last executing test programs:

13.890852343s ago: executing program 3 (id=3458):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000003c0), 0x1c1341, 0x0)
sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000000)=ANY=[@ANYBLOB="34010000", @ANYRES16, @ANYBLOB="0120006b522c0604e0"], 0x134}}, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b"], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
writev(r0, &(0x7f00000001c0)=[{&(0x7f0000000000)="89e7ee2c7cdad9b4b47380c988ca", 0x140}], 0x1)

13.659274754s ago: executing program 2 (id=3462):
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x25dfdbfe, {0x0, 0x0, 0x0, r2, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0x10}}, [@qdisc_kind_options=@q_prio={{0x9}, {0x18, 0x2, {0x9}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x40480c0}, 0x20040084)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
r5 = openat$tun(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
close(r5)
socket$packet(0x11, 0x3, 0x300)
ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r6 = socket$kcm(0x11, 0x3, 0x0)
r7 = socket(0x400000000010, 0x3, 0x0)
r8 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r9=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000f80)=@newtfilter={0x38, 0x2c, 0xd27, 0x30bd29, 0x25dfdc00, {0x0, 0x0, 0x0, r9, {0x5, 0x4}, {}, {0x8}}, [@filter_kind_options=@f_matchall={{0xd}, {0x4}}]}, 0x38}, 0x1, 0x0, 0x0, 0x10}, 0x0)
setsockopt$sock_attach_bpf(r6, 0x107, 0xf, &(0x7f0000000600), 0x56)
sendmsg$kcm(r6, &(0x7f00000000c0)={&(0x7f0000000500)=@xdp={0x2c, 0x0, r4, 0xc}, 0x80, &(0x7f00000006c0)=[{&(0x7f0000000180)="27030200590214000600002fb96dbcf706e10500000086ddffff1144ee163cd4b8bf", 0x22}, {&(0x7f0000000c00)="4307ed2e", 0x4}], 0x2}, 0x4)

9.597539963s ago: executing program 2 (id=3465):
syz_mount_image$ocfs2(&(0x7f0000004740), &(0x7f0000004780)='./file0\x00', 0x100000a, &(0x7f00000002c0)={[{@journal_async_commit}, {@heartbeat_none}, {@usrquota}, {@barrier={'barrier', 0x3d, 0x7}}, {@heartbeat_none}, {@inode64}]}, 0x1, 0x4703, &(0x7f0000004800)="$eJzs212IXFcBB/BzJ6vZpMl2P9ImafoxSQQXLcumT9X6ENeqjabNh7bVVFlnN9vN6uzMujujBYPUIIiCoARBxQ+qQulLLYiBvtQiFPxAWoVSUbS+iBSq4INBG+jKzNybnXtntneyk7S0/f2gnb3n3nPumf3vPXfOPZNCrHZqYaW4sFIsVYrV2ftXbil+rlquL86FwqvktT4/vbkSOcn+tXPkfR/4yD23hPCHY1/70Orq6mpoGA5dHWj7+fy/T8+2vyYKmTqNdru31vLH+iMv/fwtr3REnhMhhB0d/WrYFEL42C9C2BxCGInLRuPXLSGEbSGEKITw6G/+9ePBfrrQ5uy9Lzx37MzhfWemHn/smQvzR9c9MArhu+XdN88vvrh/023Pv+MynR4AAF7RB48fufvo5IHwZBSGzg10fl7fGb8mn4/vfNun7np4YG3/Kr3Z9CqGCgAAABlr8//h6OUu63XJylqyJPjEAyfufipa229i+/p26K4jt79/8kC8/ht17L81Lvrnezc111Cz677Z9d+RTP3u679r53n4q8/+svLWjfc/6V9y3uEQFSZS24XCxEQIx6Za27uirYVydaX2zvur9crJjZ/3jSKdf3b1fm1Bv9f8RzPV89b/d3/i8z/bMtDPOxgL2b/axnax80+ZLtL5rz+W/+RLUU/5j2Xq5eV/x9Pbz/9qcz/vIHtGLkU6/9aFuK/9gGJrAGjk/82B/Px3ZNrPy//7U+cePbGB7/80xpnhqNHXwdQI8HJcvs5XmMhI598KIjV0xr/I9a7//2XyvybTfl7+d1b/8bu/9XH/X2/8H5/qp803j3T+rSCKqSPWrv+RQv71f22m/bz8f3vqz89+sq97dWf+jf6Pu//3JJ1/fCNOD57N32Sv4//OTPt5+e8au++hhQ30+8Nb4n4ORWGs7Vun5xq3sKG19ermlKaxe2kDJ3kTSOff+q2lLp2h1kvz+h/OH/93ZdrPy/+hPV9/z+m+vv/bffyfNP73JJ3/lmbZpeT/Uib/3Zn28/L/4em//+W+yzz+N7YPyr8n6fy3duxfe/5T6Gn+d12mft7zn32jTz3y1z7m/0n/kvMmz3+S5xDjUev5D92l879q3eN6vf/vydTLu/6/9Z/nn97fz/gfDXoC0Id0/ttahV0mgL3mf32m/bz8v3DPlz/+pw3M/5qf+AaT/Nvm/5tb5UeN/z1J57+9VZj6x1APNv/fvP9Hnbn/N5P/DZn28/K/cGhi4CuX+f7f6P94l0fZdErnP7TucY38f9/D/f/GTL28/L+496cv3tzX5/8QJs31Nyyd/9XrHte8/gfz878pUy8v/+9849dPPNhH/9/eR12y+bfu9anLKf5s3uv8v5hpPy//H42fP7v/Csz/bnX/70k6/9aq+aXkn53/7820n5f/9478YHngCjz/uUP+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGzIavw6HqDCR2i4UJiZCGIu3d4Wt0Uzp5PRMuTr7mZUQdsTlxTAazZerM6Xy9EKlenJuulQuV2dDuCbevyMMRivlam16sbR07cW2tkSn5krLtZm5Ui2EsDMuvz5sT9qaWagtlpaaxyZ1ropKn61Xa6WJ+srccth9sXxbUj6/XK0vXXexrasL1eWlU6XK9MmF5XdPTk5Ohj0X+zwSzT1Qm6vUWr1t7W3USeoOR21vprn7hrbzfbpaX66Uys3yG9vqlKuzpXJbnZvazldbrldmS7W56XJ1Pjlfsa1u23tr7t4b7xsPI6n3l9TNOhi/3n7o+EePHz7Qsb8YpfOu1BfnJrd3/5sAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4I3rydve9e0QwkBrqxBCOJj8EMX/pZy994Xnjp05vO/M1OOPPXNh/mi3YwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4PztwIAAAAAAA5P/aCFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVXYuZ+XKro4DsBnxve+FkgpbYRcBoaI6E7Cgn4RSeU1smWb1kGtEjIoCgwjWhYEQVC7qCBoFVT+BVELl62qTS1aGERQMTqTlzvCDS90zHkeGM4Mc++ZLwzcO3M+hwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALB+nN2x2JW1l3ZtXtq6+0PozM/9H0IYTZb3P+/tCD0hhK9fZk6HVdpCT1P/bybnxstXTX7v7R9/eH00WXv9xXeL63aHJB1qON6ZpOnQ0Nr736juDD6bHkxCSGMXQhQLY0/O1EIIHbELIYqfH+cvZr/v/8UuhCj6P9ztyu5/LXYhRLF196e+Wv6MR/Wcr18YbPzvb/UI3sYjOuvQ25NX3qVuauW9zN//k3zzPlgNsyeOvH8euwiimZ2bOhq7BgAA4O861yL/D1uW9+9fTkJPdzn3/9aU//c29b96/r/i3vYbYzNthRDbSmOT2fHwvnb63PhODVy9/bpmvKeq5P/VJv+vNvl/tcn/q03+X23yfzKv5P+V9PjmnsUXsYsgGvk/AABUz6HjE1P14ZHs5X/Tj85yXt+Xt/U8T39wa3rgUcO4kfzw33b42MSBg8Mj+X0vDwiurP+QLp39ns/3aG4Lk03zLlqt/9D7dGH+Wmf5E/U/nL9R1Fdc1/oPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAvdueehkEwCsPod1sRtdGqaMLCT4IPNDAiACnMaEAHEwZgIAQUMJBzlnuTZ3kBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA5/tXeV18f2mM9Foj0lR22bV/jqfZz9y3w/I+e9y4FQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADZ24EAGAAAAQJi/dR7tBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4KkAAAD//8Oayzs=")
open(&(0x7f0000000140)='./file1\x00', 0x64042, 0x178)
truncate(&(0x7f0000000280)='./file1\x00', 0x1bf8)
openat(0xffffffffffffff9c, &(0x7f0000000400)='./file1\x00', 0x143142, 0x40)

9.590462403s ago: executing program 3 (id=3466):
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000780)={0xffffffffffffffff, 0x0, 0x0}, 0x10)
sendmsg$ETHTOOL_MSG_EEE_GET(0xffffffffffffffff, &(0x7f00000013c0)={0x0, 0x0, &(0x7f0000001380)={&(0x7f0000001400)={0x14, 0x0, 0x200, 0x70bd28, 0x8}, 0x14}, 0x1, 0x0, 0x0, 0x4000}, 0x40448a0)
sendmmsg$sock(0xffffffffffffffff, &(0x7f0000002480)=[{{0x0, 0x0, &(0x7f0000001780)=[{&(0x7f0000000340)="8224aca5f41b9e0ec5e7a706c919e7c0e343f0cd0a779c17e7f992396b09252009d2d12e9475a57ec39f71417044cf4151af34ac1dfd5d87cdd80bc4c24478821f64d4d971bbc1fc7bdd181a839344917165bb9cd0fa568aac55d8e38ee30fd3a9bc63e2656b6941c812e6ea0692ec276deb2b7b817906cf8c5429a42164e8bb521e216e554d509a0fd0d86729b5f4", 0x8f}, {&(0x7f00000005c0)="f2", 0x1}], 0x2}}], 0x1, 0x0)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000f80)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000b40)=ANY=[@ANYBLOB="14000000000000002900000034000000040000000000000014000000000000002900000034000000fdffffff0000000000010000000000002900000004000000041c000000000000fe72f4a4a3142ee1e12b9826287997a6b33d89f3d60da1641d9fe3896c3c1b6c130ef4f01be8f5836d417874540898619050b14420ab124b11de36afb16ef4fc00f3f4e4fa0e647cd1b07b068d3894180b6aa7527a4a8252f6836a0d67a7782c675a838ea989e567e4774de1f52d188e0b0888c5801409e12e5f0b6bdcf72f2ec7008a15fa88b025e0ad0738000000010c7a0180050000000000000009000000000000000400000000000000060000000000000000040000000000000b0000000000000005020a7e00010005020bf4c910fc0200000000000000000000780e000000000000000000140000000000000029000000340000000000000000000000700100000000000029000000360000005e2a000000000000ff4150d650847249ad288702ebd0d654b985e8908defb7ec6c5ff115c58e128b9e3a21c34b45ef9de99984e143ca7c3509a971b2ec429ee1edc0bb903fe94b32c28f70000100000100010800000000000000000708000000030000ff0f07100000000002070600ff7f00000000000008c6c8a110995d439fbfac9716a99c357bcb2d59a850490739734f6b321d19b3754df39cc2dc26cf263cbebbddb9a7f17b6771f74c46623f9e38bd23e6f0a2fd3a9a017f66738394aca44d1a9f0b35d9df0a964360ab0900a5e6fcac1cd41c91c97f6826ff706c41edc4e00205bbb53218ed58a1122d993b55a1b9a870a17e7869e3fc704b388202add651f628963a90fea5d8196d5e0373fd"], 0x340}}, {{0x0, 0x0, &(0x7f0000000f00)=[{&(0x7f0000000500)='q', 0x1}, {&(0x7f0000000600)="58b327f21946add0e0c31b173119ac7b4ceda64bbfbc8159462a8686f4303aeee1d7c9b54c4bd660fe192582950eb09a8bae632fb4e7313e3828773c09fec9b010373ca7be0ccc91233fffcfe03f287a50f2b4a970278097aed06e61a0f2da47b0bd02fcb45bf35e78", 0x69}, {&(0x7f00000006c0)="138b9f8300af1d79", 0x8}, {&(0x7f0000000700)="e59c889c8be9e17c21882a76c6907239d44f6a0efb65359c6a8e5e", 0x1b}, {&(0x7f0000000e80)="0e9129a2bae0d093a9c5091f0926391174e5aff7420b47b0cf1a8bbd7bb239460a6b26eb4f86fa48acdf54294bee3567a8ff0ed4f912a1aa059d62286db3e045dc", 0x41}], 0x5}}], 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3be", 0x6)
r3 = accept4(r2, 0x0, 0x0, 0x800)
sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xff31}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f00000000c0)="650f340f3566b842000f00d8b805000000b9a00000000f01c13e0f070fde460b0f0130670f01c2f2360f217a0f07", 0x2e}], 0x1, 0x11, 0x0, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000b00)=[{&(0x7f0000001880)="ea7c5828b87d70214008724bcae1ce6577c01031b19698ecb8a7f5183947918ce2cc9dc778dbfff9e28e1a6df7d8f95c3e45768a6786d6325bc0fe4ed394c8ed0edcbb9f917074251a7f5b6b24c52516a68f181592262dfd12b5af7386658c5fb6c36d86d5084624a302a155c0463b6c36e9fc88338b0f66e2713728a21d19d9a33da93d419df63d8a87fa100381ec74de8b7409f4977d3cd7a9f2fb03cec91c4277b39b2c9f227a9b74926a11960d085e2aaf98673d2a67fa95b8d9dcc72ca6181f6b9b2d1c402267e6cfef5599e1520077d9bc472fb5a5db42b1befd498ec7b8d519b12f065323b15280a2540bc7a4ffe508fc12f93707064caf4111e893142f9867b432b1e6258caa2ae081b8b646c25de7f5366a21f9dd257b84546cd316e17b79d22c4bcaf70e8a96d1e502b53c581c75482d1d63f0d5f3fb5bdbb714583f0798e0c4d6c9d99513e91a68a26612053290f15f5a2e06acfa229356e37b4d57697224e9561c0430a67fcb5dea72acc91e60751a5b07eb603548a646f082ce213347b4ee908bd95cc56775330aa09d4f19f48a8cb5d7f6346d82bab8ff019309684bd01eb4d90febe2269cd2a1100130c242a2995ce38638a3bbc9008ac0e820a1e0b9a9511af47aa7f3e30a69589985423f3b4ea98152433bf1aa53a0981f783f11c4cc50f70fe63b2043b74b9cb7da59caedadc1fa1f662831a353969893d4f93b919cda52a1ce2200a0a7895abb293c29d6d197cce98a4df8fc90c582014742a00b4bd09f1fcc5ff5753320d2b5593e657c0fb87a4cfa323ce59111eea806a6e020fb0c4fdd601087811e33e793975b5e9e936c16d243bdea757e0ee4508f5d5b496ed07b6f0f1f46ed752448f30d679b23ba8142d4ab25beb913ee77547866e5d9501a55e9797ba3407f3f4cc11398bdaf3ac4c2e79a5b133a09fcf8ae790bb985fa01daf2758fd8a77fde15a822227dddf64bb2ebc49a56ad025e01c6c59e4818abdf808789d9f87c103cf7f7d21d2a1345b9b7fd66b1cf96002343fbd62f8080d945e70bd93d4bf42b401477abed49065b4a8ccfb9d93724118168de2e8df4f78ccf3b9593f993423a619ef6bd8392a2cfc6424d3687fcdc67d33073db95d856f312b934d05a3c4e967217837920fee73b00757b617d1ef3bfc2e88a8a72f0948263db2c9e7bd491f059b6ee8d0ea3f2193314562910529869b248172bfe0f914f7a91a27c6e9e6c2e3455a7ae765392b48fc959958aa39a5a483b2a6e873ac76f8579515e42f7a3bbc82bcf71edaf12f7b40a2adc74d67ef793988cc8ac788185049e57fb84757bdc700ffde10afc19df290787ed98222f8afb2b6d11944666331350e2914466b398750acae526146373b2cbe1bdd1803e6c920a182a1ad118a3d09313c2ce2703a0a1c09215cab90c35b03b1c795cf704f42dd31ddff6be67bb355977b2e07609c5228299a170308e54705674384fc294cdfa4abf989d3c3bf3eabbbcf52a6a0646bf6db5b61ad027007464fd6fc10490ee2e9190c28ae5cb3733105cb782c0d53e5c79c3e455609d557d824154d01e282788ec8ae7c8a03fcd6cd4e37829b0f921c46d715454d5e1281c641cf0756a2f31b0369ce94e819e6254af95b88bffd7bb2cfe9469d303497fead174839b2789b5aa703176510eab1f46916b3b63f6f5b2df262fe7274a0cee9bd6e115e5f9f48ac1c09e5b3c546ae95b9916a633869854d3ee39d4acb800e876e7fc084ffd79a20fca8331caff657ec89b445c6012ff7eb9531eb1e8c90cdc66b82d6fd608310099503a9dcf50b40d10a3b1ab520477e20ad5f6405cd4b5b36d201e12088d7868c6e94737ea88db6ed5f7df4d31cbd2d0c4f21cdcc3b181f5aae7216dc4c06b2989bb44e5369ba96ce87f3e3abbb530d103a53d7e0b914115c302c935eea7d256a73aa851d84dec6d9112163be8135889c67fa90e796a6f050fba0a6a740618cd513748072daac9f3e25034772cc400a14834afbde835bc9fd7cf1113d67ebe99a3b78907596886ad5a1670ef572c18e26c98fe40194428de339cba7b8efc5fa7faf7512ef6b89a877f3e534fb4512729df686e14aece08fab3b42ea14acde0e18ffe5dc00e74288661c7463e00f3b942cddf3b71e1dcf71989f378b933df099316451cca296a4e117bbeb3b1e552e5a10f9731449ae830de14989049ce818f720e77e78a86c307c80450b26278bc25ee7390ce6d4c4dfc8d39b6b4b1ce6f3865dbdd1d37aedb555288bea9ef95c8600dea1cd10e9e42d15aa804f99a31bfaa5ea52185333d734c766e3bb4a9abf86cf4d840dc188167a25cc3054b65fd7ce053d38518474ab55e59c1ccaf34d57b4cd73b07ed63d754ab3d57dfc0f67bbdb22e33d9f63aa2b36cf0af338794d4acbd1b13669bde67f7bd032f9c6b400e8054a0cff77fc6e0591195b21715e42c881e23156b4ba504d7e1b6eb9c2ec9b9e382d85f7c52bd964d305da9496dbaa022880ddf236730c458f31258d64ae2668aa863b3fe558c7f8cfb3dabf42edcaf2891e9b9462c44153658eae85cd499abd9dca762adf26d9904d28b772b3fc3d066d56261474c944387ac7eb00059025ff25e34b8f7c2986db1ccc4297e1315c3ceeef1b8f98e0500bbb8bb0ab52d80f8c6c8fa5d24b9a05f5350e2fd59af4b9fa9a2b4339b61e208f227ba968d4dbd36246133de2078c6a15dd57754a3537c31d04da545f062dbf9cbaa0840e23974f441a4d5937fec23ff81c193bd951a7bacac8eb6d4705702cbe3c930f27869753ba6026455bbb7742c53644f1646d7545467091a207905f831505f214fbd818aea4455705b5e727850cdcac40620135b8dba85cb0c0f393af252ec082cba5c43385fbc2cc5682bc1994b064e29c8c5a20e7e6d15fbb13e6fd1a86b2fda666fbcd80fd08be00a7423fcafbdd8283bac88ead203bc10d1c1a13ca2fe853fa6cc8991b0476561be085b086b0d0e45f73e59f519342c13f368a37464cb55b8a13846f4cd610536d5c4b8704fcd347abe6712d3de67d7918e6954898f31647a8ea37ecc2e1bb02b1b26e7a60fbb2b0a48efc5795c12d5c4ac8dc4149dea0f2e085422ec69352882622711b74e1e32c7ead2cf3c554e8ff1648e8b66d0dc6997b6304b3b560a33d75aa49476175a386ca721156ea79bdba432d439dbceb0285561abd5d134badd9f38c04fae8fa920edfff15705371c907848c14acdfb0b22a4c7168e1840e8b8a50349dcee5f429b3cb34e30f0f67acf93604792b8574f36ea9409d422621f3c0c7b781fc8e23d1d46f04a9b44f633e5f72cb079fbde66a9745705666c6dab6238628e57ee6cffa8cfad616dac1abe2789c9efccb4fc7e65e490d9a4e49e7ce72a6980e72f70a17649e67de86f86b61a4b6219daefc939b5904e5712ecaf85c98484fc02585b1aa990b95173e4a2907cf877af696e528e6b2b634a4fb7d791cacc8644fa76e062148d411e18f0da5aed22116828cd700a28e8f46bca950550acb4ab05eddeb6b2dac24702cff4de0a3ece393cac879ed2f0c5b9645839cfdb79fb1df87596b14504cba9dddda51edaffcd0214b91b5898ea022774e699aa0caf0f646cc0cb8e8fc8b8be43c23aa7f6bd29fd0615c0b78f3514a52989d7f35ad08a4bd473e61da6657cc2e85d3b2b7d3fb51174a96f27038ddbc87a35e09a668e436aa40146c6a26dca87b39220f139b772719d80aadb752c622bf09acd6846838fb48a8817ba4aa72eaa32e82251b3789969d8518f9aa07cdcb9a355f73f119725c086168aaca262f13cd742e5f06c969a462638a557e15a4f5d43e3242c08f23b00d2b8d57c60d3636abd4068ec03a4be3429b95e41351ab5c58812e552df90c3e6c9d8779aa484e74f073ea9fcdce13b1dff8e7c101b2c6865c5cefe108e3559f520e2bc42c9dc39b57fddb44ca49f2689e10c1381c0740d20cbca46da475c62f513cb08398a5fd5d4f6b13ce839fe149df0d291a8f7267fe90a7e1845dace17cd927c2d1aeffbdc36bb983172ceff025e84b0419645fcc72897b992f5081c78756122391947f08ccd20806cfc2bded705b472fc52e84734e016cbd309aadebbbb4e8bdfed77b1e0b15ce0904838d9e4d64643df66f0353c377e554b428dc0f31189a134cdb8e66d2755e84c2b2409c3d63a81f5f05616baf6a243b09153a4f8289e15a5a4ffb007b0cbeffde25391bb2acd86b453e245643c0fa1dfe5d42e0e3f1c592a00b77f0133adf7989c6c2bf3ddc0b8a2b14f35d33f62f4ee2fc56166372058e997b9abe6bad8aa718f8d87ad095e8f354aaef540840437b5451771266a8358ed75954db52b38bca4a1c8696dca1de03b12627254409f8bb68c94eeaa1a8bcf894482b96e81b9ff5c2383a907537a191aff0bb5b5418ef5670cecca1cfbd41b61879b11a5a5053cd86cf5d61f8c2f7d7ad2034a1801b3b92a79ac3b4343c680008b1ba10577a35173cac6d4dbc1d00e436f238b57093b34d4ea19c225b84a2d6086cc6cf72595b980c88142d268bbf9c8375a93afe75c3583b3b9687368d78147985d209e6d89c335e948c51696a948f01ad062dcf84a99584466e24646b2e441fefb10ef962432f2925d6d98e790acf4ca7d9339a589a537aa3392ec79f34a6544144072ab8248e45ac560a78c70c5afcbf10909299dfcd67981c88780c1340c951e115ffec56d23b9ead6a55024e199238f4b133e3e1e0e84318b5037a3947ae09749c25c7e4887936ecf0ba9a807dfa471ea1f3350b70feb58dc9e2836365ce4db456a341e43410cac1253fe08e79c21fca932716f4c171fc957cb325737b70532d81f0eb2f0a16478c0d934165728f7b29a8a0ff6bc964e99dea26d3efd28336b00c112a26da7a2ea1c21a9688cc3a68293958edf27ae89e5f9b8348af4121028e760cf68c931af92906d27dad4d330df9201b5395ccce0c803806422883667ccb11438d9dbe1901d4ab98d89914b313338486deb6f748053517e2188c479adb1eabb8e8ed5d05bb3f66826fae83bbc5bce3615ee32d937ffbe8846a1156aaf7bf9b9d4189bdf290b3df254077688eeda824d6ea0a452f7e7f915c1a94ee250a3907ec035d7ba7bb0256811f04646ca156b8925506c774df4d4072c02929e985057a5f7ddc1469c7306e6fdb86b810ada1cc96f6bd389597dd27dd656f55c316fb2d56b2d13eddf893722e813934a19778719be99697c365222db64039f9caab1201c430e53df1af8a0321c8759fc33e8204150080979936d0717f6c4c9145fb828389acbb894a4600485e8b105c7165a40e814889343deead6d434a8da60eed1e50aa507ac2793b4a4c5517265f859f223bb4f6cadc6fb53430304baea18189e2b5ddd266c38f5c325ba391a50fcd34060d217c4118889c4275e40a8428099ddfa3cc0d8241c22fc1554318e922f3b1257", 0xf15}], 0x1, 0x1, 0x2)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x18, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

