loop3): Free/Dirty block details [ 92.092915][ T5813] XFS (loop2): Ending clean mount [ 92.097248][ T35] EXT4-fs (loop3): free_blocks=0 [ 92.105521][ T35] EXT4-fs (loop3): dirty_blocks=2640 [ 92.129739][ T5813] XFS (loop2): Quotacheck needed: Please wait. [ 92.131190][ T35] EXT4-fs (loop3): Block reservation details [ 92.176596][ T35] EXT4-fs (loop3): i_reserved_data_blocks=165 [ 92.224855][ T5813] XFS (loop2): Quotacheck: Done. [ 92.355320][ T5117] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 92.361787][ T35] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 2050 with max blocks 587 with error 28 [ 92.836529][ T5116] Bluetooth: hci3: command tx timeout [ 93.040611][ T61] team0 (unregistering): Port device team_slave_1 removed [ 93.100475][ T61] team0 (unregistering): Port device team_slave_0 removed [ 93.246241][ T5173] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 93.468672][ T5173] usb 3-1: config 1 contains an unexpected descriptor of type 0x1, skipping [ 93.492496][ T5173] usb 3-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config [ 93.526162][ T5173] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 93.563014][ T5173] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 93.591003][ T5173] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 93.618987][ T5173] usb 3-1: Product: syz [ 93.632231][ T5173] usb 3-1: Manufacturer: syz [ 93.649670][ T5173] usb 3-1: SerialNumber: syz [ 93.973270][ T5877] loop1: detected capacity change from 0 to 512 [ 94.001647][ T5877] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a842e02d, mo2=0002] [ 94.024010][ T5877] System zones: 1-12 [ 94.051500][ T5877] EXT4-fs error (device loop1): __ext4_iget:4906: inode #11: block 393240: comm syz-executor.1: invalid block [ 94.080626][ T5877] EXT4-fs (loop1): Remounting filesystem read-only [ 94.108340][ T5173] usb 3-1: 0:2 : does not exist [ 94.132365][ T5877] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 94.169844][ T5173] usb 3-1: USB disconnect, device number 2 [ 94.183495][ T5731] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 94.257352][ T5864] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.3'. [ 94.289783][ T5119] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 94.425322][ T5731] team0: Port device team_slave_0 added [ 94.436360][ T932] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 94.454349][ T5731] team0: Port device team_slave_1 added [ 94.545952][ T5890] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.1'. [ 94.612410][ T5731] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 94.630539][ T932] usb 5-1: New USB device found, idVendor=07ca, idProduct=a309, bcdDevice= 9.4f [ 94.632792][ T5731] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 94.674038][ T932] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 94.721428][ T932] usb 5-1: config 0 descriptor?? [ 94.753857][ T932] usb 5-1: dvb_usb_v2: usb_bulk_msg() failed=-22 [ 94.765247][ T5731] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 94.789568][ T932] dvb_usb_af9015 5-1:0.0: probe with driver dvb_usb_af9015 failed with error -22 [ 94.810047][ T5731] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 94.838971][ T5731] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 94.906382][ T5116] Bluetooth: hci3: command tx timeout [ 94.940471][ T5731] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 94.953900][ T932] usb 5-1: USB disconnect, device number 3 [ 95.250765][ T5731] hsr_slave_0: entered promiscuous mode [ 95.276936][ T5731] hsr_slave_1: entered promiscuous mode [ 95.316172][ T5731] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 