9.528955996s ago: executing program 1 (id=3467):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0xa8442, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r2 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000380)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000022c0)=@newtfilter={0x94, 0x2c, 0xd27, 0x170bd2b, 0x2, {0x0, 0x0, 0x0, r3, {0x0, 0x10}, {}, {0x8, 0xffe0}}, [@filter_kind_options=@f_flow={{0x9}, {0x64, 0x2, [@TCA_FLOW_MODE={0x8, 0x2, 0x1}, @TCA_FLOW_KEYS={0x8, 0x1, 0x1e3a9}, @TCA_FLOW_ACT={0x50, 0x9, 0x0, 0x1, [@m_csum={0x4c, 0x1, 0x0, 0x0, {{0x9}, {0x20, 0x2, 0x0, 0x1, [@TCA_CSUM_PARMS={0x1c, 0x1, {{0x1003d1, 0x3, 0x20000000, 0x6, 0x6}, 0x66}}]}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x1, 0x1}}}}]}]}}]}, 0x94}, 0x1, 0x0, 0x0, 0xc804}, 0x2)
close(r1)
socket$unix(0x1, 0x2, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @random="af75355d1696"})
r4 = socket$kcm(0x11, 0x3, 0x0)
setsockopt$sock_attach_bpf(r4, 0x107, 0xf, &(0x7f0000000600), 0x4)
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$kcm(r4, &(0x7f0000000280)={&(0x7f0000000740)=@xdp={0x2c, 0x0, r6, 0x42}, 0x80, &(0x7f0000000540)=[{&(0x7f00000002c0)="27030200dc0f24000e00003c000c00000000ff840000000200000003125ce882cbf490d908f1523f000000032d9c2740e260a09c6911cda856d5141bffc6e29a5789796eec81944d7dff184d3319ce9dfb5c1fcd66e67b91a917a67ece64299573503cbc7e27133c4e5ed68c7a9b407a275bcff3432a487ebef21275b91d386164b443c1dfdf63831812e0471639a99b97a9923e4659cd5d1e3c", 0x9a}, {&(0x7f0000002380)="76e69c0141b4626c18e58316fb1785bc79a094726e33891c6d73f43317b7de3105b7a250790f8a23088b7292aad0049477fd7b736036a2ba810a11b6e5e83b06e0c428d362a29030f3fbb8f93a957f85472c59a37fbc2dc4abf47a23fe1bbab86b3666155606864b97f7615a55989cd2e143f1a9aca24050db9efff1f1639b55a2a771ec9e91f94fb670c3f35f31c40170189010e598500aa376763444ecaf5df2a31e04eda4201194c49c48d817c9d8d50d47c014b329be33b127527fe321b097a15f48ef82a32b10e24a1b56e981b91257aeddd7fee2fe035a1a164b3906ca184ad08f294cde3dfa48743847cac62a87c2d96176a9f6b4278dc95c6c637294986fa9e3e82b504341f82bf314389b0af7c8e07cb6f5ef9bcd83993c880ef2b2aa313a124bee3deb3133338c291d698f04b796be5514c81bad54c22190acda8145b1c14c4b916e2f5c2f10a8702b90d26e0332605edbc351edcd5621cf8c0f1585b1a53879f9ad931c18b15426856dc1c800e4cce36c6c1bf880c0c40a718810ff4793eba9e39d7cd9b351905a845dd3064613cd6f75802a6bc51c1524b412a2a68e6fa4886bd13b48aa9a12a7ace6fa08ccc86cda842d2f4b564a76a9e8adad2249e0dc200a2e647d34ef0dc23dd85674cce8f8e08a6c5ea76db48ac832ff624b134c9ab9f7e99fb3a7ec6cbc1ab45e12d151176cd6a044572928dfd2b72e3557d037b12328f7d4388a4ff8a8e890b2cdaa61fd525dfd3d0feda9c066feff70d89e8fbaaa4ac79e0b814c7b0cb9de9b5915ee30c12c55dc302fa36f96a6b4a437e2f7bac25fb284eec70388c1d4ee9fb51483c801007a74c1806141802eb107b80a047315c048db3671e35139544988b51a23136b02151a06114cc80c05b772786a505edc6d8f74a66b126a940f06000d7abbf3224b9e1f86eb693778968b3e982f197570ffa5732524be57aba33a59cf0032ef61b52f7c2fc2cd992d616452316ee21e7361cfc527acb09f0f46bb8ef013f28d7f615b09037d26e0715d927afee6b9878adad923ce6a6114bb8d3463be786232330a028c152adb31596c77a60231d53fbb8ce73509f37100f69c9004429e904b644de72b865fdccedbc99927542df25180f5880d20590900a9e8b711c8867b67b98d48caf8259797b41284f6e52aa5177ca06a4f25a568ea3a5dd13c6711436d63b814da12b72470eb3468860e5ef86bf381babc6cec73757a1c38a8cf9887bb69045b155ed0ae6c5f2c07f3b9f02c6f02a9ee474e3a9d75e67694bb2a0f28a672a5883dc9688ca2166f914bb1cfc70685907bfa4e9693d9620969fa41ca907751335193417b468de3bab8bf0b7438abe80f494c95e017f41e9a232c52153bc58adf7cc845e770ba119756bad683ff9c701cdd34bc540d8164cf3099c011b328fc0a0445e8eb8085c8cd2fdaf22e1dea9d04454b37af3c83dd3f667f73ca9eb0c3e9bc328b536a1ae9a449b24e227bb05692b16560756d9f0cb3200df43c26d3dbed542f7bd4e3d1329c8e9f631520355e9254b1687197c8374111ee1de4c1784d843aa26992280c9ec267965b8d4d6461afcd597ce636316f5c4ac8f1bec9aa16acd974798c10475e53310630a36796ab4bba263ec76008a821ee9b58861e77f1aa341b9a1bcc9e21c9eb0625297604cdf14e77040e46603597f87d00053c7aafd8130813102105463ea538990f880525cd80e12c426eda2f87a4aefe29505de1a924fad50d9b97a37418331a543f5e39d005ca18976435917721e80f3c631f268b8517f00dc9c8da872328a27e296aa7422b290327feda241d7ea0cd81750d044969e4429197ee55e8111193aee3df3bf37961a4323ac640b0fb11b19cb4e28756defd9f2e1ef3adc3b0aeb5102399dde99e5e67ff4d18c6475440612f42274d17ebc0280f73c89e77fd9dd652edb5ea4e7ad7326dd4c69cea26b47d8314ad412f8b96f2a33a6323c1dc4050ffde22b31656c22b8a5597c3c50cbf4efa9c8d2e4200ccab35ad8badc09d8e05a7abc3dfdce491ecd682dde18f2da41bff3c2e293ddc82df8a1ca558a08b7937bd7228ed25522f41bcdfba8c01a7aa93af6e58b3912dace81ffc5f079e8a4e9d45778afa57909a8e9138abbf4ae6bdbc571d8cc0fb68755b644934fc98fdb263098afab3ffed8e80ea4e935852d9577935c0a5b03425e5e1c3327213d0068dea19165602000000076fe3ad291b73f08e5bf3cb50f60510b85f09bec5dd2118230541448370fa2d1b362ce6c2eee65909ef08bbad2e38ef2fa7d6c0bbb2fbf90e1a63b26c8e41f17b35b1e55885ac66f263d0f42a27a7823d664e3ae65909dd411f05371f21e5bbf7424d41b966e2e8891ae13c3fb700987789f79cca95807ab3068549f250caee6ab7f924afec4b6c821f82f3683d42fde5ccbfafba73c720f8481a7e4d2315e2219f4925893268649dddf696586916bb8c02a3697c38016788d4c799cbbc52043d0ebd08d74efb4619a46db86c744928a580f53ae2d5bbbc69342f722ab65b305975ab500ce7335ceb7d0f726c83a2c47eccf416fdb79f8439d2c608019ea2ef94d1fe8a7367013ae57330165228509d62fab87f04b73a76f80049f23d11a3068721414f8e45b18f4c1d56c11da71c949b35e6c5305452057f947520abbaf701c9b7cbfe623adc65a050458cb5948d1c1699b452b3d9fbba6b3bcdb537bbbf95d8267760cd943de819349966dc515babfca73d5ff3551bc56fe0f9dedb6dd5f4463a3aa652dab81a589ca4e4b0f19ee3b4b20c3986df2f72ba990b421c77b00a9b5cca5d850d607d0a46c2f1b1bbf8dc7f0cc6fea3104615a6cd698d89fca37adf4edfe4ba7c41231a9f2a89c55612e9c7031b7d56d2eb88745ba43a63a122d4d6661e83408a807f9b4519c05f01383811e9a2506c0c23618528599152f7a0481d1e576e4eba29c7725f24f649be7e5d7b9678a91e22d559ee77a1ddfe7225afa40085061c492fc4714f90e481cf494ec6d108fe0be6633d4f4785cb1c82f15190333398283ade4cb97f8104a195098a5a1c90227797fa8216d4762b6e78c60030e69f413cccf052df64a3d1bda69f6dbff49a68ef298809390f39a91e3b5b1971dac8554ed9ae24b4789ba60c145c059b1cfbf6594ed3c734bb4e1172f2e31a18659764bf324621d68b8e356ac3faee71ea97b0b78eeaa29c0f7ee1129777ef1ecd4d7f6586f8d0308709a94489951a04d7eba9793af6c929a0e91cda90457ca1c128cb6aa23f6da8f64f0d78a59f07a19515d9f607aa79c7b6c466e474e45ad85b0f2b82d470c03f7bbfb2fa68b32d4ac188d4a64f22b29c3af9f0b39bc2bb6b399e50f71968effe5b2f0d51489aca30993a67dbd80698f9a0c2ba9addffa3c3712215e63f424ebb5ebaf24fbf476f1d85493050c8be181f7f8783a34484005b58a703899ad2dff546eac853be1529fbe865a3f97643e8522956e0e361ac278e014328aea0b8d4268fd157513bd0f64f589ff8aaa0df2eb929984661031626bc661a5d3035b373177a4703a5000ef9b3ccb84b3dbaecb25ca341c5f12959d214e84b6545f47704d635765b336e4374975c2c40d5814b68b02965e517197edb553e7d3d8432544f66ce84990e7873fa2fadfaaeaa9915f907b3396b8529b03b646cf29be65784b5c08aa77521dd5064669f5ab33cc8ea168ea80949af9ee3937b2aa54250bd733c51c7c4be47c5848abf86b6f522e2a2dd4aa39693af731d70314e1d7af25c57a2dd126121bcd316118c66c18e2109a0c87714f00deaef07648e75f498eb7a8f30784376d14121a1ff34d402c5255fd2c0569624e93a796eb92980ee82ed283bb538e20dd8b02db072f897004f0e11de081cab5bedd9438c612982f1c73388ed98ae3b2d3adc6b8e70434c8992f52ab7c9488da5b67c6c003fdf530ef4172e0ccc16ff75fe6c919619c7ae513a8fcdfdb01410df94978f88b44e60b17a1984a600e04bd072fa731e19f75034d78b57f9890ab4dff68bf2928b5fc711bae0f1baeb8596e8a42f7f172125fb1da929d1f921c53f6cba0d98cd6e31b41ebf3935981b9e98524dd344b9e76b66d31f7d47869cdd3ae49e4e8c42264be751219861504ad49ab00e384e7bbf06472714829dd61e58a1784696a02eee6d9c92446392cadf4436c7eb769d1c5226164a9be70d2c2c6b71342a6d03dc0d39d224f9df8e4ed11c86a47531d5449e5364e8ca5af4c03455fa9da8b5b0d174e41bace68e51619967d79eaaac20b2a9e773b3418ff1a10c1835bed07e6109eac8ea4f130bc70aad103356f9749195fc2745f7076b5b165ff56de0596018b8251a0bd700db48a2243fe56831cf6785d70ded595b1bf9b25f2979923176109adb8012ae650c3fcb110352b884f79aeb465817124f75cda3168ec65cdace89522c0a7061629ea0d5d0573b9aa029500d64cb5df4f440859e4944047e6967511f0f25e9a45751d296ed6b61d4f217c28672d34696fcbaad5a57fd0e063537e889df2bf9e20e6c075296a800179a23e605948dc74fcf", 0xc9c}, {&(0x7f0000000640)="c91d588b87bd12b736780a766e3ebca34836bf87f46f8027511d29f92e1a4e8bd5fb5367cef57a6d8db59a972c54efc7ece9c07cb4a0921d4a2320d73ff2d3c54d7af0deecef81ce277562dde92e480b2cf42e52cc039c43fea94e730feb6f5cad427446e7357d255248ab48a0b733cc2c7541488d63b8f6d2c4f0e03ac8faecc74486b2cfb59a28d701271dc07ef9d82e0ce78bca83048caf47fedf4f4df5863a2f849b5fc6ef0b49bf7a6cb6faab2a777dde", 0xb3}, {&(0x7f0000000440)="1da19d23fdff85b98167afffffffff20df65aece0cffbb361fd19ec08ddad9340531b1c05e106ea2b36a41070b0be2be119aa8c7d8444f4341cccd89faa6253e1ee49e9132f015fd9988ae0b16b48669fd2863efe80b92787339069a0f79bc832754fc4c564bc7c61f70be9565f15584fd519f000000005d433935485cdc2ffa2be958749701504aefae9ac942fd1dfc86b59a3d1caf7923edfc844f870f12b251ce19cedc69367b00003c404d4ac7409ae7f612cd45bc47765d0c3b530a47f46c3a9887c3e6ea", 0xc7}, {&(0x7f0000000f80)="a5ca8683d601768d343ca112b53e7aa9b7692478467c2525cc9cef426e1540e3b29380122d838019715ede6740900e4a5b9097b6713ba207b45f64e07e8d44f24c842b84e2c5c3d4175f2c59ef949b2cfb2b1722cf08388fed3e7ff321bda9f2a0744407b6a38593ab8ff05b41a7bc10f7424c9da00d3b2dea193936dbae3b28e7f3ab2ec79d512847fce7d00e40c1e127d871123a121c8c684d714b81314f94d74e8dd61d5bff0f7a86dc7452ce2bcb9e70676fcdb767dc9953058022e5f082d4024350a9e1d65f80844770359a06b0554bd065b79ede8b2138a0eda7a68ba7fd4240630196a25d1f5f1e15a09f55d4794bcc7f6157b9376d046f30af1ac7464b32a655976a27d8baebcb440d211d60baa353b30fc2", 0x116}, {&(0x7f00000007c0)="15fccf458aaff722396fd50e7eef24ce0351854fc00a0261d42b46a9cef0bdfb965cb60de78082f61517b91d408213aa7803bf94e124f2a3b62391946d0a97372811b14cd1", 0x45}], 0x6}, 0x8bb3a321ef809b)

9.249425349s ago: executing program 1 (id=3470):
syz_open_dev$swradio(&(0x7f0000000140), 0x0, 0x2)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file2\x00', 0x0, &(0x7f00000010c0)=ANY=[@ANYRES16=0x0, @ANYRESOCT, @ANYRESHEX], 0x5, 0x191, &(0x7f00000003c0)="$eJzslT1P+lAUxp974c/LP34CFwdJxMHSFjUuJLI4OZj4QhxMJFIJWsRAByFx8BO4uzn4PXT1Qxh00QUnHU3NbS/tlYAaEsWE80s497lwejg90OeCIIix5eH+te2+5B4TACaQQly+/xQJc7iSf5d4Pr1ZXSmc71zdxttasl9N1/3+90cBXOcjcIJrP16dkusGeKA3wTErdQEMmtS74NiS2gLDttQHiq6JfE3br9iWtlezS0LoIhgimCJke/vrnDGUlP6YWOW+0WwdFm3bqv+g+Gp+nTxHTulP/b26s9GV+RngMKTOgmFd6iXEu7PxR6Lc/2Q0rK/8NX7l/kmQGDshHq4/0MbwIvQn95JhRvEn30ouvKMm41SPM41ma65SLZatsnVkmtlFfV7XF8yMZ0R+/MT/kp4//Vfq/xuQG2MxnBQdp274MdibfuznuNzzP470tL8X3h/rLfwWHlpMvri3CpWODGyeIAhihEyBeZ7p+XJXLMsP3QBzbcR9EgRBEARBEARBEAQxPO8BAAD///k7c0A=")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f00000005c0)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xf94d8000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
futex(0x0, 0x84, 0x0, 0x0, 0x0, 0x0)
name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="14"], &(0x7f0000000000), 0x0)
r3 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_DEL_MIF(r3, 0x29, 0xc8, 0x0, 0xc000000)
open_by_handle_at(0xffffffffffffff9c, &(0x7f00000000c0)=ANY=[], 0x0)

9.161190013s ago: executing program 3 (id=3471):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000a40)={0x78, 0x2, 0x6, 0x801, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_REVISION={0x5, 0x4, 0x2}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_BUCKETSIZE={0x5, 0x15, 0x2}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_DATA={0x34, 0x7, 0x0, 0x1, [@IPSET_ATTR_LINENO={0x8, 0x9, 0x1, 0x0, 0xfffeffff}, @IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0x2}, @IPSET_ATTR_NETMASK={0x5, 0x14, 0xc}, @IPSET_ATTR_PORT_TO={0x6, 0x5, 0x1, 0x0, 0x4e22}, @IPSET_ATTR_SIZE={0x8, 0x17, 0x1, 0x0, 0xfffffffd}, @IPSET_ATTR_MARK={0x8}]}]}, 0x78}}, 0x0)
r1 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000440)=@raw={'raw\x00', 0x8, 0x3, 0x4c8, 0x170, 0xffffffff, 0xffffffff, 0x170, 0xffffffff, 0x3f8, 0xffffffff, 0xffffffff, 0x3f8, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0x148, 0x170, 0x0, {}, [@common=@unspec=@helper={{0x48}}, @common=@inet=@hashlimit1={{0x58}, {'bond_slave_1\x00', {0x41, 0x1ff, 0x6, 0xb0e2, 0x10001, 0x84e, 0xfffffffb, 0x18, 0x8}, {0x1}}}]}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'erspan0\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'vcan0\x00', {0x3, 0x0, 0x41, 0x0, 0x2, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x528)
syz_emit_ethernet(0x8e, &(0x7f0000000280)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x9, 0x6, '\x00', 0x58, 0x6, 0xff, @dev={0xfe, 0x80, '\x00', 0x39}, @local, {[], {{0x4e22, 0x4e24, 0x41424344, 0x41424344, 0x1, 0x0, 0x16, 0x10, 0x7, 0x0, 0x3, {[@window={0x3, 0x3, 0x1}, @window={0x3, 0x3, 0x3}, @mss={0x2, 0x4, 0xfff}, @exp_fastopen={0xfe, 0xf, 0xf989, "c1692684c0e21fee47579a"}, @md5sig={0x13, 0x12, "bc7dd7b76d84796fdc10745e613afa1b"}, @sack_perm={0x4, 0x2}, @exp_fastopen={0xfe, 0x10, 0xf989, "305c71c3eff7cfed92bc3491"}, @exp_fastopen={0xfe, 0x4}]}}}}}}}}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
syz_mount_image$btrfs(&(0x7f00000055c0), &(0x7f0000000000)='./bus\x00', 0x300000a, &(0x7f0000000040)={[{@nodatacow}, {@thread_pool={'thread_pool', 0x3d, 0x3}}, {@nodiscard}, {@clear_cache}, {@ssd_spread}, {@clear_cache}, {@enospc_debug}, {@noenospc_debug}, {@nospace_cache}, {@enospc_debug}, {@ssd_spread}, {@nossd}]}, 0x3, 0x55bb, &(0x7f0000005600)="$eJzs3X9snHUdB/DnruvaFdeWMOuArGwDJFtEOjdNCCR2bNNpYTnphE3I+gNH0DmtY8NVCCtinIERijWMwQoLbn9MEYqucyiJBewqul8IJtNFBbPFNWOkOBExYTG9u+d299zaHhMpwuu1tM/zvc/z/d73njx/3PvW73MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABEHwx+N3TL/t3roJ26+ru++8a85e+2D3kuMX3rq1avND20v2dTz31aNVq1qPLF1w0/2JpkfW93d3BkEs2S+W7t9w2fwrr69vuKI0HLDxc6ltZeVQT5nq+mKqMTbnwcF+uT9NQRAURwYoSm/npXfiOQNkdlfkDzisayf1tE4dP69x28qujc8uu3xL/ktnUOloT2C0pK+rgyeupdrk73jkiEw769KL5Vyiqf7RC+4deREAwFtSk0huMm9H029xM+22aD3Sro202yPt8B1Ce3bjVKTGHTvUPCdH66M0z9pUVCgZcp6Revr8Z9qJaP9IOxI13sI8cw9NR5rSoebZEqmP1jwBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3k0uuH5m/d49D7/8ldbf/u7h17/16sePrGq8ZaC7/qJ1ix/v2PG9vx2tWtV6ZOmCm+5PND2yvr+7Mwgqk/1iqe6xZ6ri8ZkDddseu6e3puFDC9cUpccNt2OyDg72hzsXVwRBc1blYDhsf3kQJHILyWawIb/wpeTOZ8ICAAAA7yVnJn/HM+1UHCzOaceSaTKW/BdKhcVrJ/W0Th0/r3Hbyq6Nzy67fMupj5cYYrzak46XaVee+IllBeMw/kbHO1EPD12RN87woiNG8/zpx/qnNdfdUHrl7gsWzphdv+XS4CfTD3csX3TfhBfHL9nXXpOX/yuHz//hmZP/AQAA+G/I/9FxhjdS/m+uqZh0cOp3ix67rur44fkP/Lyz7/kn4w8VD3Q//dLYcbf9cnVe/p+c85R5+T+ccZj/48Gp5X8AAAB4N/tf5//avHGGN1L+/8X+zZ//98pvTDk84187Xnj69xdvnVI+/7WyGTe8+cSCVxp2tf0pL//XFJb/x2RPO3xwVzjhZRVBUFP4SQUAAAByhP/vfuKjhTCvpz45iOb1y+4qe3LXG+tvjJ/V8o8zFvfPqv7i7tVf37ApNrChc92O5XNX5OX/2sLyf/E783IBAACAAvxm+y13V395ydYtew7N2XFnYvPYS+a+uuennVf1vXwsUfT8zX15+T9RWP4vGZ2XAwAAAJzEU+MmPnfo0UNfm7177YS9q9rmPD5t3+qFD/xz9t+veOnPxzddWJ6X/xsLy/9l6W165UOq087wrxA6KoKgdHCnJVXoC9o/mSkAAAAAb5Mwpzc1revduX7MrNfOPvzDNSuW/2rvpd++a2P1zQd+XXX7ucf2996Yl/9bhr//f3ing3D9f879//LW/2cVUnf9u8SNAQAAAHg/yl/PH94eP/XNBUN9/36h6/8/euaBko7m8ysnx7dVz3rig31Xra1+fVHHRZ/YfusbH46V//VTefm/rbD8X5S9fTu//w8AAABOwf/b9/8tzhtneCPd/79v3DPnrPnsPT+o/WbZU+e+eXfzd9oPTj9v87QzPlJ0fvecmX/4fl7+by8s/4fb07JfXk94fm6vCIKJgzvpuwluDae7LFLoKs4qpE58pEd92CNd6CrJKiS1RHp8rCIIpgzutEUKp4eF9khhoDxd2BQp7A0L6eshU3g0UugJr7R7y9PTjRZ+FhbSCyy6whUUp2WWRER6HBuqx2DhpD0OZJ4cAADgfSUMz+ksW5zbDKJRtis20gFlIx0QH+mAopEOGBM5IHrgUI8HjbmF8PEfz+1e+so1D9b1Xt1w9KzZe5bc0faBnkW9O7/wo55z/nL1Cws/nZf/NxWW/8NTMTa1GWr9fxCu/09/r2Fm/X9jWKiMFLrCQiJ6x4BE+BypsHtn+ByViXSPgYmZAgAAALynhZ8LFI3yPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID/sHfvcVJVd4LATzf9punuiAFjTECNiO7SNE1IEHEkEndN4pImIRvHDKERGu3QBhRwxZgVHxlXiS5GjYmRHfw4auKwig+iTlSIjphkVBKfs+Jz0ImssgQdNY6TZT7dt05RdavLLoRWcL7fP7pO1e88bz26zr23zgUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgH8fLlp2Z9Org//PN3/53Q0vf/cT038z/Yhte/35pvo3hp352LbDhtbfsHnIosWvdEw57cq2mSuv2LR6eQhtPeXKkuJl9w0pLx/7hy/ddtMl97fMGDrtrKpMvZl4GNj9pzxz57zY6ouDQri9LISKdGBUfRKozNyvj/XtVx/CR8L2QLZER11SIt1wuL82hBUhCWyuyanqztoQ6sP2EtMeuXfNRd2Jy2pDOCiEUJ1u45nqpI3adGBEVRKoSwfmVSSBt7YlsoE7ypMA7LT4Zsi+6Fe15Wdo6r1ckddf5S7r2AcrPbwBMdFUPN/mz/Vzp3JUpR9o26mnraA6+kXB22Otd9se8G4r2M7LPG25X6Qy31C2bQ9Vh/LZHXNmLupaGB8pD83NA4rV1E/P84atZ87akfQe8zqMHWjaJa/De+qmNFz02uTDV5/wx1MOWrh++s5286mcTZqb7m/VIfOa22Oex2iSz5M94O1X8C1puC9dIYSv/utHy56Y99y+W95+8bjJNz9z/uUzFl8xbfKTQ34x/u+v3Ov2GRcXzP+b3n3+H1/O8bY8L3ds9Z2GZG4eH6mPiS0NydwcAAAA9hh7wl7Tz4598bmT7rt9ybMrv1zxnQm/On6fhoozvt/11b1XT/z4hZd2PrxXwfx/eGnH/+Mh//rc0a4NYVJP4tzGEPbpeTwJ/Cx254TGEPbvSbXlBz6XCqwN4WM9iUOyVaVK1MQSw1OB3zdkApNSgXUx0JYKXBsDy1KB82JgVSowKwbWpgJHxUDozB/HoQ2ZcZQcqI2B9mQjropnIbzeEFtLbasN2aoAAAB2kczssDL/bs65DjubIU4vV9X2lSGegV00Q3WqhvQMNjutKlpDRV81lPdVQ3bcS959+AU1l/VVc8FpGGX5Gd4Z9u3yxskH/Oi2a0dd1/rs5O+8Mf6rn/7Tq2+sPeQf/ucdZy686tCC+X/Lu8//q3vpSFnB8f8Qpvb8jbnLM5GubLy9LS8DAAAAsBMue2j5o9ccesz/u+v5u279xJXXlK+9/Cv//4Ut5x4w5ssjy2r+5lurCub/k0o7/z/uExmQkzk8GHdDzG0MoSU/kFR7eGEgOeo9MBMAAACAPUH2eHz2WHhn5jY5RTs9ny7M37aD+eOB/0m95r94618++akrHz1u8YgDN13yP057u+yj43+317HrRz+8+ZMj/q6ppvD8/7bSzv+vy79NOrEu9uLSxhBqcgIPxF52B3oMj4Hnj8wPZMa/Lm6ApbGqzIkJ2aqWxhLtMdCSCqwoVuK32RL75AcyT1a28XOz4+jMlMgJAAAAwPsu7g6Ix+Xj+f93TD30E4cMeW7cs5+8c/FLk5Z//aS6Hx54w94vN3ZNGfeZSUd8/omC+X/7jp3/3zMPLji9v2tgCKMrQhiQ/mHAg3XJwoAxUF+WSdxdl9Q1IF3V2XUhTOweWLqqFzLr/1ek1xh8pDapKgb2OeCnW0d0J66pDWF0buCJb1w9rjuxMBXINv612hCGdY823fjqmqTxynTjV9SE8MmcQLaqE2pC6G6sKl3VvdWZ6xikq7qpOoTBOYFsVZ+pDmFxAGAPFf+Vzs59cMHiM+bO7OrqOLUfE3Effm2Y09nV0TxrXtfs6iJ9mp3qc94yRmcXjqnUK988nVmiaPqwm0eWks7+TrAlt63MfvyCEwcz9+N3ocqecbZW5t0dmx7yyAMLmwg536SKDbm8n4dcl1vJ9iexoP6YvyoMDDWLFnSc2nz6zIULTx2T/C01e2vyNx5mSrbVmPS2quutbyW8PIqulpXyXrfVwbmVjF548vzRCxafMarz5JkndpzY8e3W8WNaW8d9dvy41tHdo2pJ/vYx1IN7qzo11G1XlziuXTjUfStyKnk/PjUk/j0mul9uu0E3JN5jYuaysnMmzfj13d/cb93Jpx+/39/uN3vU8X9x8W/mH9d8xNRfXf3n6wvm//Pfff4fP3XiJ39mfYZix/+b4mH+5PHth/nbY2BFqcf/m4odzc+eGDA8FVgSA0sc5gcAAODDIe6OjHsz417pq+r/4fajZ8864q1ffn3a5X89fsJJp288qOn8y49d9p82vr5szedfK5j/Lynt9/+7aP3/7NL1Xyy2zP8hsURLsfX/08v8Z9f/zwwlu4N+XbFl/rPr/6/4ANb/X5QNpDbJ69b/BwAAPgzev/X/+1zeP32BgIIMfS7vn75AQEGGPpfxL/UCATu8/v+8rj+rG3LxvAlHjpr/4wfWHLBs8E2feHryrw9cftioO1ff8OaYGwvm/8tKm/9buB8AAAB2H/f9suZb578x4u7HHnjr6LILf7vluq/+RcehR/xhcOuJU79Q+/3r/qVg/r+itPn/+7/+Xyh2/v/wYoG2YgsDWv8PAACAPVSx9f+uH/z88LULR1370M9fveG59l/MnvjSf1j2g0/PHNFy/boNv2matbFg/r+qtPl/PO2iPC937M07DcmadiG9pt2WhuxPBvoaUKlLCQEAAED/Kg/NzZUl5s1bGfVz773NDZmlQN8tnevxu4asWVR+32Vl1Vt+cMGMI5rPOva0eUd/b+P36x79Sd305upTC+b/a0ub/+f9LuOeuikNF702+fB3Vp/wx1MOWrh++vbj/wAAAED/KXW/BAAAAAAAAAAAAAAA8MF7rH35YW+P+cIrs/cf869fO/aZHyz9+Dce+Ksr/3Taz4+6a//ObSOmFfz+P0ztKVfs9//xun/x9wV75+WOrfa9/l/m/rQv3bi4Z8nCBxtCODA3MPecuR8JmWvzH5wbWDP9kKHdiXPSJe569qiXuhMz0oFjRu31ZndiYirQHhdJ/Fg6EK+q+OagVCAur/hoOhC3x6p0oCoTuGBQMo6y9LbaVJ9sq7L0tnqqPoTGnEB2W91en7RRlh7gZalAdoCnpANxgFMygfJ0r24cmPQqBupj0b8amPQKAIDdVvwWWBnmdHZ1tMSv8PF234r82yhvybKzC6stdYHupzNLk00fdvPIUtID0t9Ft19rvDJUdw9hTMHX1dwsZT2j3DW19LHp9i4y5L5WeysvUi5tRzddVfER1SYjap41r2t2ZZ8DH9t3ltaKPrOMKZjs5GYp79mkJdRSQl9KGFGJ26aELsf75aG5eUAq14QYbAp5+npFlPp7/dx1/oq9CnLz/HXtlRcOGDrgrX+Z+L377m2s7Dppasf39n3oHwePmf3jH97bfsXvC+b/TaXN/6tzx/Vm5mIAS+KV9Q5vDKG9xBEBAADAh9//PmvlLcfNW7dpztqKJ3/3u7nlXz6uctuZt515xveeunvpMRf8x+t3Nr6q7LGtx72y9fS/fOUnn77q/tOfO2rW6bdN2XDExo7qa7/zZytPGlYw/x9e2vw/7sHKHApO9nasjdf/P7cxhJ5L6zclgZ/F4Z7QGML+Pam2WCK5oP4XY4mWJPCzuMPkkFiivS2/qpoYWJUK/L4hE1ibCqyLgcxeip+GzK6cSxpCGNeTmppfYn4s0ZQKfDkGhqcCzTHQkgoMioFJqcCrgzKBtlTg72MgdOZvq1sHZbYVAADAjsjMsyrz74b0PG9VRV8ZyvrKUNdXhvK+MlT3laHYKOL9W2KGytTJK2U5mSrTtdamainIEC+Gv8P9KsgQfpufM12woOl4/kH2fIOy/AwTfnhL+2FfXPDjref/6OGjP3Pe0csufe3CLwwceumT/7fzrIGDttYVzP9bSpv/1+XfJq2vi/P/7df/SwIPxO5dGk8dHx4Dzx+ZH8jsGFgXJ7tLs1W1ZUpkJu1LY4lJMTA8FZgfA5NSgfapmcCKofmBzEw72/i52cY7MyVyAgAAAPC+izsI4m6aOP9fPSG8vt/Rb7Xue+ng+RMefuDsz8+s3bu69h8nrl8+8cLq+w6uKZj/Typt/p/Eq8LA3MbOi715cVAIt5dt7002MKo+CcT9GPXx5/H71YfwkZwdHNkSHXVJiarUQMP9tckv1KvSVd1Zm6wxEO9Pe+TeNRd1Jy6rDeGgnL0v2TaeqU7aqE0HRlQlgbp0YF5FEoh7frKBO8qTAOy07F7B+ILKnOqS1dR7uSKvvw/LNUHTwyvYB9pLvt5+c9VfqtMPZPapZu3Y01ZQHf2i4O2x1rttT3y3NXm35X6RynxD2bY9VB3KZ3fMmbmoa2F8JPeXrAX66XnO/ZVqKeld8Dpc8t5727fqdAdaUh8fLb2X6/11WBaru6duSsNFr00+fPUJfzzloIXrp5fcjSLiD4UPv3H+oU/lbN7+Vh0yr7k97vOkzefJnvhvYLinLYSw8tw5jz7yT289XbGx9b99ZvzKm159aOVPDrtnzqiPbbrgU1s2v3FMwfy/rbT5f0XqtsfbcWMuaAxhZM7GfTBu/smNyedgTiD5lBzcmP8B+WA85L6xoegnJwAAAOxq2d0d2f0FnZnb5ITw9Dy5MH/bDuaP+ysm9Zq/1H4PHvd33z3yspe/9pWN+1784PLHNvyXV1/4/Iwj79n6+KrVL7ce+9HHC+b/7e8+/69JddPxf8f/6SeO//dqd98VXZN+YMlO7YouqI5+4fh/r3b3d5vj/71y/N/x/944/t8Hx/97tbs/bQXfkub70hVCaG+85uZf1M0cOfCSM785a/3PH3+9ZcIz9Wd94db/ddTScMXZa/5UMP+fX9r83/p/vS/al13/r73Y+n/zi63/t8T6fwAAQL8qstBcep5XsHpfQYb06n0FGfpcILDPJQat/7fD6//VHX/G8S80bN7/isk3/9dbZ5739PHHPXnQgKe/fvPXrxt9+cjnPrWpYP6/pLT5f3w5DMxtfU9Z/2/41CJVLYuB+RYGBAAAYHdUbAcBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH6xV9y79+LalBx523ZMfve6of16xbs4Bvzp029hxJzSPXDq47NK/+afNQxYtfqVjymlXts1cecWm1ctD6OwpV5YUL7tvSHn52D986babLrm/ZcbQaWdVZ+qtzNx+PC93bPWdhhBW5DxSHxNbGrrvbA9M+9KNiyu6Ew82hHBgbmDuOXM/0p24tiGEg3MDa6YfMrQ7cU66xF3PHvVSd2JGOnDMqL3e7E5MzATK0t29alDS3bJ0dy8aFEJjTiDb3W8Nyq8q28Z/zgTK021cX5+0EQP1seiP6pM2YqArluisCWF0RQgD0lX9ujqpakC6qr+tTqoakK7qv1eHMDGEUJGu6tmqpKqK9MjXVyVVxcA+B/x064juxIqqEEbnBp74xtXjuhOnpALZxr9SFcKw7pdMuvFbKpPGK9ONX1YZwidDCFXpEv9ckZSoSpd4oSKEwTmBbOMnVYSwOPChED98Zuc+uGDxGXNndnV1nNqPiapMW7VhTmdXR/OseV2zq1N9KqYsJ73t7Pc+9qe3njmr+3b6sJtHlpKuyJSr7Olya2Xe3bG7e+9jv+pyK9n+fBTUH/NXhYGhZtGCjlObT5+5cOGpY5K/pWZvTf4OyESTbTVmT9lWB+dWMnrhyfNHL1h8xqjOk2ee2HFix7dbx49pbR332fHjWkd3j6ol+bsrhnr1+z/UfStyKnk/PgAkJCT2tER53qdby+7+QV7wRX97RytDdc8HdMG0IjdLWc8od8WgP/ceR/xevqf0OaIxBROHgiytfWcZWzCZ2J6lNsnS872uYHKYW1N5zyaN98tDc/OAYtuhKf9u7ubdvBObd0Nm05WaBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPg3duBAAAAAAADI/7URqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrADBwIAAAAAQP6vjVBVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWFHTgWAAAAABDmbx1GzwYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHApAAD//1rmzOM=")
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
ioctl$int_in(r2, 0x5452, &(0x7f0000000280)=0x3a0af83a)
shutdown(r2, 0x1)
listen(r2, 0x28)
poll(&(0x7f0000000040)=[{r2, 0x2328}], 0x1, 0x404)
shutdown(r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r6=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000500)={0x24, r5, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x9}]}, 0x24}, 0x1, 0x0, 0x0, 0x20000000}, 0x20000800)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x101)
mount$fuse(0x0, 0x0, 0x0, 0x2b38094, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f00000001c0)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r7 = open(&(0x7f0000000000)='.\x00', 0x0, 0x12d)
ioctl$AUTOFS_IOC_PROTOSUBVER(r7, 0xc0049364, &(0x7f0000000180))
sendmsg$NL80211_CMD_START_AP(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={0x7c, r5, 0x5, 0x4, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r6}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x3f, 0xe, {{{}, {}, @device_b, @broadcast}, 0x200000000000000, @random=0x4, 0x0, @val={0x0, 0x6, @default_ibss_ssid}, @void, @void, @void, @void, @void, @void, @void, @val={0x3c, 0x4, {0x1, 0x7, 0x3c, 0x2}}, @void, @void, @val={0x71, 0x7, {0x1, 0x1, 0x0, 0x1, 0x1, 0xf0, 0x8}}, @void}}, @NL80211_ATTR_FTM_RESPONDER={0x8, 0x10e, 0x0, 0x1, [@NL80211_FTM_RESP_ATTR_ENABLED={0x4}]}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8, 0xd, 0x4}]}, 0x7c}}, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000980)={'syztnl1\x00', &(0x7f0000000340)={'syztnl2\x00', 0x0, 0x17, 0x7, 0xa, 0x6, {{0x2d, 0x4, 0x0, 0x1, 0xb4, 0x67, 0x0, 0x1, 0x4, 0x0, @private=0xa010101, @rand_addr=0x64010101, {[@end, @timestamp_addr={0x44, 0x24, 0x95, 0x1, 0x7, [{@loopback, 0x5}, {@empty, 0x7}, {@local, 0xa74b}, {@remote, 0x5}]}, @timestamp_prespec={0x44, 0x44, 0x3a, 0x3, 0x0, [{@multicast2, 0x4}, {@remote, 0x9}, {@dev={0xac, 0x14, 0x14, 0x38}, 0x3}, {@empty, 0x75}, {@dev={0xac, 0x14, 0x14, 0x2f}, 0x2710e3cc}, {@rand_addr=0x64010101, 0x9}, {@broadcast, 0x288}, {@multicast2, 0x1}]}, @timestamp={0x44, 0x10, 0x97, 0x0, 0x5, [0x0, 0x88, 0x0]}, @rr={0x7, 0x7, 0x13, [@local]}, @ssrr={0x89, 0x1f, 0xff, [@local, @private=0xa010100, @broadcast, @broadcast, @broadcast, @dev={0xac, 0x14, 0x14, 0x3b}, @broadcast]}]}}}}})

8.080233796s ago: executing program 1 (id=3473):
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x25dfdbfe, {0x0, 0x0, 0x0, r2, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0x10}}, [@qdisc_kind_options=@q_prio={{0x9}, {0x18, 0x2, {0x9}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x40480c0}, 0x20040084)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
r5 = openat$tun(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
close(r5)
socket$packet(0x11, 0x3, 0x300)
ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r6 = socket$kcm(0x11, 0x3, 0x0)
r7 = socket(0x400000000010, 0x3, 0x0)
r8 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r9=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000f80)=@newtfilter={0x38, 0x2c, 0xd27, 0x30bd29, 0x25dfdc00, {0x0, 0x0, 0x0, r9, {0x5, 0x4}, {}, {0x8}}, [@filter_kind_options=@f_matchall={{0xd}, {0x4}}]}, 0x38}, 0x1, 0x0, 0x0, 0x10}, 0x0)
setsockopt$sock_attach_bpf(r6, 0x107, 0xf, &(0x7f0000000600), 0x56)
sendmsg$kcm(r6, &(0x7f00000000c0)={&(0x7f0000000500)=@xdp={0x2c, 0x0, r4, 0xc}, 0x80, &(0x7f00000006c0)=[{&(0x7f0000000180)="27030200590214000600002fb96dbcf706e10500000086ddffff1144ee163cd4b8bf", 0x22}, {&(0x7f0000000c00)="4307ed2e", 0x4}], 0x2}, 0x4)

6.75829216s ago: executing program 2 (id=3475):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000380)={'syzkaller0\x00', 0x2})
r1 = socket$kcm(0x11, 0x3, 0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r3)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x1, 0x25dfdbfd, {0x0, 0x0, 0x0, r5, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2, 0x5}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0xc, 0x2, [@TCA_TBF_BURST={0x8, 0x6, 0x800}]}}]}, 0x38}, 0x1, 0x0, 0x0, 0x40088c1}, 0x0)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000001c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70b926, 0x25dfdbfd, {0x0, 0x0, 0x0, r7, {0x0, 0xd}, {0xffff, 0xb}, {0x0, 0xffe0}}, [@qdisc_kind_options=@q_fq={{0x7}, {0xc, 0x2, [@TCA_FQ_RATE_ENABLE={0x8}]}}]}, 0x38}, 0x1, 0x0, 0x0, 0x4004}, 0x4890)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r8=>0x0})
setsockopt$sock_attach_bpf(r1, 0x107, 0xf, &(0x7f0000000600), 0x56)
sendmsg$kcm(r1, &(0x7f00000000c0)={&(0x7f0000000580)=@xdp={0x2c, 0x0, r8, 0x3e}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000180)="27030200590214000600002fb96dbcf706e10500000086ddffff1144ee1611d4b8bf4a31accb", 0xfdef}], 0x1}, 0x0)

3.944649128s ago: executing program 1 (id=3476):
setxattr$trusted_overlay_upper(&(0x7f0000000380)='./file0/file0\x00', &(0x7f00000001c0), &(0x7f0000000200)=ANY=[], 0x835, 0x0)
setxattr$trusted_overlay_upper(&(0x7f0000000380)='./file1\x00', &(0x7f00000001c0), &(0x7f0000001400)=ANY=[], 0x835, 0x0)
rename(&(0x7f0000000780)='./file1\x00', &(0x7f00000002c0)='./file0/file0\x00')

3.915693159s ago: executing program 3 (id=3477):
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000040))
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(0xffffffffffffffff, 0xc1105517, &(0x7f0000000340)={{0xfffffffe, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x6, 0x2, 0x4, 0x0, 0x0, 0x0, 'syz1\x00', 0x0})
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
clock_adjtime(0x0, &(0x7f00000002c0)={0x19b1, 0xc1bdf10000000003, 0x100000000, 0x1, 0xfffffffffffffff2, 0x1, 0x1, 0x200, 0x0, 0x300, 0x1, 0x2, 0x4494, 0x0, 0x9, 0x82, 0x0, 0x0, 0x9, 0x100000000, 0x0, 0x0, 0x0, 0x0, 0x7})
ptrace(0x10, r0)
ptrace$getregset(0x4205, r0, 0x202, &(0x7f0000000240)={&(0x7f0000000180)=""/120, 0xffffffffffffff28})

3.847391442s ago: executing program 0 (id=3478):
syz_genetlink_get_family_id$ieee802154(0x0, 0xffffffffffffffff)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
r3 = socket(0x400000000010, 0x3, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000540)=@newqdisc={0x24, 0x24, 0x4ee4e6a52ff56541, 0x70bd27, 0xffffffff, {0x0, 0x0, 0x0, r5, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0x2}}}, 0x24}}, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=@gettfilter={0x24, 0x2e, 0x205, 0x70bd2c, 0x25dfdafd, {0x0, 0x0, 0x0, r6, {0xc, 0xc}, {0xfff2, 0xfff1}}}, 0x24}, 0x1, 0x0, 0x0, 0x20000801}, 0x4041080)

3.838198523s ago: executing program 1 (id=3479):
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000780)={0xffffffffffffffff, 0x0, 0x0}, 0x10)
sendmsg$ETHTOOL_MSG_EEE_GET(0xffffffffffffffff, &(0x7f00000013c0)={0x0, 0x0, &(0x7f0000001380)={&(0x7f0000001400)={0x14, 0x0, 0x200, 0x70bd28, 0x8}, 0x14}, 0x1, 0x0, 0x0, 0x4000}, 0x40448a0)
sendmmsg$sock(0xffffffffffffffff, &(0x7f0000002480)=[{{0x0, 0x0, &(0x7f0000001780)=[{&(0x7f0000000340)="8224aca5f41b9e0ec5e7a706c919e7c0e343f0cd0a779c17e7f992396b09252009d2d12e9475a57ec39f71417044cf4151af34ac1dfd5d87cdd80bc4c24478821f64d4d971bbc1fc7bdd181a839344917165bb9cd0fa568aac55d8e38ee30fd3a9bc63e2656b6941c812e6ea0692ec276deb2b7b817906cf8c5429a42164e8bb521e216e554d509a0fd0d86729b5f4", 0x8f}, {&(0x7f00000005c0)="f2", 0x1}], 0x2}}], 0x1, 0x0)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000f80)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000b40)=ANY=[@ANYBLOB="14000000000000002900000034000000040000000000000014000000000000002900000034000000fdffffff0000000000010000000000002900000004000000041c000000000000fe72f4a4a3142ee1e12b9826287997a6b33d89f3d60da1641d9fe3896c3c1b6c130ef4f01be8f5836d417874540898619050b14420ab124b11de36afb16ef4fc00f3f4e4fa0e647cd1b07b068d3894180b6aa7527a4a8252f6836a0d67a7782c675a838ea989e567e4774de1f52d188e0b0888c5801409e12e5f0b6bdcf72f2ec7008a15fa88b025e0ad0738000000010c7a0180050000000000000009000000000000000400000000000000060000000000000000040000000000000b0000000000000005020a7e00010005020bf4c910fc0200000000000000000000780e000000000000000000140000000000000029000000340000000000000000000000700100000000000029000000360000005e2a000000000000ff4150d650847249ad288702ebd0d654b985e8908defb7ec6c5ff115c58e128b9e3a21c34b45ef9de99984e143ca7c3509a971b2ec429ee1edc0bb903fe94b32c28f70000100000100010800000000000000000708000000030000ff0f07100000000002070600ff7f00000000000008c6c8a110995d439fbfac9716a99c357bcb2d59a850490739734f6b321d19b3754df39cc2dc26cf263cbebbddb9a7f17b6771f74c46623f9e38bd23e6f0a2fd3a9a017f66738394aca44d1a9f0b35d9df0a964360ab0900a5e6fcac1cd41c91c97f6826ff706c41edc4e00205bbb53218ed58a1122d993b55a1b9a870a17e7869e3fc704b388202add651f628963a90fea5d8196d5e0373fd"], 0x340}}, {{0x0, 0x0, &(0x7f0000000f00)=[{&(0x7f0000000500)='q', 0x1}, {&(0x7f0000000600)="58b327f21946add0e0c31b173119ac7b4ceda64bbfbc8159462a8686f4303aeee1d7c9b54c4bd660fe192582950eb09a8bae632fb4e7313e3828773c09fec9b010373ca7be0ccc91233fffcfe03f287a50f2b4a970278097aed06e61a0f2da47b0bd02fcb45bf35e78", 0x69}, {&(0x7f00000006c0)="138b9f8300af1d79", 0x8}, {&(0x7f0000000700)="e59c889c8be9e17c21882a76c6907239d44f6a0efb65359c6a8e5e", 0x1b}, {&(0x7f0000000e80)="0e9129a2bae0d093a9c5091f0926391174e5aff7420b47b0cf1a8bbd7bb239460a6b26eb4f86fa48acdf54294bee3567a8ff0ed4f912a1aa059d62286db3e045dc", 0x41}], 0x5}}], 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3be", 0x6)
r3 = accept4(r2, 0x0, 0x0, 0x800)
sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xff31}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f00000000c0)="650f340f3566b842000f00d8b805000000b9a00000000f01c13e0f070fde460b0f0130670f01c2f2360f217a0f07", 0x2e}], 0x1, 0x11, 0x0, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000b00)=[{&(0x7f0000001880)="ea7c5828b87d70214008724bcae1ce6577c01031b19698ecb8a7f5183947918ce2cc9dc778dbfff9e28e1a6df7d8f95c3e45768a6786d6325bc0fe4ed394c8ed0edcbb9f917074251a7f5b6b24c52516a68f181592262dfd12b5af7386658c5fb6c36d86d5084624a302a155c0463b6c36e9fc88338b0f66e2713728a21d19d9a33da93d419df63d8a87fa100381ec74de8b7409f4977d3cd7a9f2fb03cec91c4277b39b2c9f227a9b74926a11960d085e2aaf98673d2a67fa95b8d9dcc72ca6181f6b9b2d1c402267e6cfef5599e1520077d9bc472fb5a5db42b1befd498ec7b8d519b12f065323b15280a2540bc7a4ffe508fc12f93707064caf4111e893142f9867b432b1e6258caa2ae081b8b646c25de7f5366a21f9dd257b84546cd316e17b79d22c4bcaf70e8a96d1e502b53c581c75482d1d63f0d5f3fb5bdbb714583f0798e0c4d6c9d99513e91a68a26612053290f15f5a2e06acfa229356e37b4d57697224e9561c0430a67fcb5dea72acc91e60751a5b07eb603548a646f082ce213347b4ee908bd95cc56775330aa09d4f19f48a8cb5d7f6346d82bab8ff019309684bd01eb4d90febe2269cd2a1100130c242a2995ce38638a3bbc9008ac0e820a1e0b9a9511af47aa7f3e30a69589985423f3b4ea98152433bf1aa53a0981f783f11c4cc50f70fe63b2043b74b9cb7da59caedadc1fa1f662831a353969893d4f93b919cda52a1ce2200a0a7895abb293c29d6d197cce98a4df8fc90c582014742a00b4bd09f1fcc5ff5753320d2b5593e657c0fb87a4cfa323ce59111eea806a6e020fb0c4fdd601087811e33e793975b5e9e936c16d243bdea757e0ee4508f5d5b496ed07b6f0f1f46ed752448f30d679b23ba8142d4ab25beb913ee77547866e5d9501a55e9797ba3407f3f4cc11398bdaf3ac4c2e79a5b133a09fcf8ae790bb985fa01daf2758fd8a77fde15a822227dddf64bb2ebc49a56ad025e01c6c59e4818abdf808789d9f87c103cf7f7d21d2a1345b9b7fd66b1cf96002343fbd62f8080d945e70bd93d4bf42b401477abed49065b4a8ccfb9d93724118168de2e8df4f78ccf3b9593f993423a619ef6bd8392a2cfc6424d3687fcdc67d33073db95d856f312b934d05a3c4e967217837920fee73b00757b617d1ef3bfc2e88a8a72f0948263db2c9e7bd491f059b6ee8d0ea3f2193314562910529869b248172bfe0f914f7a91a27c6e9e6c2e3455a7ae765392b48fc959958aa39a5a483b2a6e873ac76f8579515e42f7a3bbc82bcf71edaf12f7b40a2adc74d67ef793988cc8ac788185049e57fb84757bdc700ffde10afc19df290787ed98222f8afb2b6d11944666331350e2914466b398750acae526146373b2cbe1bdd1803e6c920a182a1ad118a3d09313c2ce2703a0a1c09215cab90c35b03b1c795cf704f42dd31ddff6be67bb355977b2e07609c5228299a170308e54705674384fc294cdfa4abf989d3c3bf3eabbbcf52a6a0646bf6db5b61ad027007464fd6fc10490ee2e9190c28ae5cb3733105cb782c0d53e5c79c3e455609d557d824154d01e282788ec8ae7c8a03fcd6cd4e37829b0f921c46d715454d5e1281c641cf0756a2f31b0369ce94e819e6254af95b88bffd7bb2cfe9469d303497fead174839b2789b5aa703176510eab1f46916b3b63f6f5b2df262fe7274a0cee9bd6e115e5f9f48ac1c09e5b3c546ae95b9916a633869854d3ee39d4acb800e876e7fc084ffd79a20fca8331caff657ec89b445c6012ff7eb9531eb1e8c90cdc66b82d6fd608310099503a9dcf50b40d10a3b1ab520477e20ad5f6405cd4b5b36d201e12088d7868c6e94737ea88db6ed5f7df4d31cbd2d0c4f21cdcc3b181f5aae7216dc4c06b2989bb44e5369ba96ce87f3e3abbb530d103a53d7e0b914115c302c935eea7d256a73aa851d84dec6d9112163be8135889c67fa90e796a6f050fba0a6a740618cd513748072daac9f3e25034772cc400a14834afbde835bc9fd7cf1113d67ebe99a3b78907596886ad5a1670ef572c18e26c98fe40194428de339cba7b8efc5fa7faf7512ef6b89a877f3e534fb4512729df686e14aece08fab3b42ea14acde0e18ffe5dc00e74288661c7463e00f3b942cddf3b71e1dcf71989f378b933df099316451cca296a4e117bbeb3b1e552e5a10f9731449ae830de14989049ce818f720e77e78a86c307c80450b26278bc25ee7390ce6d4c4dfc8d39b6b4b1ce6f3865dbdd1d37aedb555288bea9ef95c8600dea1cd10e9e42d15aa804f99a31bfaa5ea52185333d734c766e3bb4a9abf86cf4d840dc188167a25cc3054b65fd7ce053d38518474ab55e59c1ccaf34d57b4cd73b07ed63d754ab3d57dfc0f67bbdb22e33d9f63aa2b36cf0af338794d4acbd1b13669bde67f7bd032f9c6b400e8054a0cff77fc6e0591195b21715e42c881e23156b4ba504d7e1b6eb9c2ec9b9e382d85f7c52bd964d305da9496dbaa022880ddf236730c458f31258d64ae2668aa863b3fe558c7f8cfb3dabf42edcaf2891e9b9462c44153658eae85cd499abd9dca762adf26d9904d28b772b3fc3d066d56261474c944387ac7eb00059025ff25e34b8f7c2986db1ccc4297e1315c3ceeef1b8f98e0500bbb8bb0ab52d80f8c6c8fa5d24b9a05f5350e2fd59af4b9fa9a2b4339b61e208f227ba968d4dbd36246133de2078c6a15dd57754a3537c31d04da545f062dbf9cbaa0840e23974f441a4d5937fec23ff81c193bd951a7bacac8eb6d4705702cbe3c930f27869753ba6026455bbb7742c53644f1646d7545467091a207905f831505f214fbd818aea4455705b5e727850cdcac40620135b8dba85cb0c0f393af252ec082cba5c43385fbc2cc5682bc1994b064e29c8c5a20e7e6d15fbb13e6fd1a86b2fda666fbcd80fd08be00a7423fcafbdd8283bac88ead203bc10d1c1a13ca2fe853fa6cc8991b0476561be085b086b0d0e45f73e59f519342c13f368a37464cb55b8a13846f4cd610536d5c4b8704fcd347abe6712d3de67d7918e6954898f31647a8ea37ecc2e1bb02b1b26e7a60fbb2b0a48efc5795c12d5c4ac8dc4149dea0f2e085422ec69352882622711b74e1e32c7ead2cf3c554e8ff1648e8b66d0dc6997b6304b3b560a33d75aa49476175a386ca721156ea79bdba432d439dbceb0285561abd5d134badd9f38c04fae8fa920edfff15705371c907848c14acdfb0b22a4c7168e1840e8b8a50349dcee5f429b3cb34e30f0f67acf93604792b8574f36ea9409d422621f3c0c7b781fc8e23d1d46f04a9b44f633e5f72cb079fbde66a9745705666c6dab6238628e57ee6cffa8cfad616dac1abe2789c9efccb4fc7e65e490d9a4e49e7ce72a6980e72f70a17649e67de86f86b61a4b6219daefc939b5904e5712ecaf85c98484fc02585b1aa990b95173e4a2907cf877af696e528e6b2b634a4fb7d791cacc8644fa76e062148d411e18f0da5aed22116828cd700a28e8f46bca950550acb4ab05eddeb6b2dac24702cff4de0a3ece393cac879ed2f0c5b9645839cfdb79fb1df87596b14504cba9dddda51edaffcd0214b91b5898ea022774e699aa0caf0f646cc0cb8e8fc8b8be43c23aa7f6bd29fd0615c0b78f3514a52989d7f35ad08a4bd473e61da6657cc2e85d3b2b7d3fb51174a96f27038ddbc87a35e09a668e436aa40146c6a26dca87b39220f139b772719d80aadb752c622bf09acd6846838fb48a8817ba4aa72eaa32e82251b3789969d8518f9aa07cdcb9a355f73f119725c086168aaca262f13cd742e5f06c969a462638a557e15a4f5d43e3242c08f23b00d2b8d57c60d3636abd4068ec03a4be3429b95e41351ab5c58812e552df90c3e6c9d8779aa484e74f073ea9fcdce13b1dff8e7c101b2c6865c5cefe108e3559f520e2bc42c9dc39b57fddb44ca49f2689e10c1381c0740d20cbca46da475c62f513cb08398a5fd5d4f6b13ce839fe149df0d291a8f7267fe90a7e1845dace17cd927c2d1aeffbdc36bb983172ceff025e84b0419645fcc72897b992f5081c78756122391947f08ccd20806cfc2bded705b472fc52e84734e016cbd309aadebbbb4e8bdfed77b1e0b15ce0904838d9e4d64643df66f0353c377e554b428dc0f31189a134cdb8e66d2755e84c2b2409c3d63a81f5f05616baf6a243b09153a4f8289e15a5a4ffb007b0cbeffde25391bb2acd86b453e245643c0fa1dfe5d42e0e3f1c592a00b77f0133adf7989c6c2bf3ddc0b8a2b14f35d33f62f4ee2fc56166372058e997b9abe6bad8aa718f8d87ad095e8f354aaef540840437b5451771266a8358ed75954db52b38bca4a1c8696dca1de03b12627254409f8bb68c94eeaa1a8bcf894482b96e81b9ff5c2383a907537a191aff0bb5b5418ef5670cecca1cfbd41b61879b11a5a5053cd86cf5d61f8c2f7d7ad2034a1801b3b92a79ac3b4343c680008b1ba10577a35173cac6d4dbc1d00e436f238b57093b34d4ea19c225b84a2d6086cc6cf72595b980c88142d268bbf9c8375a93afe75c3583b3b9687368d78147985d209e6d89c335e948c51696a948f01ad062dcf84a99584466e24646b2e441fefb10ef962432f2925d6d98e790acf4ca7d9339a589a537aa3392ec79f34a6544144072ab8248e45ac560a78c70c5afcbf10909299dfcd67981c88780c1340c951e115ffec56d23b9ead6a55024e199238f4b133e3e1e0e84318b5037a3947ae09749c25c7e4887936ecf0ba9a807dfa471ea1f3350b70feb58dc9e2836365ce4db456a341e43410cac1253fe08e79c21fca932716f4c171fc957cb325737b70532d81f0eb2f0a16478c0d934165728f7b29a8a0ff6bc964e99dea26d3efd28336b00c112a26da7a2ea1c21a9688cc3a68293958edf27ae89e5f9b8348af4121028e760cf68c931af92906d27dad4d330df9201b5395ccce0c803806422883667ccb11438d9dbe1901d4ab98d89914b313338486deb6f748053517e2188c479adb1eabb8e8ed5d05bb3f66826fae83bbc5bce3615ee32d937ffbe8846a1156aaf7bf9b9d4189bdf290b3df254077688eeda824d6ea0a452f7e7f915c1a94ee250a3907ec035d7ba7bb0256811f04646ca156b8925506c774df4d4072c02929e985057a5f7ddc1469c7306e6fdb86b810ada1cc96f6bd389597dd27dd656f55c316fb2d56b2d13eddf893722e813934a19778719be99697c365222db64039f9caab1201c430e53df1af8a0321c8759fc33e8204150080979936d0717f6c4c9145fb828389acbb894a4600485e8b105c7165a40e814889343deead6d434a8da60eed1e50aa507ac2793b4a4c5517265f859f223bb4f6cadc6fb53430304baea18189e2b5ddd266c38f5c325ba391a50fcd34060d217c4118889c4275e40a8428099ddfa3cc0d8241c22fc1554318e922f3b1257", 0xf15}], 0x1, 0x1, 0x2)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x18, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

3.68542958s ago: executing program 2 (id=3480):
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001300)={0x38, 0x1403, 0x1, 0x70bd26, 0x25dfdbff, "", [{{0x9, 0x2, 'syz1\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14, 0x33, 'ip6gretap0\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x20000040}, 0x4008010)
connect$inet(0xffffffffffffffff, 0x0, 0x0)
sendmmsg(0xffffffffffffffff, &(0x7f0000007fc0), 0x800001d, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)=@newlink={0x28, 0x10, 0x1, 0x70bd25, 0x25dfdbf9, {0x0, 0x0, 0x0, 0x0, 0x48815, 0x40103}, [@IFLA_GROUP={0x8}]}, 0x28}, 0x1, 0x0, 0x0, 0x40801}, 0x4000000)
r2 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040))
pipe(&(0x7f0000000000))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
getsockopt$sock_cred(r3, 0x1, 0x1c, 0xfffffffffffffffd, &(0x7f0000000a00))
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000000)=<r4=>0x0)
r5 = socket$alg(0x26, 0x5, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
bind$alg(r5, &(0x7f00000004c0)={0x26, 'hash\x00', 0x0, 0x0, 'sha3-256\x00'}, 0x58)
r6 = accept4(r5, 0x0, 0x0, 0x800)
sendmmsg$alg(r6, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0x4d}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f", 0xcd}], 0x3, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
bind$nfc_llcp(r2, &(0x7f0000000880)={0x27, r4, 0x0, 0x6, 0x0, 0x0, "d92984bd1ca44c226af5160e961711a077609475b78411e879918d20000000f2170e65e3f50327080e000000000000001900", 0x3c}, 0x60)
setsockopt$IP_VS_SO_SET_FLUSH(0xffffffffffffffff, 0x0, 0x485, 0x0, 0x0)
readv(r2, &(0x7f0000000600)=[{&(0x7f00000001c0)=""/109, 0x6d}], 0x1)
close(0xffffffffffffffff)
sendto(r2, 0x0, 0x0, 0x4000, 0x0, 0x0)
r7 = socket(0x10, 0x2, 0x0)
sendmsg$IPCTNL_MSG_EXP_NEW(r7, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000100)={&(0x7f0000000640)=ANY=[@ANYBLOB="b80000000002030000000000000000000000000108000940000008009c0003801400018008000100e00000010101012c00018016000300fc02000000000000000000000000000014000400fe8000000000000000000000000000bb2c00018014000300fc000000000000000000000000000001140004000000000000000000000000000000000014000180080001007f00000108000200640101020600034000010000060003400000000006000340000000003ad6968b1a46218fff398d1e7e408de862ba6850802ac8c04a23a7be934cabaa5ad5fa93b1f165bc83e9ccd68a235de784454a472ec8b880a3e36a6ddfdd707e"], 0xb8}, 0x1, 0x0, 0x0, 0x20000000}, 0x11)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r7, 0x89f1, &(0x7f0000000140)={'ip6_vti0\x00', &(0x7f0000000240)={'syztnl1\x00', 0x0, 0x0, 0xa, 0x4, 0x40000002, 0x0, @mcast1, @private2, 0x40, 0x80, 0x2004, 0x6}})