95.347986][ T5731] Cannot create hsr debugfs directory [ 95.396703][ T5910] loop1: detected capacity change from 0 to 1024 [ 95.497851][ T5910] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869) [ 95.533457][ T5910] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a840e11d, mo2=0002] [ 95.544397][ T5910] System zones: 0-1, 2-3, 4-36, 98-101, 102-102 [ 95.557459][ T5910] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 95.874897][ T5924] xt_policy: too many policy elements [ 95.989879][ T5885] loop3: detected capacity change from 0 to 32768 [ 96.065952][ T5885] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 96.186305][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 96.194803][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 96.251480][ T5941] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.2'. [ 96.261278][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 96.276676][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 96.286363][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 96.298780][ T5885] XFS (loop3): Ending clean mount [ 96.358078][ T5885] XFS (loop3): Quotacheck needed: Please wait. [ 96.461194][ T5885] XFS (loop3): Quotacheck: Done. [ 96.960992][ T5957] xt_policy: too many policy elements [ 96.996794][ T5126] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 97.308030][ T5731] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 97.387070][ T5731] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 97.463465][ T5731] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 97.521146][ T5731] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 97.842958][ T5731] 8021q: adding VLAN 0 to HW filter on device bond0 [ 97.905595][ T5731] 8021q: adding VLAN 0 to HW filter on device team0 [ 97.941802][ T5119] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 97.962257][ T5165] bridge0: port 1(bridge_slave_0) entered blocking state [ 97.969440][ T5165] bridge0: port 1(bridge_slave_0) entered forwarding state [ 98.022312][ T5173] bridge0: port 2(bridge_slave_1) entered blocking state [ 98.029502][ T5173] bridge0: port 2(bridge_slave_1) entered forwarding state [ 98.048673][ T29] audit: type=1804 audit(1717293858.472:9): pid=5972 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir4116547017/syzkaller.CWw8pp/34/bus/bus" dev="overlay" ino=1951 res=1 errno=0 [ 98.188834][ T5976] loop1: detected capacity change from 0 to 2048 [ 98.214060][ T5731] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 98.265641][ T5976] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 98.620972][ T5991] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.3'. [ 98.870304][ T5731] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 99.056611][ T5731] veth0_vlan: entered promiscuous mode [ 99.093941][ T5731] veth1_vlan: entered promiscuous mode [ 99.117567][ T5966] loop4: detected capacity change from 0 to 32768 [ 99.192229][ T5966] bcachefs (/dev/loop4): error reading default superblock: checksum error, type crc32c_nonzero: got 2859f616 should be 29d2fb78 [ 99.210451][ T5731] veth0_macvtap: entered promiscuous mode [ 99.262653][ T5731] veth1_macvtap: entered promiscuous mode [ 99.364105][ T5731] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 99.453690][ T5731] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 99.490843][ T5731] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 99.528321][ T5731] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 99.550289][ T5731] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 99.565563][ T5966] bcachefs (loop4): mounting version 1.7: mi_btree_bitmap