3.68135888s ago: executing program 3 (id=3481):
syz_open_dev$swradio(&(0x7f0000000140), 0x0, 0x2)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file2\x00', 0x0, &(0x7f00000010c0)=ANY=[@ANYRES16=0x0, @ANYRESOCT, @ANYRESHEX], 0x5, 0x191, &(0x7f00000003c0)="$eJzslT1P+lAUxp974c/LP34CFwdJxMHSFjUuJLI4OZj4QhxMJFIJWsRAByFx8BO4uzn4PXT1Qxh00QUnHU3NbS/tlYAaEsWE80s497lwejg90OeCIIix5eH+te2+5B4TACaQQly+/xQJc7iSf5d4Pr1ZXSmc71zdxttasl9N1/3+90cBXOcjcIJrP16dkusGeKA3wTErdQEMmtS74NiS2gLDttQHiq6JfE3br9iWtlezS0LoIhgimCJke/vrnDGUlP6YWOW+0WwdFm3bqv+g+Gp+nTxHTulP/b26s9GV+RngMKTOgmFd6iXEu7PxR6Lc/2Q0rK/8NX7l/kmQGDshHq4/0MbwIvQn95JhRvEn30ouvKMm41SPM41ma65SLZatsnVkmtlFfV7XF8yMZ0R+/MT/kp4//Vfq/xuQG2MxnBQdp274MdibfuznuNzzP470tL8X3h/rLfwWHlpMvri3CpWODGyeIAhihEyBeZ7p+XJXLMsP3QBzbcR9EgRBEARBEARBEAQxPO8BAAD///k7c0A=")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f00000005c0)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xf94d8000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
futex(0x0, 0x84, 0x0, 0x0, 0x0, 0x0)
name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="14"], &(0x7f0000000000), 0x0)
r3 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_DEL_MIF(r3, 0x29, 0xc8, 0x0, 0xc000000)
open_by_handle_at(0xffffffffffffff9c, &(0x7f00000000c0)=ANY=[], 0x0)

3.571518416s ago: executing program 0 (id=3482):
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000240)={'syzkaller1\x00', @link_local})
writev(r0, &(0x7f0000000040)=[{&(0x7f0000000a40)="2e9b3d0007e03dd6e4cf52c0e272b38d8864", 0x12}, {&(0x7f0000000280)="0000001c13ee818c790a49ec82d6c24e51f916c156ec9ad24ba51ff4c7edb494994e4d2b80b9139540334ffe28550c052079f2b66b9a1b536490c4223d17b06fee8b24d29d61882790617127aa5ffb23feb1602f45fa60ef497d667185fcc27ecf076c08670bfce6501f9b16827db902957acfeab7762011ca1eb6e9b5570298bdc0f757a2b289991c13ab88da72b4dd05ebd00b897e213ae4f87d7f3c222a8446161e87a3c34cbcf129e445bba96002e79c8ba4", 0xb4}, {&(0x7f0000000a80)="7144894c9d106e21773692b0816cfe2b5dad6cd6b30fc77a7731a942840c52e93fc8ca5062e0fe4dd305909234474de80fd35bedc3f7e84f7b51c7649d9572dda7c24630dbd54badda095d0fdfa3d57559ca6f89af78d363c38fa5aab06962086dec6ce8cbee0d8e29a527a4c2c6843e27ddc4672d4269423870df2e2a35d2c4f07a344c23e22a591cac9c2a9c448761333345592729370184722756cbbf2171b21bc1a44c7a31050fa90ec275b9a33e8fc17577a5870cceacc2b4a31b4cd0b1fa4da1f7ba5edb518fdfbbeb7aaf2612464fb365d3e2fe4b2de477c56e4be591710b97186a60384146c9a3e2f64fb9f8724552c07de292a13d0ff536f37b14674f3390c603fcf64ea62f4f6aa56c2e6bbb3ed975d31550342417d5a1fb9a246233ecac3678a710c5adc4061c3ffd00a4ae425cc4b919847aaa73f8173735f5a032d2f308a05241a82f45a10220982fcdf9f07baff3112b3b4e4ff7e0ca06f86eb6af2ea0d3457ecb31ed04985ebda2ec8d7feee6dc970c6b1ba3b07090449d468d79d6da28832e04148316fe22f12386598ac88177a39c3def5ddfeb28c49a936753ac371093c45255e803eb7908d7d2e1a1a6e576eadcb92ca00b7fea20189f628dd8a92c57e73c13a722a4ed98b24136f60f20c6c1cbe4b99bdba13b994b3c94c309b6fa4db2e803a305888f8d01cf47c80e2fd52a5890e3f9523cfe09fb42d3e4f930c568b39e2abb30301bebf893a4725d150c1a1a7df2697b0b5bcf517426659fdb5c70a1f4319c3b3f9d20f66aba87de9931004358aa7d2ff149cb9b184d91b1d2591f316e64428bf0f05fe526ea793f4020a2aaa318188a39d24e33a012833d19bf6232a271e0ff784dc932551c2385e1b09bc0f6fdda3088a5b0a7e1b458d051c6dae5df71ab36e4b8de2cac1ae8679ad110d2aa55dce7b49394cfcb489fbaa357c35177474c6dbe8efe3af35dd6dd5bafe3f687e2fa93b455db1144bf4d8a71d38478055e5444cd456e5e407c26f505eb969a20acf2d54ddabf5da3bb6a433203f11be79055c578e6c2fb7f6fd91d31df314e375b2afad147b1feb4ea086c5aaa0630673af1bcc8f5a2488a03485b9fb7d2375f60de5e4c7ceb9df3e1456a1773e86baa5dae54f6bb82e197c4daca72be5abbced9a861a98a83b26776529f48fa6a418a214d60264002c30d5d9f522eb5ecc06e7e5a797f6b05c735597b3f433d16f050d368822fa601b9efdfebf8112e0f9757ba4782fb13722c6542c859fe89c1606dba03f76f85a5545623111d896b4b558f536ac36e19ad7e5f7e0ef108ec13b902f0f6df074cc262c8bcc34faeb583fea0c63e2d37c5876df0a28c77b1a02eaf2774e693f171f7c79fc4ad336609dfef94a90ec5d511e2b4ecb953001d891a9aafa3c3f1f83ffd45b62d84ecbad69f2f0a447040ee3c805663d21c102dc5a384a4205f1674d91e83e05690eee34586bf5d074570a6e90d41aa18dbf188f79f0e4a0683834be52f2cd3e9f06531d93ecc24453950908f06be755bce90c4c07043be72df31f1368c53f9308482747352fb258374895e2f3b4497f256cf1797688aea29af8a946b64996ba7b6914c5d5794e3ba4e74defff776e0547ec65582d004c9f3f586201b09dce6ec20628bffcc190beaeaf4403b21bda1e7d5e476a89cbab9d2de5bb4cdffd369d8be4e11aa97b6d21a7a30b1568063744cf9dc0e10e7257081c6b67b01f8dd8914276e284d6024ac02a46f38a119d87cf894fffa41efbe613fe0f37db33e8fced521edd22e5bc5ef8c8a77858d0ec98d56e728437d27177657b22ecfec7674b439b077c010bb2a669eb3146c4feb63422de002c167be8c1eb24c12b614474ebdd00de1dd1e92bfbb3ddcd05d0b43d2e83e2c236822f4265d790bb136538b852e4e78ff70f60fa89fe96db078a235413d029ddf2d7ba3ba36163f3d7f0178c648df4ef687eacfc7ebc988fb077f08577ab112ce0434c802f1910f452f60e18f3bbb1ef184b03e9fde71559f11a4cd7152398c685cf541563b594a103543fe2f1a413a049962690a38134b5ec6b995352de517028b289be8893a9daad6b3106f425f440b0b1ea83ee0b703c1c9ed2d5d1f526d26f7e9aecedfaff914f4def66ffc8e151e6a45967f12cc024e0d2b329d0dddc629dae5e75eb6e66b92c448efd78551a596ddc77cc7ddb485e9f4565a671640b16218eebfe39f4d32a58663178a28f061470ca15752362d77212498c9340811d12b6af8b841627e2fd40f5b50faff6d2be7f90851fe6bcdbafaeeb7a9ee584a5fa5c4137ab3c9ff00e18a97261597cef08024b33b01c17c86e6268d4223df24d1d6ee26f819ce6e4cd4e136acdc416a1643a74301ed472ae1a0d4361f56ea094ce3b1f5f4fd11bea347d69df7c7a1d7bc00dbaef166dab0e3a940708895227111519b01ed5434e79edfca2b5300dce3766360e3bc7ea3d8af7caace29f0c3c1259a8ddb237132d63d24dcd3ca144a3fb4f825c403b9b8caa43a4f169b9857d1728bc707004f51f127b61c0cff9b75cc2bd8d3719cb97930161ce844ab63237f2eb4a6c5edec48a46a00eaec33e37b3eafdaaf78136be644bc6b479f3c9482bdef5c88fc60b9911621f5d56227980929fea459c6bea8cdedf6b4611e24de50e7966f65211fc7561dfc89e6652b5e2809c21fb6803ee1527c136c3175fb694377d1b2e7e2405ab30d8f3cfa6edb00f4ec05aff480e5b357ab3faadf2408951b6e8d7f659c6a5e6653dc18f360bc4da56209bcd9c09e94e67f6e1cea0cdf34c93eb6e97c7f68287c19ee62aab936d0757068983c6ac9d81dbde3a55fd282cdb2eeb27b9828e5ad10b21ddfdc8b5d64ace1b3aa4acc7b02e388754fc8aa441d4dd6a710ee661a3f1303dbd97e4e46b6da91d50bee301238639c4fee70b1412c808dcfb7006f5a25f417dbedd0f8b3eec3688a39d34e04cda44c6534ee184a5335e964a6c35d46f21be059b1493d0e382297db5aa21f7b728594642e2007003575d053d8894125748e397fbafc51f5a92ff57d7336e1e8fd7bdb07f1e040cd429eda6bda0d7564de2e842299cf49002359a5bfdd533f3476872a2fb3d5c4a3e411c51870a7adc24832867f4f05301e080246568788b69bd52c204dcacf9d4f15980407ced054736793e760f9b311217603babeda9db7802aa403ff14f0eddc15f4464656bf348497476a91c4dc0cafc338c9325abf99162dd8f253f215fbe2476ef8c5649f3fc98cc086d04cedbf71e5f409d783bee0ccf4f0f6ad1c4907e46827ebe3710cdb84461f027c1919c3b21e10f6f12f9bbceefdfda39385bbf9e977b0e9021815f7c037a3e2714207b82c9492e9e28a6bc716ffbdbf1aa8c7e5d6660a9423a262a26ecd63ad4b803b20a37602a1a8274a25fb9ea5a55567ffa8b518285da9233923ce31a1e6dcf2dd142449814eb41a5321e14a23eaf069380cdd82e0490148dab4f8c68da81f0415fd5dac0d1069723765559035293be16d290e6eef98b5bba8a77df1f328aa342ffbfb781e5a24be4e0f35c5e4a653916eaf7a65eed46da6bcdd1133383340fa83ccedd002faf53ad7a4e8dc43861471e9e4a1ca32c64897f629f77c80b40a4653d24988a977b49e253dd3b00b2fa2ba58ccf43b24aaf254022708490edf5958d580d759d88f831fdcd5b4a20403a7dbec9b90640dc3728958806afeb01b826f11195e955963934de490f9a3bf19313aed4cd6796b3af9d1f085072a03989899f70d9bb0f7e0a011d374dad269b39bbc327d4d2303d259a896a44befb681932660b2967880b3977c723df0727e061aca0a27675932e6f578789914fd2a7c9b3aa64745001abca4a4", 0xab3}, {&(0x7f0000001a80)="557c8d4adefadf1a7ecc4ac16b38a72a59129a2184f4d92c9c2f11e5dbe4af8d78940ef0545f7e612d76116f27690e9385483fa6c15fcac8a5cf89957566d88d7b3359046ecafb75ead9e7b290f47369801dbea66634bf3a62e9e69c3d9b74130a5361bd46bb66ff5a793bf98e7db4fed6d69cd9d40feea8f3769751ccc3a064f25c30b2be4172fd737d39364a6c1572cf724e8bc7d0cab162a4cef55445ae8fa6425c7315531688c595e8021d3ed388aa723c732de52cfdaa8daffc123cb48055d972a30ad23a4e5223fbea8915d889d2177fab2d14df5c5eefcd6ebc1af6d922c08a0d4da6f3d9f6c3464bb938d2e5cf525993adcf1883231babb5f5cb2365efc405572226f12ca02949726b0294550af79cb5a6546213d5c1353983be5165ddaa1b09c0570db3b56ebfc0433d7f6d4bfda6db0026ee9091250ebb71d93f62b76f6093ff6afbc2f7dba0711124cbb713704c53393398ee49c20662b7f32b748f4d2e055a8608a3e0a551a0ec6bb9e12036931c171246b9dd5fafaf6e04a2bd642e79c324a4cd3f68076a1beccf08b83f83bf7fcca9ff40f7a1036b780f7284007bd017e43a72f5d37e65896a30586ebc33f3fae2e6d28f8d300e27f7705971541693ffcd426bde47b08aa9a54329ea2a505186f6e0a8392214c639f30ce9ed2b49e844bf1d5672a16a6a835cfd75d5919bfb7eb1c478b45f83ac8be8889eb1485e817a82198019fa2859dccf283859ddfe7114db8c0791e3737189137551b338760c1517aa832175081f7c6f6bb7c46219f99b508d2e782646fdda37512732f3fe17cbcc2630ac895157a06b16cf481f2ef244aaa74d91fefc7fabbbdc622134a1bb2b4d184d17ba9483729a5f1e8587296eb2fa34b3a4d2f28b2d859cf932762f27e87b9574732feeced6197c982705a3d53a22ef6c720ef29de081c45c83eb99882e4ac81fea1adf549460ec79f3a1bf21364ba375d5dfb91aa325de4463c11ef039b649e62d09c9299da5ac6e2f48f1ef680fbbea5e55df01576d45a81b465a030fc769dd1bb65c4a10a5087eb85f7ad4af1589ceb8166f5fbec90b8c1c17ed0f10d2c84d3e494785cacabc11482485d2ae60ae172aa7aa246b1983a98e334fa27ce715da5ab4df5efa9eecfe24cab7213929f707e2104376db966645d984ec2646414367243c6c91b7120a37f6844d92c49ae5aa54c834074d6c8f7cbe0c2486156b9cd3edbb486eeaad50316d18d056627fb02c23d8f0cd0730ebc4fb30a2332f0a07e8681392b2ce6b040a442f1c0b270e6a2605993eaa40b059df50976636d4a51eb1634dae63af054d7c70f438ecc161e2b768ac20410b878c600840d0c47cbd5346557a305a070fdec06599553a084cfc02c38cb87997a24869d25ec1b4140cddfa5366c0faed2676fde89f05dad0b8c7aad4bdbac8c220188d7f333091b9ea887fa2377cf9c9ef2179484f0ae8f2f7a458db6e586f7d3a242e655eb8859ff1cb8d5eda3254c9af426dd3df84d6985d8f4ffd6f7b19510787d92a6db3fce1578069a84c7bc7d3d80b3bd6747f6bd80bbaf8c7a8e9f87a40b1bc7f5505c714de1bffa57c2111d675a4e95abd7e3861a1722db7612cd18260ff036ae324e56e0d03d1a12bf76c3c72e7af2615293d83bd38800eaf106cea209236fd4347e8d74e3f16af57f0de15577fa1fe7f89abe17cf2b0b05fcd5a1f8b686eb011b06339daaffa71fc3092db6aa611e731af83bfb071f81947055edfa408113694c13db59ec07032b15b8f92143a6f6f7634fcd703794f094504a07cb282f9e98127342499d7b1c4b4114e28af990c2f3e5567dc5c605d5f5c52201ea833843b6740449e3bddd161a597f5152aa95476574e20955bdb2ae23ddc89c10e575db32ee2939e023aab0659b98cbf5a854039a44263116b25388017ab3990df642753c4848f3ea159f8420f2eb3c23751f9e00528b327c2f546a64fa18d2a591f321caa5ffa20777bcde296bf276f6e5f24ce21055e0f6514e5e2e5a2d302a2b7c034133c707ec6255dbd7a40c77ff45788bb4ad50b83bcf994dee35e3d4aa5d43dae22059e167e4fe06bf8ceb8086fbcd587816812e3e906d2d262c937c3c72fa1428a64df8ec799da0bacfad4c9e4ae4c40539fe94b1fc4c60a705b9c40ecf38b07d6ad09a1f6b5dd9db7a9b3a5c92ef3ee216de8950750405ee5f51dd6b410a14d0003d22530a3b5d88fb75a2ffd68981e90a148919b3ea05e1a1e2e975e937bb2380b622d72562e91a238c9af380b3ffcb908b34c65ac0f68c0217cacd7e804736a35fb4d99ebc870fd117529b259ad775eac7687e2f935669a7fabede766b658988ac7a5f24f5321d8a36a3c6cc7f211a080f857afc7783c5daf112ef6488991811de6b58fcfbd315dac76ac0edd8e35b47f157b39bfec05a673bb0731b0d7dec012eaea9ebb9e1100f534b3ee8e2efb2c5b673f89ab064298c95018087327b8ac66d720e6bba8fecace05a9aa7656b76bc7e89dc647a7891b19e4f45c1bac90883b77378b36741dfb4e71f4bf8ef10a90818f8594a7653d6a12c83f0d38df059e85a7c34401c23c8e78d0887cc6f8d3fd84c2829629bcfddeee96fe380e9f2ddfce57e7520c7052baaab143d2cd03f2e735e366a6c15f749543b47b3231f4c123ed2d4d241771c3790f4a2c46e41743c9d11258aef64a24c21d2f1d5d369415b7a34ab264b45bdafe9094d5973bdd0ea6b91f23801d3291fd62657894ca7b20f4341efa925bcdd2f6e96e6cb437822ed4e42f52dbc84fd4dc973c5511363152ba43bdb6d53101fb335a35f3582a90dc067439addfe562eeb28d1f8ed221aad95a277bdfbb568d9d02bf38bf772c4148be0a763d35cb9d8da19ed1a8616bab69f3db46afc2240522cae298d94ce4d6f76693bf34311f14587b389917c8fd3c14102f970dd575135d0b221b38fce2bf606eb16991ca17d42405c53b97b71e088238dc12891c703468f8b2b77bac854ff2cdc81a77ab1816e0ae56ea9e365dd5d99ff0d7da1b835f171d49e87daa251f162e0c83359d647556b897e5ff3ce83118469bf643fb63ced9db1d4d2d86f55524b6ff34e6f0051376f92c27f26912ee151a08", 0x8a2}], 0x4)

2.637661891s ago: executing program 0 (id=3483):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = syz_mount_image$jfs(&(0x7f0000000000), &(0x7f00000000c0)='./file1\x00', 0x4000, &(0x7f0000000200)=ANY=[], 0xff, 0x60c0, &(0x7f000000d800)="$eJzs3U1vHVf9B/DfffC147RpVP1V5R+xcFMeWkrznEB5asqCBSxAQl2TyHWrlBRQEhCtIuLKC8QGeAmw6YZFJV4BL6CvASGxJVLSVReUQWOf44xvrn3tJp659vl8pJuZ35w7vmfyveOZ65m5EwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA/OD7PznXi4irv04Tjkc8FYOIfsSRul6KeuRKfv4wIk7EenM8FxGD+Yh6/vV/nom4GBEfH4u4/+DOcj35/C77cens7Zuf/fB7//jdH9dOvPPmTz8cb//x/1346Pd3I47/6NWPPrv7ZJYdAAAASlFVVdVLH/NPps/3/a47BQC0Im//qyRPV6vVavUTrf/Q38vznzradX/Vh7Ruqia72ywiYrU5T73P4HA8ABwwq/Fp112gQ/Iv2jAijnbdCWCm9bruAPvi/oM7y72Ub6+5PVjaaM9/p9yS/2pv8/qO7YbTjJ9j0tb7ay0G8ew2/TnSUh9mSc6/P57/1Y32UXrefufflu3yH21c+lScnP9gPP8xW/L/U0Qc2Pz7E/MvVc5/uJf8VwcHeP2XPwAAAAAAh1/++//xjo//zj/+ouzKTsd/l1rqAwAAAAAAAAA8aY97/79N7v8HAAAAM6v+rF7787GH07b7LrZ6+hu9iKfHng8UZqnx5YAAAAAAAAAAAAAAQDuGEYvpvP65iHh6cbGqqvrRNF7v1ePOf9CVvvxQsq5/yQMAwIaPj41dy9+LWIiIN9J3/c0tLi5W1VxELFZH5vP+7Gh+oTrS+Fybh/W0+dEudoiHo6r+YQuN+ZqmfV6e1j7+8+rXGlWDXXSsHR0GDgARsbE1um+LdMhU1TPR9V4OB4P1//Cx/rMbXb9PAQAAgP1XVVXVS1/nfTId8+933SkAoBV5+z9+XECtVquLqT/ZmDgz/VGr97Fuqia72ywiYrU5T73P4Hb8AHDArManXXeBDsm/aMOIONF1J4CZ1uu6A+yL+w/uLPdSvr3m9mBpoz2fC7Il/9Xe+nx5/knDacbPMWnr/bUWg3h2m/4811IfZknOvz+e/9WN9nyL/818FvYn/7Zsl3+9nMc76E/Xcv6D8fzH7Pf635a16E/Mv1Q5/+Ge8h/IHwAAAAAAZlj++/9xx3/zIgMAAAAAAADAgXP/wZ3lfN1rPv7/hQnP6zXHXP95aOT8e7vO3/W/h0nOvz+e/9gJOYPG+L3XH+b/yYM7yx/e/vf/5+HM5z83GNWvPdfrD4bpnJ9q7q24HjdiJc4+8vzhlvZzj7TPbWk/P6X9wiPto7r9SG4/Hcvxi7gRb262z085MWphSns1pT3nP7D+FynnP2w86vwXU3tvbFi790H/kfW+OZz0Olf++p8vP7p2tWG4pVqLweayNRyr/znVWp8eWv8/OTqKX91auXn6N9du3755LtJgy9TzkQZPWM5/Lj1y/i++sNGef+8319d7H4z2nP+sWIvhpPzX398vNMbr5X2p5b51Iec/So+cf94CTV7/D3L+E9f/9eV7uYP+AAAAAAAAAAAAAAAAwE6qqlq/RPRKRFxO1/90dW0mANCuvP2vkjxdre6g/tffZqs/arVavbXuzVh/PkfdVE32WrOIiL8356n3GX476YcBALPsvxHxz647QWfkX7D8fX/18ItddwZo1a333v/ZtRs3Vm7e6ronAAAAAAAAAMDnle//udS4//P6eUBj943ecv/X12PpwN7/sz8arN/rPC3Q87Hz/b9Pxc73/x5Oeb25Ke2jKe3zU9oXprRPvNCjIef/fMo4538yLVhJ9399sYP+dC3nfyrd6znn/5Wx5zXzr/5ykPPvb8n/zO13f3nm1nvvv3L93Wtvr7y98vNzZy9fvHDp4oVLl868df3GytmNfzvs8f7K+ed7XzsPtCw5/5y5/MuS8/9SquVflpT/5m6o/MuS1/+8vyf/suT882cf+Zcl5/9SquVflpz/V1Mt/7Lk/F9OtfzLkvP/WqrlX5ac/yupln9Zcv6nUy3/suT8z6Ra/mXJ+ecjXPIvS84/n9kg/7Lk/M+nWv5lyflfSLX8y5Lzv5hq+Zcl538p1fIvS87/cqrlX5ac/9dTLf+y5Py/kWr5lyXn/2qq5V+WnP83Uy3/suT8v5Vq+Zcl5//tVO+U/zst9ot25Py/k2rrf1ly/t9NtfzLkvN/LdXyL8vD7/83sueRxdnoRpsjVRUxA90wsu8jXf9mAgAAAAAAAAAAAADGtXE6cdfLCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwP/YgQMBAAAAACD/10aoqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwg4cCAAAAAAA+b82QlVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVRX27jVGrrO+H/izV6+TQPwnIYQQiO1cMGST3fUtMcFgrv809JIGQksLdYy9dgy+1buGBKFmaWgLAqmR2hf0RSkgQEhtlahCKpUoilSk9k1VXhVFlVArIdWVoDIRVKICtjpznufZmdnZmV3vrj1zzueD4p+9M2fmmTNnZve76DsHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABotuNts380FEIo/mv8sS2E64q/bw2Hin8u7L/aKwQAAADW6+eNP//q+vyFQ6vYqOk6//iaf/n64uLiYvjgixd/8SeLi/mC7SGMbAmhcVnyTz/9yWLzdaKnw8TQcNO/h3vc/UiPy0d7XD7W4/LxHpdv6XH5RI/Ll+2AZbaWv49p3Ngdjb9uK3dpuDGMNS67o8NWTw9tGR5Ov8tpGGpsszh2PJwMp8JsmF62zVDjfyF8c0dxXw+GdF/DTfd1awjh0o8+fjStYSju4ztCy501ND93P3xL2P7ijz5+9KvzP3hlp9lzNyxbaQi7dhbr/GQIS7+uCkNhS94naZ3DTeu8tcM6R1rWOdTYrvh7+zovrXKd6XFPxHV+p8s6b41fe+L2EMJCWPE67Z4Ow+GatnvN+3uiPCKK2yieypeF0TUdJztWcZwU23z/9tbjpP2YTPt/R9wnoyusofnp+OEnxpft98s9TopH3Q/HanHbDxd3OjHR/KvVlmO1uM7H71z5GOj43HU4BvKx3HQM7Ox1DAyPjzSOgeGlNe9sOQZmlm0zHIYa93Xxzu7HwNT86XNTc09+7J6Tp4+cmD0xe2Zmev/ePfv27tm3b+r4yVOz0+Wfa9ulA+SaMJyPwZ3xvSYdg69tu27zIbn4xY17HUz0yeugeOzvuatY0HXDYYVjvLjOJ3et/3WQv+83vQ5Gm14HHd9TO7wORlfxOiiuc2nX6r5njjb912kNm/VeuK3pGLia3w+L+3z/61Z+L7w1rutTr1/r98ORZcdAelhD8bVXfCX/vDdxf9wvy4+LW4oLrh0PF+Zmz9/7xJH5+fMzIY4r4oam56r9eLmm6TGFZcfL8JqPl0N/+bO7bunw9W1xX03cvfRcjXd4Horr7J3s/lw13t0778+Wr+4OcWywK70/O303K/ZnzhJdjv3iOp+8Z/0/C+Zc0vT+N9br/W9kbLR8/xvJe2Os5f1v+VMz0lhZCJfuWd3731j870q//93YJ+9/xb56/73dj4HiOp+aWusxMNr1/e/2OIfiel4XE8NEU+7/RePyhfIwbXouex43o6Nj8bgZTffYetzsWbZNcWvFfe+avrzjZtftrc9Vy88tFTxuin31p9Pdj5viOs/PrP+9Y2v6a9N7x3ivY2BsZLxY71g+CMr3u8Wt6Ri4NxwNZ8OpcCxvUzzLxX1N7l7dMTAe/7vS7x0398kxUOyrz+3ufgwU1/n2no392WlX/Eq+TtPPTu2/X1gp898yunR77bttozN/sc637+3+u6HiOj/Yu9ac0X0/3R2/cm2H/dT++lnpmD4Wrsx+ujmu89S+7r+bKq5z4/5VHk+HQggvzLzQ+H1X/P3u31z416+3/N630++UX5h54aGpR767lvUDAHD5ftH4c2G8/Fmz6f+xXs3//w8AAAAMhJT7h+PM5H8AAACojJT7R+LM5H8AAACojJT7R+PMapL/H7//wLM/fyrkTwNcjNLlaTc8/KbyeqnjvRD/vX1xSfH1t3557NlPP7W6+x4OIfzsoVd1vP7jb0rrKp1L63xD69eXufm2Vd3/Y48uXa/58xMuHShvPz2e1R4Gqav8zandjdvd/uRMYz7/UGjMRxY+9XR5++W/0/Uv7imv/+fxQ0sOHR9q2X5XXM8dcW6Pnynz8KGl/VDMtN2zt77mH25479L9pe2Gdr608TA/93vl7abPiHrmhvL66XGvtP6//8zXni2u/8Sdndf/1HDn9V+Mt/v9OH96sLx+8z7/dNP6/yCuP91f2u7eL32r4/qfe0V5/eficfGFONvX/5Y/fvXPOz1f6X4OPVBul+5/+n/2NrZLt5duv339E0/NtOyP9tt//sXydg5+5McjzddPX0/3kzz2QOvxPRSf35YeeQjha38YWvZzeGO53d+1rT/d3rkHOq//7rZ1nhu6rbH90uPZ1vK4Pv+V3R0fb1rPob/e1vJ4nnlH3H8vTn27uN2Lj8TjMV7+v98pb6/9s0yfe0fr+026/he2la/bdHtTbet/pm39C7cV+673+h98sVz/c2/e0rL+Q++Mx9OD5ey1/hN/cX3L9l/8avl8nP/o5JmzcxdOHosPZlvb63jLxNZrrr3uJS+9Pr6Xtv/78Nn5x2fPb5/ePh3C9gH8yMDNXv+X4vzvcixs/D2Uvvvj8rj77LvK71uv/Un572fi1x+Lz2f6/vj5PxtrOV7bn/eFN5dzvet/fVzHar3iM/9xW4cv/+eyz/y9+IFvXvjb3/9B+88F6fGce/lE4/F9bsdNjcuGni8vb3+/6uXfX976uv7e6HRjfiPu18X4ycw7byrvr/3202eTfPbd5es3/SSXtg9tnyeybaT1cax3/d+LP8d86+bW9790fHzjqbZPc94WhoolLMT3h7BQXp6ulfb3Zy/d1PH+0ufwhIVXrmWZK5p7cm7q1MkzF56Ymp+dm5+ae/Jjh0+fvXBm/nDjs0sPf6jX9kuv72sar+9js/v3hsar/Ww5NtnVXv+5R48eu2/6rmOzx49cOD7/6LnZ8yeOzs0dnT02d9eR48dnP9pr+5PHDs7sPrDnvt2TJ04eO3j/gQN7DkyePHO2WEa5qB72T3948sz5w41N5g7uPTCzb9/e6cnTZ4/NHrxvenryQq/tG9+bJoutPzJ5fvbUkfmTp2cn505+bPbgzIH9+3f3/PTH0+eOz22fOn/hzNSFudnzU+Vj2T7f+HLxva/X9tTD3Nn4ftdmKP50/r679+fPxy18+RMr3lR5ldYfT8MP42dBpe9vvf6dcv9YnFlN8j8AAADUQcr98YP/ly6Q/wEAAKAyUu7fEmcm/wMAAEBlpNw/EWdWk/yv/6//r/+v/6//fwX7/0H/f6Pp/29I/385/f9V0f/X/9f/1/+nu37r/6fcvzWEWuZ/AAAAqIOU+6+JM5P/AQAAoDJS7r82zkz+BwAAgMpIuf+6OLN65P+x9r/q/+v/6/839//TdfX/g/6//v9l0v/X/+9G/1//f5DX34f9/636//Sbfuv/p9z/kjizeuR/AAAAqIWU+18aZyb/AwAAQGWk3H99nJn8DwAAAJWRcv+2OLOa5P8NPP//Z+JF+v/6/4Pe/z+djmPn/9f/1/9fP/1//f9u9P/1/wd5/X3Y/3f+f/pOv/X/U+7/f3FmNcn/AAAAUAcp978szkz+BwAAgMpIuf+GODP5HwAAACoj5f4b48xqkv83sP/v/P/6/1Xp/zed/1//v5n+v/7/5dD/1//vRv9f/3/j1z8Uf0zQ/++1vf4/V0K/9f9T7n95nFlN8j8AAADUQcr9N8WZyf8AAABQGSn3vyLOTP4HAACAyki5/+Y4s5rkf/1//X/9f/1//X/9/82k/6//343+v/7/IK9f/1//n976rf+fcv8r48xqkv8BAACgDlLuvyXOTP4HAACAyki5/1VxZvI/AAAAVEbK/bfGmdUk/+v/91X//8mg/7+8/z+s/6//X1pr/79hoff69f8312D1/4dXvET/v6T/30r/X/9f/1//n+76rf+fcv+r48xqkv8BAACgDlLuf02cmfwPAAAAlZFy/21xZvI/AAAAVEbK/dvjzGqS//X/+6r/7/z/zv+v/+/8/0v9//kh/f9VcP5//f+g/3/ZrnZ/ftDXr/+v/09v/db/T7l/R5xZTfI/AAAA1EHK/TvjzOR/AAAAqIyU+2+PM5P/AQAAoDJS7r8jzqwm+V///zL7/1tb/6n/33n9+v/6//r/zv+v/6//343+v/7/IK9f/391/f/xXjdEpfVb/z/l/jvjzGqS/wEAAKAOUu6/K85M/gcAAIDKSLn/tXFm8j8AAABURsr9u+LMapL/9f+d/1//X/9f/1//fzPp/6+6/7/1cta1Kf3/9Car/9+T/r/+/6D0/yc6bO/8/1wJ/db/T7n/dXFmNcn/AAAAUAcp978+zkz+BwAAgMpIuf/uODP5HwAAACoj5f7JOLOa5H/9f/1//X/9f/1//f/NVNX+f34fdf5//X/9f/3/Te7/f2WF7Qfl/P/UW7/1/1PuvyfOrCb5HwAAAOog5f5748zkfwAAAKiMlPun4szkfwAAAKiMlPun48xqkv+r3/9vbxaX9P9L+v/6/0H/X/9/k1W1/99+/v8Qgv6//n+m/6//32/n/+9E/58rYf39//G8SePPdfb/U+6fiTOrSf4HAACAOki5f3ecmfwPAAAAlZFy/544M/kfAAAAKiPl/r1xZjXJ/9Xv/3em/1/S/9f/D/r/+v+brC79f+f/Ly/X/y/p/+v/6//r/9fRcIevrb//v7RJ48919v9T7t8XZ1aT/A8AAAB1kHL//jgz+R8AAAAqI+X+++LM5H8AAACojJT7748zq0n+1//X/9f/1//v3/5/6/1vXv//v/T/N5H+v/5/N/r/+v+DvH79f/1/etvY/v/16+7/p9x/IM6sJvkfAAAA6iDl/jfEmcn/AAAAUBkp9z8QZyb/AwAAwEDpdB7CJOX+N8aZ1ST/6/9Xvf+/uEX/X/9/cPv/rfvT+f/1/zuJb5/6/6tUr/7/1mX3p//f6mr35wd9/fr/+v/0trH9/2U/nq65/59y/8E4s5rkfwAAAKiDlPvfFGcm/wMAAEBlpNz/5jgz+R8AAAAqI+X+Q3FmNcn/+v9V7//33/n/h8Lg9v9H9f/1//X/18z5//X/u3H+/8Hs/6fP3dD/75/+f3EM6f/Tj/qt/59y/1vizGqS/wEAAKAOUu5/a5yZ/A8AAACVkXL/2+LM5H8AAACojJT73x5nVpP8r/+v/+/8/87/r/+v/7+Z9P/1/7vR/x/M/n+i/98//X/n/6df9Vv/P+X+d8SZ1ST/AwAAQB2k3P/OODP5HwAAACoj5f7/H2cm/wMAAEBlpNz/YJxZTfJ/hfr/Y3Hq/+v/6//r/zfo//cH/X/9/270//X/B3n9+v/6//TWb/3/lPt/Kc6sJvkfAAAA6iDl/ofizOR/AAAAqIyU+98VZyb/AwAAQGWk3P/LcWY1yf8V6v+X+vT8/8P59vX/9f/1//X/9f830oD2/yf0/0v6//r/g7x+/X/9f3rrt/5/yv2/EmdWk/wPAAAAdZBy/6/Gmcn/AAAAUBkp9/9anJn8DwAAAJWRcv/DcWY1yf/6/87/r/+v/9+3/f/R1v2p/6//38mA9v+d/z/S/9f/H+T16//r/9Nbv/X/U+7/9TizmuR/AAAAqIOU+x+JM5P/AQAAoDJS7n93nJn8DwAAAJWRcv974sxqkv/1//X/9f/1//u2/9+2P/X/+7X//29dL9X/1//vRv9f/3+Q16//r/9Pb/3W/0+5/9E4s5rkfwAAAKiDlPvfG2cm/wMAAEBlpNz/G3Fm8j8AAABURsr9vxlnNpj5f3itG+j/6//r/+v/r7r/vxBC0P/X/18j/f/l/f/iPexq9v/HV3NF/f9V0f/X/9f/1/+nu37r/6fc/744s8HM/wAAAEAHKff/VpyZ/A8AAACVkXL/b8eZyf8AAABQGSn3vz/OrCb5X/9f/1//X//f+f/1/zeT/n+9zv8/HvT/g/6//r/+v/4/Wb/1/1Pu/0CcWU3yPwAAANRByv2/E2cm/wMAAEBlpNx/OM5M/gcAAIDKSLn/sTizmuR//f+r1P/fWl5f/1//vzr9/0X9f/3/jvT/69X/d/7/kv6//r/+v/4/pX7r/6fcfyTOrCb5HwAAAOog5f4PxpnJ/wAAAFAZKfcfjTOT/wEAAKAyUu4/FmdWk/yv/+/8//r/+v/O/6//v5n0//X/u9H/1/8f5PXr/+v/01u/9f9T7p+NM6tJ/gcAAIA6SLn/eJyZ/A8AAACVkXL/iTgz+R8AAAAqI+X+x+PMapL/9f/1/1fV/x8L+v/6//r/+v+XRf9f/78b/X/9/0Fev/6//j+9bVz//583pP+fcv/JOLOa5H8AAACog5T7PxRnJv8DAABAZaTc/+E4M/kfAAAAKiPl/lNxZjXJ//r/+v/O/1/B/v+o/n/Q/+8b+v/6/93o/+v/D/L69f/1/+ltKGxU/z9sSP8/5f7TcWY1yf8AAABQByn3n4kzk/8BAACgMlLuPxtnJv8DAABAZaTcfy7OrCb5X/9f/1//v4L9f+f/b9D/7w/6//r/3ej/6/8P8vr1//X/6W3jzv+/Mf3/lPt/N86sJvkfAAAA6iDl/v9j7z6a5LyrPY63riWPVK5bd3X3vAV27OAd+DWwYUuRc44GTE4m55yTiSbnnIPJORlMBkOVKWvOOfZIPd2t0fT08/zP57PgMGaseayhxvUr1beee8ct9j8AAAAMI3f/feIW+x8AAACGkbv/vnFLk/2v/9f/6//1//p//f826f/1/6vo/+fT/59Z8vfr//X/+n/WmVr/n7v/fnFLk/0PAAAAHeTuv3/cYv8DAADAMHL3PyBusf8BAABgGLn7Hxi3NNn/+n/9v/5/Mv3/fuen/9f/6/8vif5f/7/Ydf9/Lj4YvP9fRv+v/9f/s87U+v/c/Q+KW5rsfwAAAOggd/+D4xb7HwAAAIaRu/8hcYv9DwAAAMPI3f/QuKXJ/tf/6//H7f/35tb/e/9/fl9H7P9P3f5l9f/HS/+v/1/suv9v8v7/ZfT/+n/9P+tMrf/P3f+wuKXJ/gcAAIAOcvc/PG6x/wEAAGAYufsfEbfY/wAAADCM3P2PjFua7H/9v/5/3P5/du//1//n93WI/v9c/Tre/6//1/8fTv+v/5/z8+v/9f+sN7X+P3f/o+KWJvsfAAAAOsjd/+i4xf4HAACAYeTuf0zcYv8DAADAMHL3PzZuabL/9f/6f/2//l//fwLv/9f/6//1/0vp//X/c35+/b/+n/Wm1v/n7n9c3NJk/wMAAEAHufsfH7fY/wAAADCM3P1PiFvsfwAAABhG7v4nxi1N9v+l9f+n9P+H0P8vf379v/5f/6//1//r/1fR/+v/5/z8+n/9P+ttvf+/+przd9P+P3f/NXFLk/0PAAAAHeTuf1LcYv8DAADAMHL3Pzlusf8BAABgGLn7nxK3NNn/S/r/KxYzfv//2c2+tP4/vv7B/v/WU/p//f80+/9b4qeM/l//f7F59/9n9f876//39P8r+/nNfif0//p//T/rbL3/X9P7X/hx7v5r45Ym+x8AAAA6yN3/1LjF/gcAAIBh5O5/Wtxi/wMAAMAwcvc/PW5psv8v7f3/0+//vf9/t+//z193C/3/mWXPr//v0v/v8/5//f8y8+7/vf9/i/3/PfI30/v/D7frfn7uz7+q/7/rBs+v/6eDqfX/ufufEbc02f8AAADQQe7+Z8Yt9j8AAAAMI3f/s+IW+x8AAACGkbv/2XFLg/1/Wv9fz5H0/97/v1H/f27/79f/H3we/b/+fxn9v/5/ld29/1//v5hAPz/35/f+//X9/1XrfhGGN7X+P3f/c+KWBvsfAAAAusjd/9y4xf4HAACAYeTuf17cYv8DAADAMHL3Pz9uabL/9f/6f/2/9/9fVv9/xTb6/9NLfz/1//r/ZfT/+v+F/v/Idt3Pz/359f/e/896U+v/c/dfF7fU8Dt9hH9KAAAAYEpy978gbmny5/8AAADQQe7+F8Yt9j8AAAAMI3f/i+KWJvtf/6//1//r/73/X/+/Tfr/4fr/U/r/2+n/9f/6f/0/q02t/8/d/+K4pcn+BwAAgA5y978kbrH/AQAAYBi5+18at9j/AAAAMIzc/S+LW5rsf/2//l//r//X/+v/t0n/P1z/7/3/d6D/1//r//X/rDa1/j93/8vjlib7HwAAADrI3f+KuMX+BwAAgGHk7n9l3GL/AwAAwDBy978qbpnd/r+woN2M/l//r//X/+v/9f/bNP3+/8xGn6X/36f/P2hb/f/ZQ76e/n9az388/X9+9/X/jGkC/f/d7vhx7v5Xxy2z2/8AAADAYXL3vyZusf8BAABgGLn7Xxu32P8AAAAwjNz9r4tbmuz/w/r/m6/a/9/X9P/5G6b/j6v/1/8v9P9F/6//X8yi/9+M/n+f/v8g7//X/3v/v/6f1SbQ/x/4OHf/6+OWJvsfAAAAOsjd/4a4xf4HAACAYeTuf2PcYv8DAADAMHL3vyluabL/vf9f/6//1//r//X/26T/1/+vMqP+f2/ZX9T/6//1//p/Vpta/5+7/81xS5P9DwAAAB3k7n9L3GL/AwAAwDBy9781brH/AQAAYBi5+98WtzTZ//p//f/O+///GbL/P/+I+n/9v/5f/6//X21G/f9S+n/9v/5f/89qU+v/c/e/PW5psv8BAACgg9z974hb7H8AAAAYRu7+d8Yt9j8AAAAMI3f/u+KWJvtf/6//33n/7/3/Rf8f31f9v/7/Euj/9f8L/f+R7bqfn/vz6//1/6w3tf4/d/+745Ym+x8AAAA6yN3/nrjF/gcAAIBh5O6/Pm6x/wEAAGAYufvfG7c02f/6f/2//l//r//X/2+T/l//v8rJ9v/X3qz/P2jX/fzcn1//r/9nvan1/7n73xe3NNn/AAAA0EHu/vfHLfY/AAAADCN3/wfiFvsfAAAAhpG7/4NxS5P9r/+fe/9/95viCabW/+en6P/1/yv7/73FxfT/+v9Lof/X/y+28v7/C39SLKf/1//r//X/rHZi/f89r77XXW77L2v6/9z9H4pbmux/AAAA6CB3/w1xi/0PAAAAw8jd/+G4xf4HAACAYeTu/0jc0mT/9+j/z1z0aeP0/97/r/+fdP+fP1S9/1//r//X/y813f5/M/p//b/+X//PalN7/3/u/o/GLU32PwAAAHSQu/9jcYv9DwAAAMPI3f/xuMX+BwAAgGHk7v9E3NJk//fo/y+m/9937P3/rf+n/9f/l03e/6//1/9fLv2//n+h/z+yXffzc3/+ofv/Uwv9P8diav1/7v5Pxi1N9j8AAAB0kLv/U3GL/Q8AAADDyN3/6bjF/gcAAIBh5O7/TNxw5//d3SOdKP2//t/7//X/+n/9/zbp/4/Q/586vfFz6f/36f+PZtf9/Nyff+j+3/v/OSZT6/9z9382bvHn/wAAADCM3P2fi1vsfwAAABhG7v7Pxy32PwAAAAxgv3fP3f+FuKXJ/l/T/+/l5x25/z93+NfW/+v/F/p//b/+X/9/mYbs/y+B/n+f/v9odt3Pz/35Z9f/X3/wQ/0/J2FJ/3/+J/Gu+v/c/V+MW5rsfwAAAOggd/+X4hb7HwAAAIaRu//LcYv9DwAAAMPI3f+VuKXJ/l/a/+95/7/+X/+v/1/o//X/x0L/r/9fRf+v/5/z88+u/7+A/p+TMLX3/+fu/2rc0mT/AwAAQAe5+78Wt9j/AAAAMIzc/V+PW+x/AAAAGEbu/m/ELU32/5r3/+v/N/tH0f/r/5f+/0H/r//fsP8/s9D/H5n+X/+/0P8f2a77+bk//+X0/+f0/zQxtf4/d/8345Ym+x8AAAA6yN3/rbjF/gcAAIBh5O7/dtxi/wMAAMAwcvd/J25psv9H7v9XfZr+f5/+X/+/0P9Pof/3/v/LoP/X/y/0/0e2635+7s/v/f/6f9abWv+fu/+7cUuT/Q8AAAAd5O7/Xtxi/wMAAMAwcvffuFjcYP8DAADAmG48/59nF9+PW5rs/5H7/1X0//v0//r/hf5f/79l+n/9/yr6f/3/nJ9f/6//Z72p9f+5+38QtzTZ/wAAANBB7v4fxi32PwAAAAwjd/+P4hb7HwAAAIaRu//HcUuT/a//1//r//X/+n/9/zbp//X/q+j/9f9zfn79v/6f9abW/+fu/0nc0mT/AwAAQAe5+38at9j/AAAAMIzc/T+LW+x/AAAAGEbu/p/HLU32v/5f/6//1//r//X/26T/1/+vov/X/8/5+fX/+n/Wm1r/n7v/F3FLk/0PAAAAHeTu/2XcYv8DAADAMHL3/ypusf8BAABgGLn7fx23NNn/+v/bnuNc/XX9v/5f/6//T/r/49G2/7/tX6v6/7X0//r/OT+//l//z3pT6/9z9/8mbmmy/wEAAKCD3P2/jVvsfwAAABhG7v7fxS32PwAAAAwjd//v45Ym+1//7/3/+n/9/zz6/yv1//r/pSbb/3v//0b0//r/OT+//l//z3pT6/9z998UtzTZ/wAAANBB7v4/xC32PwAAAAwjd/8f4xb7HwAAAIaRu//muKXJ/tf/6/+H7P/39P/j9f/e/z/L/v9O+n/9/2r6f/3/nJ9f/6//Z72p9f+5+/8UtzTZ/wAAANBB7v4/xy32PwAAAAwjd/9f4hb7HwAAAIaRu/+vcUuT/a//1/8P2f97/7/+X/8/Gfp//f8q+n/9/5yfX/+v/2e9qfX/ufv/Frc02f8AAADQQe7+v8ct9j8AAAAMI3f/P+IW+x8AAACGkbv/n3FLk/2v/9f/6//1//p//f826f/n2/9fuThC/3/dQv+v/9f/6//1/5Sp9f+5+/8VtzTZ/wAAANBB7v5b4pal+///T+ipAAAAgOOUu//fcYs//wcAAIBh5O7/T9zSZP/r//X/+n/9v/5f/79N+v/59v/e/7+e/l//r//X/7Pa1Pr/3P3/DQAA///E7/7M")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0xc6081, 0xcc)
mmap(&(0x7f0000afc000/0x1000)=nil, 0x1000, 0x2000001, 0x4010933, r0, 0xb4b40000)
r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000140), 0x82200, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket(0xa, 0x3, 0xff)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendfile(r1, r2, 0x0, 0x20fffe85)
creat(&(0x7f0000000040)='./bus\x00', 0x0)

2.635900472s ago: executing program 1 (id=3484):
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x25dfdbfe, {0x0, 0x0, 0x0, r2, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0x10}}, [@qdisc_kind_options=@q_prio={{0x9}, {0x18, 0x2, {0x9}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x40480c0}, 0x20040084)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
r5 = openat$tun(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
close(r5)
socket$packet(0x11, 0x3, 0x300)
ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r6 = socket$kcm(0x11, 0x3, 0x0)
r7 = socket(0x400000000010, 0x3, 0x0)
r8 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r9=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000f80)=@newtfilter={0x38, 0x2c, 0xd27, 0x30bd29, 0x25dfdc00, {0x0, 0x0, 0x0, r9, {0x5, 0x4}, {}, {0x8}}, [@filter_kind_options=@f_matchall={{0xd}, {0x4}}]}, 0x38}, 0x1, 0x0, 0x0, 0x10}, 0x0)
setsockopt$sock_attach_bpf(r6, 0x107, 0xf, &(0x7f0000000600), 0x56)
sendmsg$kcm(r6, &(0x7f00000000c0)={&(0x7f0000000500)=@xdp={0x2c, 0x0, r4, 0xc}, 0x80, &(0x7f00000006c0)=[{&(0x7f0000000180)="27030200590214000600002fb96dbcf706e10500000086ddffff1144ee163cd4b8bf", 0x22}, {&(0x7f0000000c00)="4307ed2e", 0x4}], 0x2}, 0x4)

2.599649343s ago: executing program 2 (id=3485):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r0 = syz_open_dev$MSR(&(0x7f0000000200), 0x0, 0x0)
read$msr(r0, &(0x7f0000002700)=""/102392, 0x18ff8)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
syz_emit_ethernet(0x46, &(0x7f0000000140)={@multicast, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "c6dd00", 0x10, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_ra={0x89, 0x0, 0x0, 0x0, 0xfe, 0x0, 0x4100}}}}}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x4840)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000a00)=@filter={'filter\x00', 0x42, 0x4, 0x498, 0xffffffff, 0x1e0, 0x1e0, 0x0, 0xffffffff, 0xffffffff, 0x400, 0x400, 0x400, 0xffffffff, 0x4, 0x0, {[{{@ip={@empty, @loopback, 0xffffff00, 0x0, 'veth0_to_batadv\x00', 'pimreg0\x00', {}, {}, 0x11, 0x1}, 0x0, 0xd8, 0x120, 0x0, {0x100000000000000}, [@common=@inet=@l2tp={{0x30}, {0x0, 0x0, 0x3, 0x0, 0xf}}, @common=@unspec=@connbytes={{0x38}, {[{0x6}, {0x1}], 0x2}}]}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz1\x00', 0x1, 0x88, {0x5}}}}, {{@uncond, 0x0, 0x98, 0xc0, 0x0, {}, [@common=@unspec=@state={{0x28}, {0x7}}]}, @REJECT={0x28, 'REJECT\x00', 0x0, {0x8}}}, {{@ip={@multicast2, @private=0xa010102, 0x0, 0x0, 'veth1_virt_wifi\x00', '\x00', {}, {}, 0x6, 0x1, 0x4}, 0x0, 0x1e0, 0x220, 0x0, {}, [@common=@unspec=@connlabel={{0x28}, {0xf, 0x2}}, @common=@inet=@sctp={{0x148}, {[0x4e23, 0x4e24], [0x4e20, 0x4e20], [0x0, 0x65, 0x3, 0xffff, 0x9, 0x8000, 0x800, 0x0, 0xfffffc00, 0x1a, 0x8, 0x2, 0x6, 0x8, 0x1, 0x4, 0x895, 0x1, 0x7, 0x8001, 0x4, 0x3, 0x7, 0x23b, 0x7fff, 0x2400, 0x10, 0x5, 0x7ff, 0xee, 0x7, 0x4, 0x6, 0x7, 0x1087, 0x3, 0x39d, 0xffffffff, 0x4, 0x5, 0x1, 0x0, 0x4, 0x200, 0x0, 0x5, 0xe6, 0x1, 0xffff, 0x1, 0x401, 0x7, 0x4, 0x1, 0x1, 0x76b, 0x8, 0x401, 0xa71c, 0x4000000, 0x8, 0x0, 0x1ff, 0x9], 0x1, [{0xfc, 0x1}, {0x8, 0x9, 0x29}, {0x2, 0x81, 0x7}, {0x8, 0x7}], 0x0, 0x1, 0x7}}]}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x4f8)

2.596933173s ago: executing program 3 (id=3486):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000003c0), 0x1c1341, 0x0)
sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000000)=ANY=[@ANYBLOB="34010000", @ANYRES16, @ANYBLOB="0120006b522c0604e0"], 0x134}}, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c"], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
writev(r0, &(0x7f00000001c0)=[{&(0x7f0000000000)="89e7ee2c7cdad9b4b47380c988ca", 0x140}], 0x1)

1.64570642s ago: executing program 0 (id=3487):
setxattr$trusted_overlay_upper(&(0x7f0000000380)='./file0/file0\x00', &(0x7f00000001c0), &(0x7f0000000200)=ANY=[], 0x835, 0x0)
setxattr$trusted_overlay_upper(&(0x7f0000000380)='./file1\x00', &(0x7f00000001c0), &(0x7f0000001400)=ANY=[], 0x835, 0x0)
rename(&(0x7f0000000780)='./file1\x00', &(0x7f00000002c0)='./file0/file0\x00')

1.505879397s ago: executing program 2 (id=3488):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000380)={'syzkaller0\x00', 0x2})
r1 = socket$kcm(0x11, 0x3, 0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r3)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x1, 0x25dfdbfd, {0x0, 0x0, 0x0, r5, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2, 0x5}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0xc, 0x2, [@TCA_TBF_BURST={0x8, 0x6, 0x800}]}}]}, 0x38}, 0x1, 0x0, 0x0, 0x40088c1}, 0x0)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000001c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70b926, 0x25dfdbfd, {0x0, 0x0, 0x0, r7, {0x0, 0xd}, {0xffff, 0xb}, {0x0, 0xffe0}}, [@qdisc_kind_options=@q_fq={{0x7}, {0xc, 0x2, [@TCA_FQ_RATE_ENABLE={0x8}]}}]}, 0x38}, 0x1, 0x0, 0x0, 0x4004}, 0x4890)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r8=>0x0})
setsockopt$sock_attach_bpf(r1, 0x107, 0xf, &(0x7f0000000600), 0x56)
sendmsg$kcm(r1, &(0x7f00000000c0)={&(0x7f0000000580)=@xdp={0x2c, 0x0, r8, 0x3e}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000180)="27030200590214000600002fb96dbcf706e10500000086ddffff1144ee1611d4b8bf4a31accb", 0xfdef}], 0x1}, 0x0)