opts=compression=lz4,nojournal_transaction_names [ 99.584150][ T5731] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 99.602836][ T5966] bcachefs (loop4): recovering from clean shutdown, journal seq 7 [ 99.616103][ T5731] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 99.657761][ T5966] bcachefs (loop4): Doing compatible version upgrade from 1.7: mi_btree_bitmap to 1.9: disk_accounting_v2 [ 99.657761][ T5966] running recovery passes: check_allocations [ 99.676610][ T5731] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 99.700150][ T5731] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 99.721225][ T5731] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 99.760193][ T5731] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 99.804741][ T5731] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 99.841806][ T5966] bcachefs (loop4): accounting_read... done [ 99.846922][ T5731] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 99.855451][ T5966] bcachefs (loop4): alloc_read... done [ 99.867527][ T5731] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 99.889042][ T5966] bcachefs (loop4): stripes_read... done [ 99.903931][ T5966] bcachefs (loop4): snapshots_read... done [ 99.914709][ T5731] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 99.936094][ T5966] bcachefs (loop4): check_allocations... [ 99.966189][ T5731] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 99.999386][ T5731] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 100.030384][ T5731] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 100.040967][ T5966] ------------[ cut here ]------------ [ 100.046891][ T5966] kernel BUG at fs/bcachefs/buckets.h:96! [ 100.056141][ T5966] Oops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN PTI [ 100.056166][ T5966] CPU: 0 PID: 5966 Comm: syz-executor.4 Not tainted 6.10.0-rc1-next-20240531-syzkaller #0 [ 100.056185][ T5966] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 100.056196][ T5966] RIP: 0010:gc_bucket+0x250/0x260 [ 100.056244][ T5966] Code: 8c e8 34 e1 62 fd e9 29 ff ff ff 89 f9 80 e1 07 fe c1 38 c1 0f 8c 36 ff ff ff e8 9b 71 ec fd e9 2c ff ff ff e8 71 84 86 fd 90 <0f> 0b 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 90 90 90 90 90 90 [ 100.056260][ T5966] RSP: 0018:ffffc9000d39e208 EFLAGS: 00010246 [ 100.056276][ T5966] RAX: ffffffff840ff77f RBX: 000000000001007c RCX: 0000000000040000 [ 100.056289][ T5966] RDX: ffffc90009931000 RSI: 000000000003ffff RDI: 0000000000040000 [ 100.056301][ T5966] RBP: ffff88802d93c000 R08: ffffffff840ff6e1 R09: 0000000000000000 [ 100.056314][ T5966] R10: ffffc9000d39efd0 R11: fffff52001a73dfc R12: ffff88807aab3130 [ 100.056327][ T5966] R13: ffff88807aab3118 R14: 000000000001007c R15: 0000000000000080 [ 100.056339][ T5966] FS: 00007f4a4890e6c0(0000) GS:ffff8880b9400000(0000) knlGS:0000000000000000 [ 100.056358][ T5966] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 100.056371][ T5966] CR2: 0000000020349000 CR3: 0000000074a52000 CR4: 00000000003506f0 [ 100.056387][ T5966] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 100.056397][ T5966] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 100.056408][ T5966] Call Trace: [ 100.056419][ T5966] [ 100.056426][ T5966] ? __die_body+0x88/0xe0 [ 100.056454][ T5966] ? die+0xcf/0x110 [ 100.056480][ T5966] ? do_trap+0x15a/0x3a0 [ 100.056503][ T5966] ? gc_bucket+0x250/0x260 [ 100.056527][ T5966] ? do_error_trap+0x1dc/0x2c0 [ 100.056548][ T5966] ? gc_bucket+0x250/0x260 [ 100.056573][ T5966] ? __pfx_do_error_trap+0x10/0x10 [ 100.056595][ T5966] ? report_bug+0x3e8/0x500 [ 100.056624][ T5966] ? handle_invalid_op+0x34/0x40 [ 100.056651][ T5966] ? gc_bucket+0x250/0x260 [ 100.056673][ T5966] ? exc_invalid_op+0x38/0x50 [ 100.056694][ T5966] ? asm_exc_invalid_op+0x1a/0x20 [ 100.056716][ T5966] ? gc_bucket+0x1b1/0x260 [ 100.056735][ T5966] ? gc_bucket+0x24f/0x260 [ 100.056756][ T5966] ? gc_bucket+0x250/0x260 2024/06/02 02:04:20 SYZFATAL: failed to recv *flatrpc.HostMessageRaw: EOF [ 100.056775][ T5966] ? gc_bucket+0x24f/0x260 [ 100.056796][ T5966] bch2_check_allocations+0xc63/0xb9d0 [ 100.056819][ T5966] ? bch2_check_allocations+0x67e/0xb9d0 [ 100.056847][ T5966] ? bch2_btree_node_iter_init+0x36bb/0x4280 [ 100.056871][ T5966] ? validate_chain+0x11e/0x5920 [ 100.056898][ T5966] ? bch2_btree_path_verify_level+0x369/0x1950 [ 100.056917][ T5966] ? __bch2_journal_key_search+0x9c2/0x10e0 [ 100.056941][ T5966] ? __bch2_btree_node_iter_advance+0x577/0xaa0 [ 100.056962][ T5966] ? validate_chain+0x11e/0x5920 [ 100.056983][ T5966] ? __pfx_validate_chain+0x10/0x10 [ 100.057005][ T5966] ? __pfx___bch2_journal_key_search+0x10/0x10 [ 100.057029][ T5966] ? bch2_btree_node_iter_advance+0x3c8/0xc70 [ 100.057049][ T5966] ? desc_read+0x200/0x3f0 [ 100.057070][ T5966] ? __pfx_bch2_check_allocations+0x10/0x10 [ 100.057093][ T5966] ? desc_read+0x1a2/0x3f0 [ 100.057117][ T5966] ? prb_first_seq+0x131/0x210 [ 100.057140][ T5966] ? __pfx_prb_first_seq+0x10/0x10 [ 100.057168][ T5966] ? this_cpu_in_panic+0x4f/0x80 [ 100.057188][ T5966] ? _prb_read_valid+0xa39/0xac0 [ 100.057210][ T5966] ? validate_chain+0x11e/0x5920 [ 100.057237][ T5966] ? __pfx__prb_read_valid+0x10/0x10 [ 100.057258][ T5966] ? data_push_tail+0x716/0x730 [ 100.057286][ T5966] ? __pfx_validate_chain+0x10/0x10 [ 100.057313][ T5966] ? prb_read_valid+0xa9/0xf0 [ 100.057333][ T5966] ? __lock_acquire+0x1359/0x2000 [ 100.057354][ T5966] ? __pfx_prb_read_valid+0x10/0x10 [ 100.057376][ T5966] ? desc_read+0x200/0x3f0 [ 100.057398][ T5966] ? desc_read+0x1a2/0x3f0 [ 100.057422][ T5966] ? prb_first_seq+0x131/0x210 [ 100.057444][ T5966] ? __pfx_prb_first_seq+0x10/0x10 [ 100.057473][ T5966] ? this_cpu_in_panic+0x4f/0x80 [ 100.057495][ T5966] ? _prb_read_valid+0xa39/0xac0 [ 100.057522][ T5966] ? __pfx__prb_read_valid+0x10/0x10 [ 100.057549][ T5966] ? mark_lock+0x9a/0x360 [ 100.057570][ T5966] ? prb_read_valid+0xa9/0xf0 [ 100.057589][ T5966] ? __pfx_prb_read_valid+0x10/0x10 [ 100.057610][ T5966] ? console_unlock+0x239/0x4d0 [ 100.057633][ T5966] ? console_unlock+0x447/0x4d0 [ 100.057666][ T5966] ? __pfx_console_unlock+0x10/0x10 [ 100.057688][ T5966] ? __bch2_print+0x17a/0x220 [ 100.057712][ T5966] ? __bch2_print+0x17a/0x220 [ 100.057736][ T5966] ? __pfx___down_trylock_console_sem+0x10/0x10 [ 100.057764][ T5966] ? irq_work_queue+0xd1/0x150 [ 100.057784][ T5966] ? __wake_up_klogd+0x112/0x140 [ 100.057799][ T5966] ? vprintk_emit+0x7ce/0x900 [ 100.057831][ T5966] ? bch2_check_allocations+0x67e/0xb9d0 [ 100.057856][ T5966] ? __bch2_print+0x17a/0x220 [ 100.057882][ T5966] ? __pfx___bch2_print+0x10/0x10 [ 100.057913][ T5966] bch2_run_recovery_pass+0xf0/0x1e0 [ 100.057937][ T5966] bch2_run_recovery_passes+0x19e/0x820 [ 100.057967][ T5966] bch2_fs_recovery+0x238b/0x3730 [ 100.057996][ T5966] ? __pfx_bch2_fs_recovery+0x10/0x10 [ 100.058031][ T5966] ? __pfx_lock_release+0x10/0x10 [ 100.058050][ T5966] ? bch2_get_next_online_dev+0x2b/0x4f0 [ 100.058069][ T5966] ? __pfx_lock_release+0x10/0x10 [ 100.058095][ T5966] ? bch2_get_next_online_dev+0x2b/0x4f0 [ 100.058113][ T5966] ? bch2_get_next_online_dev+0x4b9/0x4f0 [ 100.058130][ T5966] ? bch2_get_next_online_dev+0x2b/0x4f0 [ 100.058150][ T5966] ? llist_reverse_order+0x72/0x90 [ 100.058177][ T5966] bch2_fs_start+0x356/0x5b0 [ 100.058198][ T5966] bch2_fs_open+0xa8d/0xdf0 [ 100.058230][ T5966] ? __pfx_bch2_fs_open+0x10/0x10 [ 100.058258][ T5966] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 100.058289][ T5966] ? __pfx_bch2_test_super+0x10/0x10 [ 100.058312][ T5966] ? sget+0x2b8/0x620 [ 100.058335][ T5966] ? __pfx_bch2_noset_super+0x10/0x10 [ 100.058358][ T5966] bch2_fs_get_tree+0x75e/0x14d0 [ 100.058388][ T5966] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 100.058416][ T5966] ? __pfx_bch2_fs_get_tree+0x10/0x10 [ 100.058463][ T5966] ? __pfx_generic_parse_monolithic+0x10/0x10 [ 100.058491][ T5966] ? apparmor_capable+0x138/0x1b0 [ 100.058513][ T5966] ? bpf_lsm_capable+0x9/0x10 [ 100.058541][ T5966] vfs_get_tree+0x90/0x2a0 [ 100.058567][ T5966] do_new_mount+0x2be/0xb40 [ 100.058594][ T5966] ? __pfx_do_new_mount+0x10/0x10 [ 100.058623][ T5966] __se_sys_mount+0x2d9/0x3c0 [ 100.058657][ T5966] ? __pfx___se_sys_mount+0x10/0x10 [ 100.058683][ T5966] ? exc_page_fault+0x590/0x8c0 [ 100.058704][ T5966] ? __x64_sys_mount+0x20/0xc0 [ 100.058730][ T5966] do_syscall_64+0xf3/0x230 [ 100.058752][ T5966] ? clear_bhb_loop+0x35/0x90 [ 100.058777][ T5966] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 100.058798][ T5966] RIP: 0033:0x7f4a47c7e5ea [ 100.058821][ T5966] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 09 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 100.058836][ T5966] RSP: 002b:00007f4a4890def8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 100.058855][ T5966] RAX: ffffffffffffffda RBX: 00007f4a4890df80 RCX: 00007f4a47c7e5ea [ 100.058868][ T5966] RDX: 0000000020005d80 RSI: 0000000020005dc0 RDI: 00007f4a4890df40 [ 100.058881][ T5966] RBP: 0000000020005d80 R08: 00007f4a4890df80 R09: 0000000000000480 [ 100.058894][ T5966] R10: 0000000000000480 R11: 0000000000000206 R12: 0000000020005dc0 [ 100.058905][ T5966] R13: 00007f4a4890df40 R14: 0000000000005e05 R15: 0000000020000040 [ 100.058925][ T5966] [ 100.058932][ T5966] Modules linked in: [ 100.058990][ T5966] ---[ end trace 0000000000000000 ]--- [ 100.204369][ T5731] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.396181][ T5966] RIP: 0010:gc_bucket+0x250/0x260 [ 100.507662][ T5731] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.658884][ T5966] Code: 8c e8 34 e1 62 fd e9 29 ff ff ff 89 f9 80 e1 07 fe c1 38 c1 0f 8c 36 ff ff ff e8 9b 71 ec fd e9 2c ff ff ff e8 71 84 86 fd 90 <0f> 0b 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 90 90 90 90 90 90 [ 100.842373][ T5966] RSP: 0018:ffffc9000d39e208 EFLAGS: 00010246 [ 100.849781][ T5966] RAX: ffffffff840ff77f RBX: 000000000001007c RCX: 0000000000040000 [ 100.858093][ T5966] RDX: ffffc90009931000 RSI: 000000000003ffff RDI: 0000000000040000 [ 100.866353][ T5966] RBP: ffff88802d93c000 R08: ffffffff840ff6e1 R09: 0000000000000000 [ 100.874341][ T5966] R10: ffffc9000d39efd0 R11: fffff52001a73dfc R12: ffff88807aab3130 [ 100.882539][ T5966] R13: ffff88807aab3118 R14: 000000000001007c R15: 0000000000000080 [ 100.890723][ T5966] FS: 00007f4a4890e6c0(0000) GS:ffff8880b9400000(0000) knlGS:0000000000000000 [ 100.899879][ T5731] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.900242][ T5966] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 100.915449][ T5966] CR2: 00005562cfa3f950 CR3: 0000000074a52000 CR4: 00000000003506f0 [ 100.923886][ T5966] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 100.932394][ T5966] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 100.937582][ T5731] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.940718][ T5966] Kernel panic - not syncing: Fatal exception [ 100.949229][ T5966] Kernel Offset: disabled