1.031578309s ago: executing program 0 (id=3489):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = syz_mount_image$jfs(&(0x7f0000000000), &(0x7f00000000c0)='./file1\x00', 0x4000, &(0x7f0000000200)=ANY=[], 0xff, 0x60c0, &(0x7f000000d800)="$eJzs3U1vHVf9B/DfffC147RpVP1V5R+xcFMeWkrznEB5asqCBSxAQl2TyHWrlBRQEhCtIuLKC8QGeAmw6YZFJV4BL6CvASGxJVLSVReUQWOf44xvrn3tJp659vl8pJuZ35w7vmfyveOZ65m5EwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA/OD7PznXi4irv04Tjkc8FYOIfsSRul6KeuRKfv4wIk7EenM8FxGD+Yh6/vV/nom4GBEfH4u4/+DOcj35/C77cens7Zuf/fB7//jdH9dOvPPmTz8cb//x/1346Pd3I47/6NWPPrv7ZJYdAAAASlFVVdVLH/NPps/3/a47BQC0Im//qyRPV6vVavUTrf/Q38vznzradX/Vh7Ruqia72ywiYrU5T73P4HA8ABwwq/Fp112gQ/Iv2jAijnbdCWCm9bruAPvi/oM7y72Ub6+5PVjaaM9/p9yS/2pv8/qO7YbTjJ9j0tb7ay0G8ew2/TnSUh9mSc6/P57/1Y32UXrefufflu3yH21c+lScnP9gPP8xW/L/U0Qc2Pz7E/MvVc5/uJf8VwcHeP2XPwAAAAAAh1/++//xjo//zj/+ouzKTsd/l1rqAwAAAAAAAAA8aY97/79N7v8HAAAAM6v+rF7787GH07b7LrZ6+hu9iKfHng8UZqnx5YAAAAAAAAAAAAAAQDuGEYvpvP65iHh6cbGqqvrRNF7v1ePOf9CVvvxQsq5/yQMAwIaPj41dy9+LWIiIN9J3/c0tLi5W1VxELFZH5vP+7Gh+oTrS+Fybh/W0+dEudoiHo6r+YQuN+ZqmfV6e1j7+8+rXGlWDXXSsHR0GDgARsbE1um+LdMhU1TPR9V4OB4P1//Cx/rMbXb9PAQAAgP1XVVXVS1/nfTId8+933SkAoBV5+z9+XECtVquLqT/ZmDgz/VGr97Fuqia72ywiYrU5T73P4Hb8AHDArManXXeBDsm/aMOIONF1J4CZ1uu6A+yL+w/uLPdSvr3m9mBpoz2fC7Il/9Xe+nx5/knDacbPMWnr/bUWg3h2m/4811IfZknOvz+e/9WN9nyL/818FvYn/7Zsl3+9nMc76E/Xcv6D8fzH7Pf635a16E/Mv1Q5/+Ge8h/IHwAAAAAAZlj++/9xx3/zIgMAAAAAAADAgXP/wZ3lfN1rPv7/hQnP6zXHXP95aOT8e7vO3/W/h0nOvz+e/9gJOYPG+L3XH+b/yYM7yx/e/vf/5+HM5z83GNWvPdfrD4bpnJ9q7q24HjdiJc4+8vzhlvZzj7TPbWk/P6X9wiPto7r9SG4/Hcvxi7gRb262z085MWphSns1pT3nP7D+FynnP2w86vwXU3tvbFi790H/kfW+OZz0Olf++p8vP7p2tWG4pVqLweayNRyr/znVWp8eWv8/OTqKX91auXn6N9du3755LtJgy9TzkQZPWM5/Lj1y/i++sNGef+8319d7H4z2nP+sWIvhpPzX398vNMbr5X2p5b51Iec/So+cf94CTV7/D3L+E9f/9eV7uYP+AAAAAAAAAAAAAAAAwE6qqlq/RPRKRFxO1/90dW0mANCuvP2vkjxdre6g/tffZqs/arVavbXuzVh/PkfdVE32WrOIiL8356n3GX476YcBALPsvxHxz647QWfkX7D8fX/18ItddwZo1a333v/ZtRs3Vm7e6ronAAAAAAAAAMDnle//udS4//P6eUBj943ecv/X12PpwN7/sz8arN/rPC3Q87Hz/b9Pxc73/x5Oeb25Ke2jKe3zU9oXprRPvNCjIef/fMo4538yLVhJ9399sYP+dC3nfyrd6znn/5Wx5zXzr/5ykPPvb8n/zO13f3nm1nvvv3L93Wtvr7y98vNzZy9fvHDp4oVLl868df3GytmNfzvs8f7K+ed7XzsPtCw5/5y5/MuS8/9SquVflpT/5m6o/MuS1/+8vyf/suT882cf+Zcl5/9SquVflpz/V1Mt/7Lk/F9OtfzLkvP/WqrlX5ac/yupln9Zcv6nUy3/suT8z6Ra/mXJ+ecjXPIvS84/n9kg/7Lk/M+nWv5lyflfSLX8y5Lzv5hq+Zcl538p1fIvS87/cqrlX5ac/9dTLf+y5Py/kWr5lyXn/2qq5V+WnP83Uy3/suT8v5Vq+Zcl5//tVO+U/zst9ot25Py/k2rrf1ly/t9NtfzLkvN/LdXyL8vD7/83sueRxdnoRpsjVRUxA90wsu8jXf9mAgAAAAAAAAAAAADGtXE6cdfLCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwP/YgQMBAAAAACD/10aoqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwg4cCAAAAAAA+b82QlVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVRX27jVGrrO+H/izV6+TQPwnIYQQiO1cMGST3fUtMcFgrv809JIGQksLdYy9dgy+1buGBKFmaWgLAqmR2hf0RSkgQEhtlahCKpUoilSk9k1VXhVFlVArIdWVoDIRVKICtjpznufZmdnZmV3vrj1zzueD4p+9M2fmmTNnZve76DsHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABotuNts380FEIo/mv8sS2E64q/bw2Hin8u7L/aKwQAAADW6+eNP//q+vyFQ6vYqOk6//iaf/n64uLiYvjgixd/8SeLi/mC7SGMbAmhcVnyTz/9yWLzdaKnw8TQcNO/h3vc/UiPy0d7XD7W4/LxHpdv6XH5RI/Ll+2AZbaWv49p3Ngdjb9uK3dpuDGMNS67o8NWTw9tGR5Ov8tpGGpsszh2PJwMp8JsmF62zVDjfyF8c0dxXw+GdF/DTfd1awjh0o8+fjStYSju4ztCy501ND93P3xL2P7ijz5+9KvzP3hlp9lzNyxbaQi7dhbr/GQIS7+uCkNhS94naZ3DTeu8tcM6R1rWOdTYrvh7+zovrXKd6XFPxHV+p8s6b41fe+L2EMJCWPE67Z4Ow+GatnvN+3uiPCKK2yieypeF0TUdJztWcZwU23z/9tbjpP2YTPt/R9wnoyusofnp+OEnxpft98s9TopH3Q/HanHbDxd3OjHR/KvVlmO1uM7H71z5GOj43HU4BvKx3HQM7Ox1DAyPjzSOgeGlNe9sOQZmlm0zHIYa93Xxzu7HwNT86XNTc09+7J6Tp4+cmD0xe2Zmev/ePfv27tm3b+r4yVOz0+Wfa9ulA+SaMJyPwZ3xvSYdg69tu27zIbn4xY17HUz0yeugeOzvuatY0HXDYYVjvLjOJ3et/3WQv+83vQ5Gm14HHd9TO7wORlfxOiiuc2nX6r5njjb912kNm/VeuK3pGLia3w+L+3z/61Z+L7w1rutTr1/r98ORZcdAelhD8bVXfCX/vDdxf9wvy4+LW4oLrh0PF+Zmz9/7xJH5+fMzIY4r4oam56r9eLmm6TGFZcfL8JqPl0N/+bO7bunw9W1xX03cvfRcjXd4Horr7J3s/lw13t0778+Wr+4OcWywK70/O303K/ZnzhJdjv3iOp+8Z/0/C+Zc0vT+N9br/W9kbLR8/xvJe2Os5f1v+VMz0lhZCJfuWd3731j870q//93YJ+9/xb56/73dj4HiOp+aWusxMNr1/e/2OIfiel4XE8NEU+7/RePyhfIwbXouex43o6Nj8bgZTffYetzsWbZNcWvFfe+avrzjZtftrc9Vy88tFTxuin31p9Pdj5viOs/PrP+9Y2v6a9N7x3ivY2BsZLxY71g+CMr3u8Wt6Ri4NxwNZ8OpcCxvUzzLxX1N7l7dMTAe/7vS7x0398kxUOyrz+3ufgwU1/n2no392WlX/Eq+TtPPTu2/X1gp898yunR77bttozN/sc637+3+u6HiOj/Yu9ac0X0/3R2/cm2H/dT++lnpmD4Wrsx+ujmu89S+7r+bKq5z4/5VHk+HQggvzLzQ+H1X/P3u31z416+3/N630++UX5h54aGpR767lvUDAHD5ftH4c2G8/Fmz6f+xXs3//w8AAAAMhJT7h+PM5H8AAACojJT7R+LM5H8AAACojJT7R+PMapL/H7//wLM/fyrkTwNcjNLlaTc8/KbyeqnjvRD/vX1xSfH1t3557NlPP7W6+x4OIfzsoVd1vP7jb0rrKp1L63xD69eXufm2Vd3/Y48uXa/58xMuHShvPz2e1R4Gqav8zandjdvd/uRMYz7/UGjMRxY+9XR5++W/0/Uv7imv/+fxQ0sOHR9q2X5XXM8dcW6Pnynz8KGl/VDMtN2zt77mH25479L9pe2Gdr608TA/93vl7abPiHrmhvL66XGvtP6//8zXni2u/8Sdndf/1HDn9V+Mt/v9OH96sLx+8z7/dNP6/yCuP91f2u7eL32r4/qfe0V5/eficfGFONvX/5Y/fvXPOz1f6X4OPVBul+5/+n/2NrZLt5duv339E0/NtOyP9tt//sXydg5+5McjzddPX0/3kzz2QOvxPRSf35YeeQjha38YWvZzeGO53d+1rT/d3rkHOq//7rZ1nhu6rbH90uPZ1vK4Pv+V3R0fb1rPob/e1vJ4nnlH3H8vTn27uN2Lj8TjMV7+v98pb6/9s0yfe0fr+026/he2la/bdHtTbet/pm39C7cV+673+h98sVz/c2/e0rL+Q++Mx9OD5ey1/hN/cX3L9l/8avl8nP/o5JmzcxdOHosPZlvb63jLxNZrrr3uJS+9Pr6Xtv/78Nn5x2fPb5/ePh3C9gH8yMDNXv+X4vzvcixs/D2Uvvvj8rj77LvK71uv/Un572fi1x+Lz2f6/vj5PxtrOV7bn/eFN5dzvet/fVzHar3iM/9xW4cv/+eyz/y9+IFvXvjb3/9B+88F6fGce/lE4/F9bsdNjcuGni8vb3+/6uXfX976uv7e6HRjfiPu18X4ycw7byrvr/3202eTfPbd5es3/SSXtg9tnyeybaT1cax3/d+LP8d86+bW9790fHzjqbZPc94WhoolLMT3h7BQXp6ulfb3Zy/d1PH+0ufwhIVXrmWZK5p7cm7q1MkzF56Ymp+dm5+ae/Jjh0+fvXBm/nDjs0sPf6jX9kuv72sar+9js/v3hsar/Ww5NtnVXv+5R48eu2/6rmOzx49cOD7/6LnZ8yeOzs0dnT02d9eR48dnP9pr+5PHDs7sPrDnvt2TJ04eO3j/gQN7DkyePHO2WEa5qB72T3948sz5w41N5g7uPTCzb9/e6cnTZ4/NHrxvenryQq/tG9+bJoutPzJ5fvbUkfmTp2cn505+bPbgzIH9+3f3/PTH0+eOz22fOn/hzNSFudnzU+Vj2T7f+HLxva/X9tTD3Nn4ftdmKP50/r679+fPxy18+RMr3lR5ldYfT8MP42dBpe9vvf6dcv9YnFlN8j8AAADUQcr98YP/ly6Q/wEAAKAyUu7fEmcm/wMAAEBlpNw/EWdWk/yv/6//r/+v/6//fwX7/0H/f6Pp/29I/385/f9V0f/X/9f/1/+nu37r/6fcvzWEWuZ/AAAAqIOU+6+JM5P/AQAAoDJS7r82zkz+BwAAgMpIuf+6OLN65P+x9r/q/+v/6/839//TdfX/g/6//v9l0v/X/+9G/1//f5DX34f9/636//Sbfuv/p9z/kjizeuR/AAAAqIWU+18aZyb/AwAAQGWk3H99nJn8DwAAAJWRcv+2OLOa5P8NPP//Z+JF+v/6/4Pe/z+djmPn/9f/1/9fP/1//f9u9P/1/wd5/X3Y/3f+f/pOv/X/U+7/f3FmNcn/AAAAUAcp978szkz+BwAAgMpIuf+GODP5HwAAACoj5f4b48xqkv83sP/v/P/6/1Xp/zed/1//v5n+v/7/5dD/1//vRv9f/3/j1z8Uf0zQ/++1vf4/V0K/9f9T7n95nFlN8j8AAADUQcr9N8WZyf8AAABQGSn3vyLOTP4HAACAyki5/+Y4s5rkf/1//X/9f/1//X/9/82k/6//343+v/7/IK9f/1//n976rf+fcv8r48xqkv8BAACgDlLuvyXOTP4HAACAyki5/1VxZvI/AAAAVEbK/bfGmdUk/+v/91X//8mg/7+8/z+s/6//X1pr/79hoff69f8312D1/4dXvET/v6T/30r/X/9f/1//n+76rf+fcv+r48xqkv8BAACgDlLuf02cmfwPAAAAlZFy/21xZvI/AAAAVEbK/dvjzGqS//X/+6r/7/z/zv+v/+/8/0v9//kh/f9VcP5//f+g/3/ZrnZ/ftDXr/+v/09v/db/T7l/R5xZTfI/AAAA1EHK/TvjzOR/AAAAqIyU+2+PM5P/AQAAoDJS7r8jzqwm+V///zL7/1tb/6n/33n9+v/6//r/zv+v/6//343+v/7/IK9f/391/f/xXjdEpfVb/z/l/jvjzGqS/wEAAKAOUu6/K85M/gcAAIDKSLn/tXFm8j8AAABURsr9u+LMapL/9f+d/1//X/9f/1//fzPp/6+6/7/1cta1Kf3/9Car/9+T/r/+/6D0/yc6bO/8/1wJ/db/T7n/dXFmNcn/AAAAUAcp978+zkz+BwAAgMpIuf/uODP5HwAAACoj5f7JOLOa5H/9f/1//X/9f/1//f/NVNX+f34fdf5//X/9f/3/Te7/f2WF7Qfl/P/UW7/1/1PuvyfOrCb5HwAAAOog5f5748zkfwAAAKiMlPun4szkfwAAAKiMlPun48xqkv+r3/9vbxaX9P9L+v/6/0H/X/9/k1W1/99+/v8Qgv6//n+m/6//32/n/+9E/58rYf39//G8SePPdfb/U+6fiTOrSf4HAACAOki5f3ecmfwPAAAAlZFy/544M/kfAAAAKiPl/r1xZjXJ/9Xv/3em/1/S/9f/D/r/+v+brC79f+f/Ly/X/y/p/+v/6//r/9fRcIevrb//v7RJ48919v9T7t8XZ1aT/A8AAAB1kHL//jgz+R8AAAAqI+X+++LM5H8AAACojJT7748zq0n+1//X/9f/1//v3/5/6/1vXv//v/T/N5H+v/5/N/r/+v+DvH79f/1/etvY/v/16+7/p9x/IM6sJvkfAAAA6iDl/jfEmcn/AAAAUBkp9z8QZyb/AwAAwEDpdB7CJOX+N8aZ1ST/6/9Xvf+/uEX/X/9/cPv/rfvT+f/1/zuJb5/6/6tUr/7/1mX3p//f6mr35wd9/fr/+v/0trH9/2U/nq65/59y/8E4s5rkfwAAAKiDlPvfFGcm/wMAAEBlpNz/5jgz+R8AAAAqI+X+Q3FmNcn/+v9V7//33/n/h8Lg9v9H9f/1//X/18z5//X/u3H+/8Hs/6fP3dD/75/+f3EM6f/Tj/qt/59y/1vizGqS/wEAAKAOUu5/a5yZ/A8AAACVkXL/2+LM5H8AAACojJT73x5nVpP8r/+v/+/8/87/r/+v/7+Z9P/1/7vR/x/M/n+i/98//X/n/6df9Vv/P+X+d8SZ1ST/AwAAQB2k3P/OODP5HwAAACoj5f7/H2cm/wMAAEBlpNz/YJxZTfJ/hfr/Y3Hq/+v/6//r/zfo//cH/X/9/270//X/B3n9+v/6//TWb/3/lPt/Kc6sJvkfAAAA6iDl/ofizOR/AAAAqIyU+98VZyb/AwAAQGWk3P/LcWY1yf8V6v+X+vT8/8P59vX/9f/1//X/9f830oD2/yf0/0v6//r/g7x+/X/9f3rrt/5/yv2/EmdWk/wPAAAAdZBy/6/Gmcn/AAAAUBkp9/9anJn8DwAAAJWRcv/DcWY1yf/6/87/r/+v/9+3/f/R1v2p/6//38mA9v+d/z/S/9f/H+T16//r/9Nbv/X/U+7/9TizmuR/AAAAqIOU+x+JM5P/AQAAoDJS7n93nJn8DwAAAJWRcv974sxqkv/1//X/9f/1//u2/9+2P/X/+7X//29dL9X/1//vRv9f/3+Q16//r/9Pb/3W/0+5/9E4s5rkfwAAAKiDlPvfG2cm/wMAAEBlpNz/G3Fm8j8AAABURsr9vxlnNpj5f3itG+j/6//r/+v/r7r/vxBC0P/X/18j/f/l/f/iPexq9v/HV3NF/f9V0f/X/9f/1/+nu37r/6fc/744s8HM/wAAAEAHKff/VpyZ/A8AAACVkXL/b8eZyf8AAABQGSn3vz/OrCb5X/9f/1//X//f+f/1/zeT/n+9zv8/HvT/g/6//r/+v/4/Wb/1/1Pu/0CcWU3yPwAAANRByv2/E2cm/wMAAEBlpNx/OM5M/gcAAIDKSLn/sTizmuR//f+r1P/fWl5f/1//vzr9/0X9f/3/jvT/69X/d/7/kv6//r/+v/4/pX7r/6fcfyTOrCb5HwAAAOog5f4PxpnJ/wAAAFAZKfcfjTOT/wEAAKAyUu4/FmdWk/yv/+/8//r/+v/O/6//v5n0//X/u9H/1/8f5PXr/+v/01u/9f9T7p+NM6tJ/gcAAIA6SLn/eJyZ/A8AAACVkXL/iTgz+R8AAAAqI+X+x+PMapL/9f/1/1fV/x8L+v/6//r/+v+XRf9f/78b/X/9/0Fev/6//j+9bVz//583pP+fcv/JOLOa5H8AAACog5T7PxRnJv8DAABAZaTc/+E4M/kfAAAAKiPl/lNxZjXJ//r/+v/O/1/B/v+o/n/Q/+8b+v/6/93o/+v/D/L69f/1/+ltKGxU/z9sSP8/5f7TcWY1yf8AAABQByn3n4kzk/8BAACgMlLuPxtnJv8DAABAZaTcfy7OrCb5X/9f/1//v4L9f+f/b9D/7w/6//r/3ej/6/8P8vr1//X/6W3jzv+/Mf3/lPt/N86sJvkfAAAA6iDl/v9j7z6a5LyrPY63riWPVK5bd3X3vAV27OAd+DWwYUuRc44GTE4m55yTiSbnnIPJORlMBkOVKWvOOfZIPd2t0fT08/zP57PgMGaseayhxvUr1beee8ct9j8AAAAMI3f/feIW+x8AAACGkbv/vnFLk/2v/9f/6//1//p//f826f/1/6vo/+fT/59Z8vfr//X/+n/WmVr/n7v/fnFLk/0PAAAAHeTuv3/cYv8DAADAMHL3PyBusf8BAABgGLn7Hxi3NNn/+n/9v/5/Mv3/fuen/9f/6/8vif5f/7/Ydf9/Lj4YvP9fRv+v/9f/s87U+v/c/Q+KW5rsfwAAAOggd/+D4xb7HwAAAIaRu/8hcYv9DwAAAMPI3f/QuKXJ/tf/6//H7f/35tb/e/9/fl9H7P9P3f5l9f/HS/+v/1/suv9v8v7/ZfT/+n/9P+tMrf/P3f+wuKXJ/gcAAIAOcvc/PG6x/wEAAGAYufsfEbfY/wAAADCM3P2PjFua7H/9v/5/3P5/du//1//n93WI/v9c/Tre/6//1/8fTv+v/5/z8+v/9f+sN7X+P3f/o+KWJvsfAAAAOsjd/+i4xf4HAACAYeTuf0zcYv8DAADAMHL3PzZuabL/9f/6f/2//l//fwLv/9f/6//1/0vp//X/c35+/b/+n/Wm1v/n7n9c3NJk/wMAAEAHufsfH7fY/wAAADCM3P1PiFvsfwAAABhG7v4nxi1N9v+l9f+n9P+H0P8vf379v/5f/6//1//r/1fR/+v/5/z8+n/9P+ttvf+/+przd9P+P3f/NXFLk/0PAAAAHeTuf1LcYv8DAADAMHL3Pzlusf8BAABgGLn7nxK3NNn/S/r/KxYzfv//2c2+tP4/vv7B/v/WU/p//f80+/9b4qeM/l//f7F59/9n9f876//39P8r+/nNfif0//p//T/rbL3/X9P7X/hx7v5r45Ym+x8AAAA6yN3/1LjF/gcAAIBh5O5/Wtxi/wMAAMAwcvc/PW5psv8v7f3/0+//vf9/t+//z193C/3/mWXPr//v0v/v8/5//f8y8+7/vf9/i/3/PfI30/v/D7frfn7uz7+q/7/rBs+v/6eDqfX/ufufEbc02f8AAADQQe7+Z8Yt9j8AAAAMI3f/s+IW+x8AAACGkbv/2XFLg/1/Wv9fz5H0/97/v1H/f27/79f/H3we/b/+fxn9v/5/ld29/1//v5hAPz/35/f+//X9/1XrfhGGN7X+P3f/c+KWBvsfAAAAusjd/9y4xf4HAACAYeTuf17cYv8DAADAMHL3Pz9uabL/9f/6f/2/9/9fVv9/xTb6/9NLfz/1//r/ZfT/+v+F/v/Idt3Pz/359f/e/896U+v/c/dfF7fU8Dt9hH9KAAAAYEpy978gbmny5/8AAADQQe7+F8Yt9j8AAAAMI3f/i+KWJvtf/6//1//r/73/X/+/Tfr/4fr/U/r/2+n/9f/6f/0/q02t/8/d/+K4pcn+BwAAgA5y978kbrH/AQAAYBi5+18at9j/AAAAMIzc/S+LW5rsf/2//l//r//X/+v/t0n/P1z/7/3/d6D/1//r//X/rDa1/j93/8vjlib7HwAAADrI3f+KuMX+BwAAgGHk7n9l3GL/AwAAwDBy978qbpnd/r+woN2M/l//r//X/+v/9f/bNP3+/8xGn6X/36f/P2hb/f/ZQ76e/n9az388/X9+9/X/jGkC/f/d7vhx7v5Xxy2z2/8AAADAYXL3vyZusf8BAABgGLn7Xxu32P8AAAAwjNz9r4tbmuz/w/r/m6/a/9/X9P/5G6b/j6v/1/8v9P9F/6//X8yi/9+M/n+f/v8g7//X/3v/v/6f1SbQ/x/4OHf/6+OWJvsfAAAAOsjd/4a4xf4HAACAYeTuf2PcYv8DAADAMHL3vyluabL/vf9f/6//1//r//X/26T/1/+vMqP+f2/ZX9T/6//1//p/Vpta/5+7/81xS5P9DwAAAB3k7n9L3GL/AwAAwDBy9781brH/AQAAYBi5+98WtzTZ//p//f/O+///GbL/P/+I+n/9v/5f/6//X21G/f9S+n/9v/5f/89qU+v/c/e/PW5psv8BAACgg9z974hb7H8AAAAYRu7+d8Yt9j8AAAAMI3f/u+KWJvtf/6//33n/7/3/Rf8f31f9v/7/Euj/9f8L/f+R7bqfn/vz6//1/6w3tf4/d/+745Ym+x8AAAA6yN3/nrjF/gcAAIBh5O6/Pm6x/wEAAGAYufvfG7c02f/6f/2//l//r//X/2+T/l//v8rJ9v/X3qz/P2jX/fzcn1//r/9nvan1/7n73xe3NNn/AAAA0EHu/vfHLfY/AAAADCN3/wfiFvsfAAAAhpG7/4NxS5P9r/+fe/9/95viCabW/+en6P/1/yv7/73FxfT/+v9Lof/X/y+28v7/C39SLKf/1//r//X/rHZi/f89r77XXW77L2v6/9z9H4pbmux/AAAA6CB3/w1xi/0PAAAAw8jd/+G4xf4HAACAYeTu/0jc0mT/9+j/z1z0aeP0/97/r/+fdP+fP1S9/1//r//X/y813f5/M/p//b/+X//PalN7/3/u/o/GLU32PwAAAHSQu/9jcYv9DwAAAMPI3f/xuMX+BwAAgGHk7v9E3NJk//fo/y+m/9937P3/rf+n/9f/l03e/6//1/9fLv2//n+h/z+yXffzc3/+ofv/Uwv9P8diav1/7v5Pxi1N9j8AAAB0kLv/U3GL/Q8AAADDyN3/6bjF/gcAAIBh5O7/TNxw5//d3SOdKP2//t/7//X/+n/9/zbp/4/Q/586vfFz6f/36f+PZtf9/Nyff+j+3/v/OSZT6/9z9382bvHn/wAAADCM3P2fi1vsfwAAABhG7v7Pxy32PwAAAAxgv3fP3f+FuKXJ/l/T/+/l5x25/z93+NfW/+v/F/p//b/+X/9/mYbs/y+B/n+f/v9odt3Pz/35Z9f/X3/wQ/0/J2FJ/3/+J/Gu+v/c/V+MW5rsfwAAAOggd/+X4hb7HwAAAIaRu//LcYv9DwAAAMPI3f+VuKXJ/l/a/+95/7/+X/+v/1/o//X/x0L/r/9fRf+v/5/z88+u/7+A/p+TMLX3/+fu/2rc0mT/AwAAQAe5+78Wt9j/AAAAMIzc/V+PW+x/AAAAGEbu/m/ELU32/5r3/+v/N/tH0f/r/5f+/0H/r//fsP8/s9D/H5n+X/+/0P8f2a77+bk//+X0/+f0/zQxtf4/d/8345Ym+x8AAAA6yN3/rbjF/gcAAIBh5O7/dtxi/wMAAMAwcvd/J25psv9H7v9XfZr+f5/+X/+/0P9Pof/3/v/LoP/X/y/0/0e2635+7s/v/f/6f9abWv+fu/+7cUuT/Q8AAAAd5O7/Xtxi/wMAAMAwcvffuFjcYP8DAADAmG48/59nF9+PW5rs/5H7/1X0//v0//r/hf5f/79l+n/9/yr6f/3/nJ9f/6//Z72p9f+5+38QtzTZ/wAAANBB7v4fxi32PwAAAAwjd/+P4hb7HwAAAIaRu//HcUuT/a//1//r//X/+n/9/zbp//X/q+j/9f9zfn79v/6f9abW/+fu/0nc0mT/AwAAQAe5+38at9j/AAAAMIzc/T+LW+x/AAAAGEbu/p/HLU32v/5f/6//1//r//X/26T/1/+vov/X/8/5+fX/+n/Wm1r/n7v/F3FLk/0PAAAAHeTu/2XcYv8DAADAMHL3/ypusf8BAABgGLn7fx23NNn/+v/bnuNc/XX9v/5f/6//T/r/49G2/7/tX6v6/7X0//r/OT+//l//z3pT6/9z9/8mbmmy/wEAAKCD3P2/jVvsfwAAABhG7v7fxS32PwAAAAwjd//v45Ym+1//7/3/+n/9/zz6/yv1//r/pSbb/3v//0b0//r/OT+//l//z3pT6/9z998UtzTZ/wAAANBB7v4/xC32PwAAAAwjd/8f4xb7HwAAAIaRu//muKXJ/tf/6/+H7P/39P/j9f/e/z/L/v9O+n/9/2r6f/3/nJ9f/6//Z72p9f+5+/8UtzTZ/wAAANBB7v4/xy32PwAAAAwjd/9f4hb7HwAAAIaRu/+vcUuT/a//1/8P2f97/7/+X/8/Gfp//f8q+n/9/5yfX/+v/2e9qfX/ufv/Frc02f8AAADQQe7+v8ct9j8AAAAMI3f/P+IW+x8AAACGkbv/n3FLk/2v/9f/6//1//p//f826f/n2/9fuThC/3/dQv+v/9f/6//1/5Sp9f+5+/8VtzTZ/wAAANBB7v5b4pal+///T+ipAAAAgOOUu//fcYs//wcAAIBh5O7/T9zSZP/r//X/+n/9v/5f/79N+v/59v/e/7+e/l//r//X/7Pa1Pr/3P3/DQAA///E7/7M")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0xc6081, 0xcc)
mmap(&(0x7f0000afc000/0x1000)=nil, 0x1000, 0x2000001, 0x4010933, r0, 0xb4b40000)
r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000140), 0x82200, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket(0xa, 0x3, 0xff)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendfile(r1, r2, 0x0, 0x20fffe85)

0s ago: executing program 0 (id=3490):
syz_genetlink_get_family_id$ieee802154(0x0, 0xffffffffffffffff)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
r3 = socket(0x400000000010, 0x3, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000540)=@newqdisc={0x24, 0x24, 0x4ee4e6a52ff56541, 0x70bd27, 0xffffffff, {0x0, 0x0, 0x0, r5, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0x2}}}, 0x24}}, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=@gettfilter={0x24, 0x2e, 0x205, 0x70bd2c, 0x25dfdafd, {0x0, 0x0, 0x0, r6, {0xc, 0xc}, {0xfff2, 0xfff1}}}, 0x24}, 0x1, 0x0, 0x0, 0x20000801}, 0x4041080)

kernel console output (not intermixed with test programs):

59844][T14768] tipc: Disabling bearer <eth:syzkaller0>
[  712.081539][T14741] batman_adv: batadv0: Adding interface: batadv_slave_0
[  712.088618][T14741] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  712.122087][T14741] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  712.139839][T14741] batman_adv: batadv0: Adding interface: batadv_slave_1
[  712.148439][T14741] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  712.176379][T14741] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  712.363704][T14778] syzkaller0: entered promiscuous mode
[  712.373424][T14778] syzkaller0: entered allmulticast mode
[  712.431749][T14741] hsr_slave_0: entered promiscuous mode
[  712.445435][T14741] hsr_slave_1: entered promiscuous mode
[  712.452693][T14741] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  712.467134][T14741] Cannot create hsr debugfs directory
[  712.710524][T13495] Bluetooth: hci4: command tx timeout
[  714.775611][T13495] Bluetooth: hci4: command tx timeout
[  715.349368][T14811] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2562'.
[  715.362812][T14811] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2562'.
[  715.379136][T14811] dummy0: entered promiscuous mode
[  715.394011][T14811] team0: entered promiscuous mode
[  715.399531][T14811] team_slave_0: entered promiscuous mode
[  715.409754][T14811] team_slave_1: entered promiscuous mode
[  715.565574][T14834] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2565'.
[  715.601506][T14834] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate.
[  715.630958][ T1137] tipc: Left network mode
[  716.167859][T14857] netlink: 'syz.1.2569': attribute type 1 has an invalid length.
[  716.183923][T14843] syzkaller0: entered promiscuous mode
[  716.863753][T13495] Bluetooth: hci4: command tx timeout
[  718.466749][T14867] tipc: Enabling of bearer <eth:syzkaller> rejected, failed to enable media
[  718.477465][T14870] syzkaller0: entered promiscuous mode
[  718.483106][T14870] syzkaller0: entered allmulticast mode
[  718.943849][T13495] Bluetooth: hci4: command tx timeout
[  718.954690][T14896] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2576'.
[  718.973710][T14896] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate.
[  718.999714][ T1137] bond1: (slave gretap1): Releasing active interface
[  719.123166][T14892] syzkaller0: entered promiscuous mode
[  719.128892][T14892] syzkaller0: entered allmulticast mode
[  719.139054][T14901] netlink: 'syz.3.2578': attribute type 49 has an invalid length.
[  719.301869][T14901] netlink: 'syz.3.2578': attribute type 10 has an invalid length.
[  719.531182][ T1137] hsr_slave_0: left promiscuous mode
[  719.548856][ T1137] hsr_slave_1: left promiscuous mode
[  719.560058][ T1137] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  719.570201][ T1137] batman_adv: batadv0: Removing interface: batadv_slave_0
[  719.580935][ T1137] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  719.588669][ T1137] batman_adv: batadv0: Removing interface: batadv_slave_1
[  719.596741][ T1137] bridge_slave_1: left allmulticast mode
[  719.602707][ T1137] bridge_slave_1: left promiscuous mode
[  719.608674][ T1137] bridge0: port 2(bridge_slave_1) entered disabled state
[  719.620193][ T1137] bridge_slave_0: left allmulticast mode
[  719.629658][ T1137] bridge_slave_0: left promiscuous mode
[  719.635817][ T1137] bridge0: port 1(bridge_slave_0) entered disabled state
[  719.693570][ T1137] veth1_macvtap: left promiscuous mode
[  719.699164][ T1137] veth0_macvtap: left promiscuous mode
[  719.715824][ T1137] veth1_vlan: left promiscuous mode
[  719.721273][ T1137] veth0_vlan: left promiscuous mode
[  719.947290][ T1137] bond2 (unregistering): Released all slaves
[  719.962967][ T1137] bond1 (unregistering): Released all slaves
[  720.490442][ T1137] team0 (unregistering): Port device team_slave_1 removed
[  720.550982][ T1137] team0 (unregistering): Port device team_slave_0 removed
[  720.597660][ T1137] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  720.645782][ T1137] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  720.995522][ T1137] bond0 (unregistering): Released all slaves
[  721.128543][T14912] syzkaller0: entered promiscuous mode
[  721.257612][T14921] tipc: Enabling of bearer <eth:syzkaller> rejected, failed to enable media
[  721.310070][T14741] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  721.335360][T14921] syzkaller0: entered promiscuous mode
[  721.354711][T14921] syzkaller0: entered allmulticast mode
[  721.362899][T14741] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  721.417891][T14741] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  721.466537][T14741] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  721.643831][ T1137] IPVS: stop unused estimator thread 0...
[  721.759322][T14933] syzkaller0: entered promiscuous mode
[  721.774496][T14933] syzkaller0: entered allmulticast mode
[  721.790512][T14741] 8021q: adding VLAN 0 to HW filter on device bond0
[  721.878001][T14741] 8021q: adding VLAN 0 to HW filter on device team0
[  721.910652][ T4487] bridge0: port 1(bridge_slave_0) entered blocking state
[  721.917917][ T4487] bridge0: port 1(bridge_slave_0) entered forwarding state
[  722.002678][ T8132] bridge0: port 2(bridge_slave_1) entered blocking state
[  722.009998][ T8132] bridge0: port 2(bridge_slave_1) entered forwarding state
[  722.125970][T14943] syzkaller0: entered promiscuous mode
[  722.131795][T14943] syzkaller0: entered allmulticast mode
[  722.702194][T14741] 8021q: adding VLAN 0 to HW filter on device batadv0
[  722.841042][T14973] tipc: Enabling of bearer <eth:syzkaller> rejected, failed to enable media
[  722.910565][T14973] syzkaller0: entered promiscuous mode
[  722.950844][T14973] syzkaller0: entered allmulticast mode
[  723.001915][T14741] veth0_vlan: entered promiscuous mode
[  723.137852][T14741] veth1_vlan: entered promiscuous mode
[  723.989254][T14986] syzkaller0: entered promiscuous mode
[  724.002705][T14986] syzkaller0: entered allmulticast mode
[  726.359322][T14741] veth0_macvtap: entered promiscuous mode
[  726.376242][T14741] veth1_macvtap: entered promiscuous mode
[  726.398869][T14741] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  726.433687][T14741] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  726.459999][T14741] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  726.483328][T14741] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  726.503285][T14741] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  726.542144][T14741] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  726.561350][T14741] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  726.572108][T14741] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  726.584942][T14741] batman_adv: batadv0: Interface activated: batadv_slave_0
[  726.611464][T14741] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  726.643544][T14741] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  726.657977][T14741] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  726.669473][T14741] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  726.679920][T14741] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  726.690955][T14741] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  726.701247][T14741] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  726.712670][T14741] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  726.735464][T14741] batman_adv: batadv0: Interface activated: batadv_slave_1
[  726.756317][T14741] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  726.778289][T14741] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  726.803415][T14741] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  726.831365][T14741] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  726.874024][T15055] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2606'.
[  727.434077][T15060] syzkaller0: entered promiscuous mode
[  727.439587][T15060] syzkaller0: entered allmulticast mode
[  727.703738][T15072] ICMPv6: NA: aa:aa:aa:aa:aa:00 advertised our address fe80::aa on syz_tun!
[  727.756542][T15075] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2614'.
[  729.542258][T15041] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  729.624444][ T4487] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  729.659398][ T4487] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  729.740701][   T42] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  729.744869][T15083] syzkaller0: entered promiscuous mode
[  729.755213][T15083] syzkaller0: entered allmulticast mode
[  729.761731][   T42] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  730.021452][T15094] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2623'.
[  730.419384][T15125] syzkaller0: entered promiscuous mode
[  730.425383][T15125] syzkaller0: entered allmulticast mode
[  730.570974][T15131] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2635'.
[  730.986484][T15154] syzkaller0: entered promiscuous mode
[  730.992026][T15154] syzkaller0: entered allmulticast mode
[  731.106637][T15156] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2644'.
[  731.288783][T15162] syzkaller0: entered promiscuous mode
[  731.294463][T15162] syzkaller0: entered allmulticast mode
[  733.144215][T15103] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  733.515617][T15179] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2653'.
[  733.536014][T15177] syzkaller0: entered promiscuous mode
[  733.553560][T15177] syzkaller0: entered allmulticast mode
[  733.744915][T15183] syzkaller0: entered promiscuous mode
[  733.751750][T15183] syzkaller0: entered allmulticast mode
[  733.901148][T15189] (null): rxe_set_mtu: Set mtu to 1024
[  734.068435][T15189] ip6gretap0 speed is unknown, defaulting to 1000
[  734.086022][T15190] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  734.392130][T15195] llcp: llcp_sock_recvmsg: Recv datagram failed state 3 -6 0
[  734.509813][T15189] ip6gretap0 speed is unknown, defaulting to 1000
[  734.527754][T15189] ip6gretap0 speed is unknown, defaulting to 1000
[  734.826274][T15189] infiniband syz1: set active
[  734.831159][    T9] ip6gretap0 speed is unknown, defaulting to 1000
[  734.841528][T15189] infiniband syz1: added ip6gretap0
[  734.945599][T15189] RDS/IB: syz1: added
[  734.951223][T15189] smc: adding ib device syz1 with port count 1
[  734.963504][T15189] smc:    ib device syz1 port 1 has pnetid 
[  734.981343][T15189] ip6gretap0 speed is unknown, defaulting to 1000
[  734.992694][   T23] ip6gretap0 speed is unknown, defaulting to 1000
[  735.011633][T15214] xt_hashlimit: size too large, truncated to 1048576
[  735.028918][T15214] xt_hashlimit: max too large, truncated to 1048576
[  735.169039][T15189] ip6gretap0 speed is unknown, defaulting to 1000
[  735.184156][T15219] syzkaller0: entered promiscuous mode
[  735.200236][T15219] syzkaller0: entered allmulticast mode
[  735.389884][T15189] ip6gretap0 speed is unknown, defaulting to 1000
[  735.579979][T15189] ip6gretap0 speed is unknown, defaulting to 1000
[  735.780602][T15189] ip6gretap0 speed is unknown, defaulting to 1000
[  737.206349][T15197] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  740.416705][T15241] syzkaller0: entered promiscuous mode
[  740.433456][T15241] syzkaller0: entered allmulticast mode
[  740.527891][T15243] syzkaller0: entered promiscuous mode
[  740.686134][T15246] syzkaller0: entered promiscuous mode
[  740.696472][T15246] 0: reclassify loop, rule prio 0, protocol 800
[  741.779483][T15278] delete_channel: no stack
[  743.973597][T15253] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  745.210153][T15291] syzkaller0: entered promiscuous mode
[  745.237623][T15306] (null): rxe_set_mtu: Set mtu to 1024
[  745.266655][T15306] rdma_rxe: rxe_newlink: failed to add ip6gretap0
[  745.294843][T15307] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2687'.
[  745.693898][T15321] llcp: llcp_sock_recvmsg: Recv datagram failed state 3 -6 0
[  747.428474][ T1275] ieee802154 phy0 wpan0: encryption failed: -22
[  747.452781][ T1275] ieee802154 phy1 wpan1: encryption failed: -22
[  747.628434][T15306] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  747.976553][T15348] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2695'.
[  750.858873][T15340] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  751.083056][T15365] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2698'.
[  751.472491][T15373] syzkaller0: entered promiscuous mode
[  751.519071][T15385] syzkaller0: entered promiscuous mode
[  751.524920][T15385] syzkaller0: entered allmulticast mode
[  752.313920][T15402] (null): rxe_set_mtu: Set mtu to 1024
[  752.319968][T15402] rdma_rxe: rxe_newlink: failed to add ip6gretap0
[  752.663492][T15408] llcp: llcp_sock_recvmsg: Recv datagram failed state 3 -6 0
[  755.807210][T15402] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  757.446148][T15425] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_rx_wq": -EINTR
[  759.564560][T15450] syzkaller0: entered promiscuous mode
[  759.742116][T15454] syzkaller0: entered promiscuous mode
[  759.763171][T15454] syzkaller0: entered allmulticast mode
[  759.823094][T15458] syz.1.2720[15458]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set
[  759.841949][T15458] loop1: detected capacity change from 0 to 512
[  759.859557][T15458] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  759.897723][T15458] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  759.941243][T15458] EXT4-fs (loop1): 1 truncate cleaned up
[  759.950199][T15458] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  760.043370][T15468] loop0: detected capacity change from 0 to 128
[  760.072264][T15468] EXT4-fs (loop0): Test dummy encryption mode enabled
[  760.095285][T15468] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  760.102621][T14304] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  760.125081][T15468] ext4 filesystem being mounted at /30/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  760.296522][T15468] fscrypt: AES-256-CTS-CBC using implementation "cts-cbc-aes-aesni"
[  760.335241][T15474] fscrypt: AES-256-XTS using implementation "xts-aes-aesni"
[  760.388287][T14741] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  760.449645][T15480] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  760.580507][T15484] syzkaller0: entered promiscuous mode
[  761.873702][T15513] syzkaller1: entered promiscuous mode
[  761.879368][T15513] syzkaller1: entered allmulticast mode
[  762.675195][T15547] loop2: detected capacity change from 0 to 256
[  762.818893][T15549] syzkaller1: entered promiscuous mode
[  762.825052][T15549] syzkaller1: entered allmulticast mode
[  762.943856][T15462] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  763.317272][T15559] loop0: detected capacity change from 0 to 1024
[  763.327078][T15559] EXT4-fs: inline encryption not supported
[  763.349697][T15559] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  763.681813][T15559] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  764.081149][T15565] loop3: detected capacity change from 0 to 64
[  764.219406][T15567] syzkaller0: entered promiscuous mode
[  764.233332][T15567] syzkaller0: entered allmulticast mode
[  764.270197][T15572] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2757'.
[  764.314345][T14741] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  764.471050][T15576] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  764.484351][T15574] syzkaller1: entered promiscuous mode
[  764.503672][T15574] syzkaller1: entered allmulticast mode
[  765.069629][T15593] loop1: detected capacity change from 0 to 32768
[  765.085631][T15593] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 scanned by syz.1.2764 (15593)
[  765.130044][T15593] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  765.141078][T15593] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm
[  765.150672][T15593] BTRFS info (device loop1): setting nodatasum
[  765.157883][T15593] BTRFS info (device loop1): force zlib compression, level 3
[  765.166020][T15593] BTRFS info (device loop1): setting incompat feature flag for COMPRESS_LZO (0x8)
[  765.176320][T15593] BTRFS info (device loop1): use lzo compression, level 0
[  765.183632][T15593] BTRFS info (device loop1): turning on flush-on-commit
[  765.196278][T15593] BTRFS info (device loop1): enabling auto defrag
[  765.202944][T15593] BTRFS info (device loop1): max_inline at 4096
[  765.214503][T15593] BTRFS info (device loop1): using free space tree
[  765.288749][T15593] BTRFS info (device loop1): enabling ssd optimizations
[  765.397235][   T27] audit: type=1800 audit(1774600129.405:2): pid=15593 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2764" name="file1" dev="loop1" ino=260 res=0 errno=0
[  765.759883][T14304] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  766.114003][T15622] syzkaller0: entered promiscuous mode
[  766.119691][T15622] syzkaller0: entered allmulticast mode
[  767.496888][T15579] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  767.739755][T15626] syzkaller0: entered promiscuous mode
[  767.759305][T15626] syzkaller0: entered allmulticast mode
[  767.780532][T15628] syzkaller0: entered promiscuous mode
[  767.793968][T15628] syzkaller0: entered allmulticast mode
[  767.828536][T15630] tipc: Started in network mode
[  767.834472][T15630] tipc: Node identity 764fcd523b6a, cluster identity 4711
[  767.841761][T15630] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  767.857025][T15629] tipc: Disabling bearer <eth:syzkaller0>
[  767.877421][T15632] syzkaller1: entered promiscuous mode
[  767.882965][T15632] syzkaller1: entered allmulticast mode
[  768.022697][T15638] netlink: 'syz.3.2772': attribute type 1 has an invalid length.
[  768.868201][T15663] syzkaller0: entered promiscuous mode
[  768.883390][T15663] syzkaller0: entered allmulticast mode
[  768.924206][T15665] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  768.981680][T15662] tipc: Disabling bearer <eth:syzkaller0>
[  769.237430][T15681] netlink: 'syz.0.2785': attribute type 1 has an invalid length.
[  769.701891][T15697] loop0: detected capacity change from 0 to 4096
[  769.772315][T15697] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512).
[  769.887585][T15697] ntfs3: loop0: Mark volume as dirty due to NTFS errors
[  769.942486][T15697] ntfs3: loop0: Failed to initialize $Extend/$Reparse.
[  770.028023][   T27] audit: type=1800 audit(1774600134.025:3): pid=15697 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.2789" name="file1" dev="loop0" ino=30 res=0 errno=0
[  770.201442][T15719] syzkaller0: entered promiscuous mode
[  770.210246][T15719] syzkaller0: entered allmulticast mode
[  770.482306][T15723] netlink: 76 bytes leftover after parsing attributes in process `syz.0.2797'.
[  770.513048][T15723] syzkaller0: entered promiscuous mode
[  770.518855][T15723] syzkaller0: entered allmulticast mode
[  770.558201][T15725] syzkaller1: entered promiscuous mode
[  770.566944][T15725] syzkaller1: entered allmulticast mode
[  771.300859][T15747] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2803'.
[  771.802013][T15749] syzkaller0: entered promiscuous mode
[  771.807663][T15749] syzkaller0: entered allmulticast mode
[  772.064506][T13495] Bluetooth: unknown link type 194
[  772.069728][T13495] Bluetooth: hci3: connection err: -111
[  772.252129][T15758] syzkaller1: entered promiscuous mode
[  772.257826][T15758] syzkaller1: entered allmulticast mode
[  772.670268][T15700] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  772.886500][T15775] syzkaller0: entered promiscuous mode
[  772.896449][T15775] syzkaller0: entered allmulticast mode
[  772.908074][T15776] syzkaller0: entered promiscuous mode
[  772.915613][T15776] syzkaller0: entered allmulticast mode
[  773.186397][T15786] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2816'.
[  773.298020][T15787] syzkaller1: entered promiscuous mode
[  773.311116][T15787] syzkaller1: entered allmulticast mode
[  774.012238][T15827] syzkaller0: entered promiscuous mode
[  774.033312][T15827] syzkaller0: entered allmulticast mode
[  774.314635][T15838] syzkaller1: entered promiscuous mode
[  774.343472][T15838] syzkaller1: entered allmulticast mode
[  774.351698][T15836] syzkaller0: entered promiscuous mode
[  774.367281][T15840] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  774.779369][T15858] loop3: detected capacity change from 0 to 128
[  775.094383][T13495] Bluetooth: hci2: command 0x0406 tx timeout
[  775.439171][T15876] syzkaller0: entered promiscuous mode
[  775.444788][T15876] syzkaller0: entered allmulticast mode
[  776.650731][T15808] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  776.906030][T15885] syzkaller0: entered promiscuous mode
[  776.912581][T15887] loop2: detected capacity change from 0 to 1024
[  776.977176][T15887] EXT4-fs: inline encryption not supported
[  776.983102][T15887] EXT4-fs: Ignoring removed bh option
[  777.104837][T15887] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  777.142484][T15887] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (60515!=35945)
[  777.189294][T15887] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  777.236052][T15887] EXT4-fs (loop2): orphan cleanup on readonly fs
[  777.255593][T15887] EXT4-fs error (device loop2): ext4_quota_enable:7140: comm syz.2.2845: inode #2304: comm syz.2.2845: iget: illegal inode #
[  777.342033][T15900] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2846'.
[  777.395849][T15900] vxcan3: entered promiscuous mode
[  777.402137][T15900] vxcan3: entered allmulticast mode
[  777.468643][T15887] EXT4-fs error (device loop2): ext4_quota_enable:7143: comm syz.2.2845: Bad quota inode: 2304, type: 2
[  777.644879][T15887] EXT4-fs warning (device loop2): ext4_enable_quotas:7184: Failed to enable quota tracking (type=2, err=-117, ino=2304). Please run e2fsck to fix.
[  777.907186][T15887] EXT4-fs (loop2): Cannot turn on quotas: error -117
[  777.917693][T15887] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  778.068756][T13494] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  778.182783][T15907] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  778.191090][T15904] syzkaller0: entered promiscuous mode
[  778.217724][T15904] syzkaller0: entered allmulticast mode
[  778.238354][T15907] tipc: Resetting bearer <eth:syzkaller0>
[  778.293045][T15906] tipc: Disabling bearer <eth:syzkaller0>
[  778.532072][T15922] netlink: 'syz.0.2854': attribute type 1 has an invalid length.
[  778.715373][T15932] syzkaller0: entered promiscuous mode
[  778.720908][T15932] syzkaller0: entered allmulticast mode
[  778.777601][T15936] random: crng reseeded on system resumption
[  778.920169][T15935] syzkaller0: entered promiscuous mode
[  778.943252][T15935] syzkaller0: entered allmulticast mode
[  781.442518][T15917] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  781.675035][T15955] syzkaller0: entered promiscuous mode
[  781.693478][T15955] syzkaller0: entered allmulticast mode
[  781.861697][T15961] syzkaller0: entered promiscuous mode
[  781.871518][T15961] syzkaller0: entered allmulticast mode
[  782.177650][ T5771] Bluetooth: hci2: unexpected event for opcode 0x1004
[  782.445029][T15984] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  782.471820][T15976] loop2: detected capacity change from 0 to 40427
[  782.494016][T15976] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  782.502332][T15976] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  782.511578][T15984] syzkaller0: entered promiscuous mode
[  782.522640][T15976] F2FS-fs (loop2): invalid crc value
[  782.571698][T15984] syzkaller0: entered allmulticast mode
[  782.581172][T15976] F2FS-fs (loop2): Found nat_bits in checkpoint
[  782.591795][T15993] tipc: Resetting bearer <eth:syzkaller0>
[  782.611331][T15980] tipc: Resetting bearer <eth:syzkaller0>
[  782.651316][T15976] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  782.658813][T15976] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  782.738092][T15980] tipc: Disabling bearer <eth:syzkaller0>
[  782.945169][T15996] syzkaller0: entered promiscuous mode
[  782.962149][T15996] syzkaller0: entered allmulticast mode
[  783.222801][T16007] macvtap0: entered promiscuous mode
[  783.439429][T16013] syzkaller0: entered promiscuous mode
[  783.448702][T16013] syzkaller0: entered allmulticast mode
[  783.551816][T16015] loop1: detected capacity change from 0 to 128
[  783.560787][T16015] EXT4-fs: inline encryption not supported
[  783.758856][T16015] EXT4-fs (loop1): Test dummy encryption mode enabled
[  783.810136][T16015] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  783.886565][T16015] ext4 filesystem being mounted at /105/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  784.831844][T16044] tipc: Started in network mode
[  784.849304][T16044] tipc: Node identity debf5054f2fd, cluster identity 4711
[  784.861810][T16044] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  784.881390][T16044] syzkaller0: entered promiscuous mode
[  784.899774][T16044] syzkaller0: entered allmulticast mode
[  784.942284][T16044] tipc: Resetting bearer <eth:syzkaller0>
[  784.961607][T16032] loop0: detected capacity change from 0 to 32768
[  784.967317][T14304] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  784.989961][T16032] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 scanned by syz.0.2885 (16032)
[  785.019052][T16043] tipc: Resetting bearer <eth:syzkaller0>
[  785.058520][T16032] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  785.070017][T16043] tipc: Disabling bearer <eth:syzkaller0>
[  785.078501][T16032] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm
[  785.089717][T16032] BTRFS info (device loop0): setting nodatasum
[  785.115559][T16032] BTRFS info (device loop0): force zlib compression, level 3
[  785.162297][T16032] BTRFS info (device loop0): setting incompat feature flag for COMPRESS_LZO (0x8)
[  785.189994][T16032] BTRFS info (device loop0): use lzo compression, level 0
[  785.222240][T16032] BTRFS info (device loop0): turning on flush-on-commit
[  785.242361][T16032] BTRFS info (device loop0): enabling auto defrag
[  785.260983][T16032] BTRFS info (device loop0): max_inline at 4096
[  785.271060][T16032] BTRFS info (device loop0): using free space tree
[  785.299739][T16058] syzkaller0: entered promiscuous mode
[  785.312814][T16058] syzkaller0: entered allmulticast mode
[  785.377155][T16032] BTRFS info (device loop0): enabling ssd optimizations
[  785.640652][   T27] audit: type=1800 audit(1774600149.645:4): pid=16076 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.2885" name="file1" dev="loop0" ino=264 res=0 errno=0
[  785.798302][T14741] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  785.831306][T16079] syzkaller0: entered promiscuous mode
[  785.837174][T16079] syzkaller0: entered allmulticast mode
[  786.223487][ T5771] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[  786.232255][ T5771] Bluetooth: hci2: Injecting HCI hardware error event
[  786.244774][T16089] netlink: 'syz.0.2893': attribute type 1 has an invalid length.
[  786.244939][ T5771] Bluetooth: hci2: hardware error 0x00
[  786.587106][T16102] syzkaller0: entered promiscuous mode
[  786.593021][T16102] syzkaller0: entered allmulticast mode
[  787.480752][T16113] syzkaller0: entered promiscuous mode
[  787.487601][T16113] syzkaller0: entered allmulticast mode
[  787.898922][T16046] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  788.212560][T16136] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  788.234823][T16139] netlink: 'syz.2.2905': attribute type 1 has an invalid length.
[  788.293340][ T5771] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[  788.305434][T16136] syzkaller0: entered promiscuous mode
[  788.311150][T16136] syzkaller0: entered allmulticast mode
[  788.340169][T16136] tipc: Resetting bearer <eth:syzkaller0>
[  788.381509][T16135] tipc: Resetting bearer <eth:syzkaller0>
[  788.417671][T16135] tipc: Disabling bearer <eth:syzkaller0>
[  788.427874][T16141] syzkaller0: entered promiscuous mode
[  788.443525][T16141] syzkaller0: entered allmulticast mode
[  788.813342][ T5874] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  789.016029][ T5874] usb 3-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  789.047378][ T5874] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  789.050021][T16154] syzkaller0: entered promiscuous mode
[  789.087391][ T5874] usb 3-1: config 0 descriptor??
[  789.314243][ T5874] [drm] vendor descriptor length:6 data:06 5f 01 70 63 6d 00 00 00 00 00
[  789.322850][ T5874] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor
[  789.449101][T16169] syzkaller0: entered promiscuous mode
[  789.456265][T16169] syzkaller0: entered allmulticast mode
[  789.518390][ T5874] [drm:udl_init] *ERROR* Selecting channel failed
[  789.560057][ T5874] [drm] Initialized udl 0.0.1 20120220 for 3-1:0.0 on minor 2
[  789.567711][ T5874] [drm] Initialized udl on minor 2
[  789.588839][ T5874] udl 3-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  789.620691][ T5874] udl 3-1:0.0: [drm] Cannot find any crtc or sizes
[  789.642770][ T5808] udl 3-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  789.656042][ T5874] usb 3-1: USB disconnect, device number 13
[  789.663175][ T5808] udl 3-1:0.0: [drm] Cannot find any crtc or sizes
[  792.328093][T16160] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  792.522883][T16192] syzkaller0: entered promiscuous mode
[  792.538532][T16192] syzkaller0: entered allmulticast mode
[  792.691093][T16199] macvtap0: entered promiscuous mode
[  792.863648][T16202] syzkaller0: entered promiscuous mode
[  793.138320][T16219] syzkaller0: entered promiscuous mode
[  793.144164][T16219] syzkaller0: entered allmulticast mode
[  795.586379][T16240] syzkaller0: entered promiscuous mode
[  795.592030][T16240] syzkaller0: entered allmulticast mode
[  796.083032][T16214] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  796.437386][T16252] syzkaller0: entered promiscuous mode
[  796.692080][T16249] loop1: detected capacity change from 0 to 131072
[  796.705232][T16249] F2FS-fs (loop1): Test dummy encryption mode enabled
[  796.735402][T16249] F2FS-fs (loop1): invalid crc value
[  796.754186][T16249] F2FS-fs (loop1): Found nat_bits in checkpoint
[  796.797175][T16249] F2FS-fs (loop1): sanity_check_inode: corrupted inode ino=3, run fsck to fix.
[  796.807750][T16249] F2FS-fs (loop1): Failed to read root inode
[  797.044164][T16263] syzkaller0: entered promiscuous mode
[  797.052068][T16263] syzkaller0: entered allmulticast mode
[  797.362742][T16274] syzkaller0: entered promiscuous mode
[  797.376045][T16274] syzkaller0: entered allmulticast mode
[  797.625028][T16285] syzkaller0: entered promiscuous mode
[  798.128679][T16299] syzkaller0: entered promiscuous mode
[  798.136535][T16299] syzkaller0: entered allmulticast mode
[  798.284072][T16301] loop2: detected capacity change from 0 to 32768
[  798.311510][T16301] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 scanned by syz.2.2955 (16301)
[  798.354914][T16301] BTRFS info (device loop2): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  798.365180][T16301] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm
[  798.373971][T16301] BTRFS info (device loop2): using free space tree
[  798.441378][T16301] BTRFS info (device loop2): enabling ssd optimizations
[  798.449065][T16301] BTRFS info (device loop2): auto enabling async discard
[  799.212083][T13494] BTRFS info (device loop2): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  799.535923][T16333] syzkaller0: entered promiscuous mode
[  800.352605][T16276] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  800.367446][T16335] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2960'.
[  800.403768][T16335] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate.
[  801.336932][T16353] syzkaller0: entered promiscuous mode
[  801.466490][T16358] loop2: detected capacity change from 0 to 1024
[  801.476005][T16358] EXT4-fs: inline encryption not supported
[  801.490227][T16358] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  801.890760][T16358] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  802.202856][T13494] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  802.295688][T16367] xt_connbytes: Forcing CT accounting to be enabled
[  802.363260][T16367] x_tables: ip_tables: sctp match: only valid for protocol 132
[  802.983459][T16376] syzkaller1: entered promiscuous mode
[  803.003320][T16376] syzkaller1: entered allmulticast mode
[  803.210413][T16387] loop3: detected capacity change from 0 to 1024
[  803.232065][T16387] EXT4-fs: Ignoring removed orlov option
[  803.262197][T16387] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  803.340666][T13772] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  803.461553][T16391] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2976'.
[  803.492771][T16391] 8021q: adding VLAN 0 to HW filter on device bond1
[  803.578483][T16391] bond1: (slave dummy0): Enslaving as an active interface with an up link
[  803.612847][T16393] netlink: 14 bytes leftover after parsing attributes in process `syz.3.2976'.
[  803.666696][T16393] bond1: (slave dummy0): Releasing backup interface
[  804.119572][T16400] loop3: detected capacity change from 0 to 1024
[  804.129664][T16400] EXT4-fs: inline encryption not supported
[  804.787410][T16400] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  805.612969][T16400] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  805.725520][T13772] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  805.748731][T16369] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  807.567927][T16411] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2980'.
[  807.568039][T16411] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  807.713859][T16412] xt_connbytes: Forcing CT accounting to be enabled
[  807.810617][T16412] x_tables: ip_tables: sctp match: only valid for protocol 132
[  808.069223][T16411] batman_adv: batadv0: Removing interface: batadv_slave_0
[  808.872543][ T1275] ieee802154 phy0 wpan0: encryption failed: -22
[  808.879486][ T1275] ieee802154 phy1 wpan1: encryption failed: -22
[  809.141841][T16422] loop0: detected capacity change from 0 to 256
[  811.732566][T16469] netlink: 76 bytes leftover after parsing attributes in process `syz.3.2993'.
[  811.865758][T16469] syzkaller0: entered promiscuous mode
[  811.871250][T16469] syzkaller0: entered allmulticast mode
[  811.908692][T16469] tc action pedit offset must be on 32 bit boundaries
[  812.820347][T16477] (null): rxe_set_mtu: Set mtu to 1024
[  812.843498][T16477] rdma_rxe: rxe_newlink: failed to add ip6gretap0
[  812.868095][T16477] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  814.733617][T16459] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  815.767820][T16484] llcp: llcp_sock_recvmsg: Recv datagram failed state 3 -512 0
[  818.234784][T16549] (null): rxe_set_mtu: Set mtu to 1024
[  818.250621][T16549] rdma_rxe: rxe_newlink: failed to add ip6gretap0
[  818.574682][T16550] llcp: llcp_sock_recvmsg: Recv datagram failed state 3 -6 0
[  819.740590][T16527] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  820.827062][T16549] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  821.036950][T16580] tipc: Started in network mode
[  821.051238][T16580] tipc: Node identity 4a5ddc0a71e, cluster identity 4711
[  821.073577][T16580] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  821.166542][T16579] tipc: Disabling bearer <eth:syzkaller0>
[  823.330516][T16628] loop2: detected capacity change from 0 to 512
[  823.416392][T16628] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a816c018, mo2=0082]
[  823.425173][T16628] System zones: 0-2, 18-18, 34-35
[  823.530454][T16628] EXT4-fs error (device loop2): __ext4_iget:5071: inode #3: block 127754: comm syz.2.3037: invalid block
[  823.569286][T16628] EXT4-fs error (device loop2): ext4_quota_enable:7143: comm syz.2.3037: Bad quota inode: 3, type: 0
[  823.648669][T16628] EXT4-fs warning (device loop2): ext4_enable_quotas:7184: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[  823.665100][T16628] EXT4-fs (loop2): mount failed
[  826.176693][T16616] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  826.200365][T16615] tipc: Disabling bearer <eth:syzkaller0>
[  827.483711][T16667] netlink: 'syz.2.3046': attribute type 1 has an invalid length.
[  830.453837][T16679] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  830.489925][T16677] tipc: Disabling bearer <eth:syzkaller0>
[  830.854060][T16708] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  830.862755][T16714] netlink: 'syz.0.3057': attribute type 1 has an invalid length.
[  830.866253][T16708] syzkaller0: entered promiscuous mode
[  830.924637][T16708] syzkaller0: entered allmulticast mode
[  830.978626][T16708] tipc: Resetting bearer <eth:syzkaller0>
[  830.994891][T16706] tipc: Resetting bearer <eth:syzkaller0>
[  831.052215][T16706] tipc: Disabling bearer <eth:syzkaller0>
[  831.416278][ T5771] Bluetooth: hci3: command 0x0406 tx timeout
[  834.179612][T16732] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  834.646923][T16782] netlink: 'syz.1.3070': attribute type 1 has an invalid length.
[  835.745034][T16797] loop0: detected capacity change from 0 to 1024
[  835.756806][T16797] EXT4-fs: inline encryption not supported
[  836.536226][T13495] Bluetooth: hci4: command 0x0406 tx timeout
[  837.338504][T16797] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  837.451899][T16797] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  838.745429][T14741] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  838.777715][T16806] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  838.951547][T16805] tipc: Disabling bearer <eth:syzkaller0>
[  839.148341][T16815] loop0: detected capacity change from 0 to 32768
[  840.931436][T16823] read_mapping_page failed!
[  841.079589][T16825] capability: warning: `syz.1.3081' uses 32-bit capabilities (legacy support in use)
[  841.249326][T16825] program syz.1.3081 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  841.363391][T16828] mmap: syz.2.3082 (16828) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  841.380674][T16828] input: syz0 as /devices/virtual/input/input5
[  841.803658][   T27] audit: type=1326 audit(1774600205.805:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16843 comm="syz.3.3086" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f79bad9c799 code=0x0
[  842.877461][T16854] loop1: detected capacity change from 0 to 1024
[  842.887693][T16854] EXT4-fs: inline encryption not supported
[  842.921688][T16854] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  843.442081][T16854] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  844.550642][T14304] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  844.950086][T16871] syzkaller0: entered promiscuous mode
[  844.971260][T16884] loop0: detected capacity change from 0 to 1024
[  844.974868][T16887] loop1: detected capacity change from 0 to 512
[  844.984093][T16871] syzkaller0: entered allmulticast mode
[  844.991012][T16884] EXT4-fs: Ignoring removed nomblk_io_submit option
[  845.071047][T16884] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  845.144621][T16887] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  845.243380][T16887] ext4 filesystem being mounted at /153/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  845.475005][T16898] ip6t_REJECT: TCP_RESET illegal for non-tcp
[  846.195794][T14741] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  846.425816][T14304] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  846.969974][T16908] loop2: detected capacity change from 0 to 64
[  847.123318][    T9] usb 2-1: new high-speed USB device number 24 using dummy_hcd
[  847.334529][    T9] usb 2-1: unable to get BOS descriptor or descriptor too short
[  847.372265][    T9] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  847.383042][    T9] usb 2-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  847.409933][    T9] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7
[  847.429912][    T9] usb 2-1: New USB device found, idVendor=2b53, idProduct=0024, bcdDevice= 0.40
[  847.446911][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  847.457143][    T9] usb 2-1: Product: syz
[  847.461354][    T9] usb 2-1: Manufacturer: syz
[  847.466442][    T9] usb 2-1: SerialNumber: syz
[  850.823162][T16924] kernel profiling enabled (shift: 6)
[  850.899538][T16925] loop2: detected capacity change from 0 to 256
[  852.086980][    T9] usb 2-1: USB disconnect, device number 24
[  852.196806][T16147] udevd[16147]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  854.179572][T16953] loop3: detected capacity change from 0 to 256
[  854.338908][T16953] FAT-fs (loop3): Directory bread(block 64) failed
[  854.362114][T16953] FAT-fs (loop3): Directory bread(block 65) failed
[  854.413438][T16953] FAT-fs (loop3): Directory bread(block 66) failed
[  854.420026][T16953] FAT-fs (loop3): Directory bread(block 67) failed
[  854.499812][T16953] FAT-fs (loop3): Directory bread(block 68) failed
[  854.546537][T16953] FAT-fs (loop3): Directory bread(block 69) failed
[  854.568374][T16953] FAT-fs (loop3): Directory bread(block 70) failed
[  854.602637][T16953] FAT-fs (loop3): Directory bread(block 71) failed
[  854.631097][T16953] FAT-fs (loop3): Directory bread(block 72) failed
[  854.658297][T16953] FAT-fs (loop3): Directory bread(block 73) failed
[  856.272477][T16982] loop3: detected capacity change from 0 to 32768
[  856.317050][T16982] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  856.325887][T16982] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  856.444936][T16982] gfs2: fsid=syz:syz.0: journal 0 mapped with 3 extents in 0ms
[  856.461515][ T9494] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  856.470589][ T9494] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  856.612471][ T9494] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 141ms
[  856.671172][ T9494] gfs2: fsid=syz:syz.0: jid=0: Done
[  856.707802][T16982] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  856.754956][T16966] loop1: detected capacity change from 0 to 32768
[  856.859213][T16930] I/O error, dev loop1, sector 32640 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  857.062392][T16982] gfs2: fsid=syz:syz.0: found 1 quota changes
[  857.155159][T16997] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  857.373778][T16999] syzkaller0: entered promiscuous mode
[  857.464415][T16999] syzkaller0: entered allmulticast mode
[  857.823433][T16996] tipc: Resetting bearer <eth:syzkaller0>
[  858.045950][T16996] tipc: Disabling bearer <eth:syzkaller0>
[  858.103035][T13772] gfs2: fsid=syz:syz.0: warning: assertion "!qd->qd_change" failed at function = gfs2_qd_dispose, file = fs/gfs2/quota.c, line = 129
[  858.123871][T13772] CPU: 1 PID: 13772 Comm: syz-executor Not tainted syzkaller #0
[  858.131558][T13772] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  858.141633][T13772] Call Trace:
[  858.144920][T13772]  <TASK>
[  858.147847][T13772]  dump_stack_lvl+0x18c/0x250
[  858.152559][T13772]  ? show_regs_print_info+0x20/0x20
[  858.157776][T13772]  ? load_image+0x400/0x400
[  858.162329][T13772]  ? do_raw_spin_unlock+0x121/0x230
[  858.167569][T13772]  gfs2_assert_warn_i+0x193/0x2c0
[  858.172678][T13772]  gfs2_qd_dispose+0x4aa/0x5b0
[  858.177559][T13772]  gfs2_quota_cleanup+0x410/0x720
[  858.182618][T13772]  ? spin_lock_bucket+0x150/0x150
[  858.187641][T13772]  ? __might_sleep+0xe0/0xe0
[  858.192228][T13772]  ? gfs2_ail_empty_tr+0x2f0/0x2f0
[  858.197339][T13772]  ? gfs2_quota_sync+0x591/0x5a0
[  858.202276][T13772]  gfs2_make_fs_ro+0x2aa/0x320
[  858.207047][T13772]  ? gfs2_dinode_out+0xb10/0xb10
[  858.211989][T13772]  ? __lock_acquire+0x7d40/0x7d40
[  858.217014][T13772]  ? __rwlock_init+0x150/0x150
[  858.221775][T13772]  ? do_raw_spin_unlock+0x121/0x230
[  858.227018][T13772]  gfs2_put_super+0x224/0x930
[  858.231696][T13772]  ? gfs2_evict_inode+0x1350/0x1350
[  858.236890][T13772]  generic_shutdown_super+0x134/0x2b0
[  858.242258][T13772]  kill_block_super+0x44/0x90
[  858.246932][T13772]  deactivate_locked_super+0x97/0x100
[  858.252314][T13772]  cleanup_mnt+0x43b/0x4d0
[  858.256744][T13772]  task_work_run+0x1d4/0x260
[  858.261333][T13772]  ? task_work_cancel+0x220/0x220
[  858.266359][T13772]  ? exit_to_user_mode_loop+0x3b/0x110
[  858.271823][T13772]  exit_to_user_mode_loop+0xe6/0x110
[  858.277115][T13772]  exit_to_user_mode_prepare+0xee/0x180
[  858.282662][T13772]  syscall_exit_to_user_mode+0x1a/0x50
[  858.288119][T13772]  do_syscall_64+0x61/0xa0
[  858.292561][T13772]  ? clear_bhb_loop+0x40/0x90
[  858.297236][T13772]  ? clear_bhb_loop+0x40/0x90
[  858.301939][T13772]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  858.307826][T13772] RIP: 0033:0x7f79bad9d9d7
[  858.312246][T13772] Code: a2 c7 05 1c fd 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8
[  858.331850][T13772] RSP: 002b:00007ffc3b2db6d8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  858.340255][T13772] RAX: 0000000000000000 RBX: 00007f79bae32050 RCX: 00007f79bad9d9d7
[  858.348224][T13772] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffc3b2db790
[  858.356190][T13772] RBP: 00007ffc3b2db790 R08: 00007ffc3b2dc790 R09: 00000000ffffffff
[  858.364159][T13772] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffc3b2dc820
[  858.372131][T13772] R13: 00007f79bae32050 R14: 00000000000d16e2 R15: 00007ffc3b2dc860
[  858.380109][T13772]  </TASK>
[  858.872319][T17014] netdevsim netdevsim0: loading /lib/firmware/. failed with error -22
[  858.881419][T17014] netdevsim netdevsim0: Direct firmware load for . failed with error -22
[  858.890198][T17014] netdevsim netdevsim0: Falling back to sysfs fallback for: .
[  859.679257][T17012] delete_channel: no stack
[  859.988709][T17018] syzkaller0: entered promiscuous mode
[  860.021225][T17018] syzkaller0: entered allmulticast mode
[  863.769425][T17043] syzkaller0: entered promiscuous mode
[  864.156110][T17073] xt_connbytes: Forcing CT accounting to be enabled
[  864.337516][T17073] x_tables: ip_tables: sctp match: only valid for protocol 132
[  864.357334][T17069] loop2: detected capacity change from 0 to 2048
[  864.583869][T17069] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024)
[  864.659454][T15368] udevd[15368]: incorrect nilfs2 checksum on /dev/loop2
[  865.568570][T17082] loop1: detected capacity change from 0 to 256
[  865.897410][T17083] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  865.904112][T15368] udevd[15368]: incorrect nilfs2 checksum on /dev/loop2
[  865.974374][T17088] netlink: 'syz.0.3135': attribute type 1 has an invalid length.
[  866.174183][   T27] audit: type=1800 audit(1774600230.175:6): pid=17069 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.3129" name="file2" dev="loop2" ino=16 res=0 errno=0
[  866.476691][T17103] syzkaller1: entered promiscuous mode
[  866.482247][T17103] syzkaller1: entered allmulticast mode
[  866.965032][T17113] syzkaller0: entered promiscuous mode
[  866.970570][T17113] syzkaller0: entered allmulticast mode
[  867.160555][T17123] loop3: detected capacity change from 0 to 128
[  867.163119][T17101] loop2: detected capacity change from 0 to 32768
[  867.217987][T17101] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz.2.3136 (17101)
[  867.305262][T17126] x_tables: ip_tables: sctp match: only valid for protocol 132
[  867.658745][T17101] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  867.669214][T17101] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm
[  867.678493][T17101] BTRFS warning (device loop2): 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  867.689322][T17101] BTRFS info (device loop2): trying to use backup root at mount time
[  867.697648][T17101] BTRFS info (device loop2): disabling free space tree
[  867.705048][T17101] BTRFS error (device loop2): cannot disable free space tree
[  867.717775][T17123] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  867.718037][T17101] BTRFS error (device loop2): open_ctree failed: -22
[  867.843416][T17123] ext4 filesystem being mounted at /188/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  868.769850][T15368] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by udevd (15368)
[  868.861853][T17144] program syz.2.3145 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  868.954731][T13772] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  869.145621][T17150] loop3: detected capacity change from 0 to 512
[  869.213979][T17150] EXT4-fs (loop3): couldn't mount as ext3 due to feature incompatibilities
[  869.586172][T17156] syz1: rxe_newlink: already configured on ip6gretap0
[  869.664515][T17156] infiniband syz1: set active
[  869.690320][T17156] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  869.724350][T14258] ip6gretap0 speed is unknown, defaulting to 1000
[  869.755039][T17158] syzkaller1: entered promiscuous mode
[  869.777930][T17158] syzkaller1: entered allmulticast mode
[  869.868195][T17156] llcp: llcp_sock_recvmsg: Recv datagram failed state 3 -6 0
[  869.886702][T17154] loop3: detected capacity change from 0 to 32768
[  869.951254][T15368] I/O error, dev loop3, sector 32640 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  870.298283][ T1275] ieee802154 phy0 wpan0: encryption failed: -22
[  870.311280][ T1275] ieee802154 phy1 wpan1: encryption failed: -22
[  870.341920][T17165] loop0: detected capacity change from 0 to 40427
[  870.365289][T17165] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  870.373420][T17165] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  870.383034][T17165] F2FS-fs (loop0): invalid crc value
[  870.401438][T17165] F2FS-fs (loop0): Found nat_bits in checkpoint
[  870.430613][T17169] loop1: detected capacity change from 0 to 1024
[  870.437629][T17169] EXT4-fs: inline encryption not supported
[  870.446586][T17168] syzkaller0: entered promiscuous mode
[  870.452106][T17168] syzkaller0: entered allmulticast mode
[  870.458161][T17169] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  870.497653][T17165] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  870.505049][T17165] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  870.521572][T17169] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  871.806627][T14304] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  873.392845][T17200] loop0: detected capacity change from 0 to 1024
[  873.424550][T17200] EXT4-fs: Ignoring removed nomblk_io_submit option
[  873.484845][T17200] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  873.551850][T17204] syzkaller1: entered promiscuous mode
[  873.581723][T17204] syzkaller1: entered allmulticast mode
[  873.782207][T14741] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  875.172061][T17195] loop3: detected capacity change from 0 to 32768
[  875.221860][T17195] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  875.257054][T17213] loop2: detected capacity change from 0 to 40427
[  875.265339][T17195] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  875.272280][T17213] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  875.280171][T17213] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  875.313537][T17213] F2FS-fs (loop2): invalid crc value
[  875.328781][T17195] gfs2: fsid=syz:syz.0: journal 0 mapped with 3 extents in 0ms
[  875.329044][T17213] F2FS-fs (loop2): Found nat_bits in checkpoint
[  875.388669][ T5874] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  875.407950][T17213] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  875.415122][ T5874] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  875.423739][T17213] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  875.700580][ T5874] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 285ms
[  875.725120][ T5874] gfs2: fsid=syz:syz.0: jid=0: Done
[  875.750791][T17195] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  877.191875][T17195] gfs2: fsid=syz:syz.0: found 1 quota changes
[  877.286961][T17232] syzkaller0: entered promiscuous mode
[  877.325117][T17232] syzkaller0: entered allmulticast mode
[  877.371394][T13772] gfs2: fsid=syz:syz.0: warning: assertion "!qd->qd_change" failed at function = gfs2_qd_dispose, file = fs/gfs2/quota.c, line = 129
[  877.404330][T13772] CPU: 0 PID: 13772 Comm: syz-executor Not tainted syzkaller #0
[  877.412038][T13772] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  877.422135][T13772] Call Trace:
[  877.425429][T13772]  <TASK>
[  877.428365][T13772]  dump_stack_lvl+0x18c/0x250
[  877.433687][T13772]  ? show_regs_print_info+0x20/0x20
[  877.438919][T13772]  ? load_image+0x400/0x400
[  877.443449][T13772]  ? do_raw_spin_unlock+0x121/0x230
[  877.448671][T13772]  gfs2_assert_warn_i+0x193/0x2c0
[  877.453727][T13772]  gfs2_qd_dispose+0x4aa/0x5b0
[  877.458513][T13772]  gfs2_quota_cleanup+0x410/0x720
[  877.463549][T13772]  ? spin_lock_bucket+0x150/0x150
[  877.468591][T13772]  ? __might_sleep+0xe0/0xe0
[  877.473209][T13772]  ? gfs2_ail_empty_tr+0x2f0/0x2f0
[  877.478346][T13772]  ? gfs2_quota_sync+0x591/0x5a0
[  877.483316][T13772]  gfs2_make_fs_ro+0x2aa/0x320
[  877.488108][T13772]  ? gfs2_dinode_out+0xb10/0xb10
[  877.493073][T13772]  ? __lock_acquire+0x7d40/0x7d40
[  877.498117][T13772]  ? __rwlock_init+0x150/0x150
[  877.502896][T13772]  ? do_raw_spin_unlock+0x121/0x230
[  877.508119][T13772]  gfs2_put_super+0x224/0x930
[  877.512835][T13772]  ? gfs2_evict_inode+0x1350/0x1350
[  877.518061][T13772]  generic_shutdown_super+0x134/0x2b0
[  877.523466][T13772]  kill_block_super+0x44/0x90
[  877.528164][T13772]  deactivate_locked_super+0x97/0x100
[  877.533548][T13772]  cleanup_mnt+0x43b/0x4d0
[  877.537982][T13772]  task_work_run+0x1d4/0x260
[  877.542593][T13772]  ? task_work_cancel+0x220/0x220
[  877.547632][T17236] syzkaller0: entered promiscuous mode
[  877.547640][T13772]  ? exit_to_user_mode_loop+0x3b/0x110
[  877.558548][T13772]  exit_to_user_mode_loop+0xe6/0x110
[  877.563981][T13772]  exit_to_user_mode_prepare+0xee/0x180
[  877.569551][T13772]  syscall_exit_to_user_mode+0x1a/0x50
[  877.575038][T13772]  do_syscall_64+0x61/0xa0
[  877.579475][T13772]  ? clear_bhb_loop+0x40/0x90
[  877.579995][T17236] syzkaller0: entered allmulticast mode
[  877.584148][T13772]  ? clear_bhb_loop+0x40/0x90
[  877.584171][T13772]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  877.584190][T13772] RIP: 0033:0x7f79bad9d9d7
[  877.584206][T13772] Code: a2 c7 05 1c fd 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8
[  877.584219][T13772] RSP: 002b:00007ffc3b2db6d8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  877.632737][T13772] RAX: 0000000000000000 RBX: 00007f79bae32050 RCX: 00007f79bad9d9d7
[  877.640718][T13772] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffc3b2db790
[  877.648685][T13772] RBP: 00007ffc3b2db790 R08: 00007ffc3b2dc790 R09: 00000000ffffffff
[  877.656651][T13772] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffc3b2dc820
[  877.664627][T13772] R13: 00007f79bae32050 R14: 00000000000d52e2 R15: 00007ffc3b2dc860
[  877.672639][T13772]  </TASK>
[  877.708118][T17241] loop2: detected capacity change from 0 to 1024
[  877.715984][T17241] EXT4-fs: inline encryption not supported
[  877.744813][T17241] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  877.821062][T17241] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  877.949294][T13494] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  878.171647][T17250] loop2: detected capacity change from 0 to 1024
[  878.180397][T17250] EXT4-fs: Ignoring removed nomblk_io_submit option
[  878.209539][T17250] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  878.372921][T13494] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  878.570723][T17248] loop3: detected capacity change from 0 to 32768
[  879.045778][T17248] JBD2: Ignoring recovery information on journal
[  879.220466][T17248] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  880.014293][T13772] ocfs2: Unmounting device (7,3) on (node local)
[  881.880706][T17265] loop1: detected capacity change from 0 to 40427
[  881.899882][T17265] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  881.908210][T17265] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  881.917628][T17265] F2FS-fs (loop1): invalid crc value
[  881.966779][T17265] F2FS-fs (loop1): Found nat_bits in checkpoint
[  882.027288][T17265] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  882.034488][T17265] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  884.336141][T17262] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3172'.
[  884.532012][T17282] loop0: detected capacity change from 0 to 1024
[  884.604079][T17282] EXT4-fs: Ignoring removed nomblk_io_submit option
[  884.612995][T17281] syzkaller0: entered promiscuous mode
[  884.654712][T17282] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  885.128377][T17292] ip6t_REJECT: TCP_RESET illegal for non-tcp
[  885.646805][T14741] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  885.912473][T17279] loop1: detected capacity change from 0 to 32768
[  885.950336][T17279] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  885.964230][T17279] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  886.120812][T17279] gfs2: fsid=syz:syz.0: journal 0 mapped with 3 extents in 0ms
[  886.170915][   T23] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  886.181949][   T23] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  886.343832][   T23] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 161ms
[  886.360529][   T23] gfs2: fsid=syz:syz.0: jid=0: Done
[  886.382692][T17279] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  886.748760][T17279] gfs2: fsid=syz:syz.0: found 1 quota changes
[  886.902248][T14304] gfs2: fsid=syz:syz.0: warning: assertion "!qd->qd_change" failed at function = gfs2_qd_dispose, file = fs/gfs2/quota.c, line = 129
[  886.925602][T14304] CPU: 0 PID: 14304 Comm: syz-executor Not tainted syzkaller #0
[  886.933302][T14304] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  886.943378][T14304] Call Trace:
[  886.946674][T14304]  <TASK>
[  886.949624][T14304]  dump_stack_lvl+0x18c/0x250
[  886.954316][T14304]  ? show_regs_print_info+0x20/0x20
[  886.959500][T14304]  ? load_image+0x400/0x400
[  886.964013][T14304]  ? do_raw_spin_unlock+0x121/0x230
[  886.969254][T14304]  gfs2_assert_warn_i+0x193/0x2c0
[  886.974327][T14304]  gfs2_qd_dispose+0x4aa/0x5b0
[  886.979110][T14304]  gfs2_quota_cleanup+0x410/0x720
[  886.984164][T14304]  ? spin_lock_bucket+0x150/0x150
[  886.989240][T14304]  ? __might_sleep+0xe0/0xe0
[  886.994044][T14304]  ? gfs2_ail_empty_tr+0x2f0/0x2f0
[  886.999357][T14304]  ? gfs2_quota_sync+0x591/0x5a0
[  887.004315][T14304]  gfs2_make_fs_ro+0x2aa/0x320
[  887.009172][T14304]  ? gfs2_dinode_out+0xb10/0xb10
[  887.014104][T14304]  ? __lock_acquire+0x7d40/0x7d40
[  887.019124][T14304]  ? __rwlock_init+0x150/0x150
[  887.023976][T14304]  ? do_raw_spin_unlock+0x121/0x230
[  887.029172][T14304]  gfs2_put_super+0x224/0x930
[  887.033851][T14304]  ? gfs2_evict_inode+0x1350/0x1350
[  887.039486][T14304]  generic_shutdown_super+0x134/0x2b0
[  887.044884][T14304]  kill_block_super+0x44/0x90
[  887.049734][T14304]  deactivate_locked_super+0x97/0x100
[  887.055101][T14304]  cleanup_mnt+0x43b/0x4d0
[  887.059517][T14304]  task_work_run+0x1d4/0x260
[  887.064392][T14304]  ? task_work_cancel+0x220/0x220
[  887.069423][T14304]  ? exit_to_user_mode_loop+0x3b/0x110
[  887.074892][T14304]  exit_to_user_mode_loop+0xe6/0x110
[  887.080612][T14304]  exit_to_user_mode_prepare+0xee/0x180
[  887.086161][T14304]  syscall_exit_to_user_mode+0x1a/0x50
[  887.091618][T14304]  do_syscall_64+0x61/0xa0
[  887.096036][T14304]  ? clear_bhb_loop+0x40/0x90
[  887.101492][T14304]  ? clear_bhb_loop+0x40/0x90
[  887.106189][T14304]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  887.112164][T14304] RIP: 0033:0x7efe6419d9d7
[  887.116571][T14304] Code: a2 c7 05 1c fd 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8
[  887.136176][T14304] RSP: 002b:00007ffc673f99b8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  887.144584][T14304] RAX: 0000000000000000 RBX: 00007efe64232050 RCX: 00007efe6419d9d7
[  887.152547][T14304] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffc673f9a70
[  887.160510][T14304] RBP: 00007ffc673f9a70 R08: 00007ffc673faa70 R09: 00000000ffffffff
[  887.168473][T14304] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffc673fab00
[  887.176434][T14304] R13: 00007efe64232050 R14: 00000000000d880c R15: 00007ffc673fab40
[  887.184409][T14304]  </TASK>
[  889.278871][T17340] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3185'.
[  889.464320][T17343] syzkaller0: entered promiscuous mode
[  889.483707][T17343] syzkaller0: entered allmulticast mode
[  889.496954][T17348] loop0: detected capacity change from 0 to 128
[  889.534675][T17346] syzkaller1: entered promiscuous mode
[  889.549707][T17348] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  889.568403][T17346] syzkaller1: entered allmulticast mode
[  889.593365][T17348] ext4 filesystem being mounted at /133/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  889.825425][T14741] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  893.284412][T17369] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3194'.
[  893.286264][T17359] netdevsim netdevsim2: loading /lib/firmware/. failed with error -22
[  893.304039][T17359] netdevsim netdevsim2: Direct firmware load for . failed with error -22
[  893.312476][T17359] netdevsim netdevsim2: Falling back to sysfs fallback for: .
[  893.587905][T17376] syzkaller0: entered promiscuous mode
[  893.602045][T17376] syzkaller0: entered allmulticast mode
[  893.702702][T17377] syzkaller0: entered promiscuous mode
[  893.732463][T17372] loop1: detected capacity change from 0 to 32768
[  895.070801][T17386] loop1: detected capacity change from 0 to 128
[  895.117751][T17386] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  895.143147][T17386] ext4 filesystem being mounted at /184/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  895.269826][T14304] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  900.160853][T17378] syzkaller0: entered promiscuous mode
[  900.196763][T17419] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3204'.
[  900.338011][T17424] syzkaller1: entered promiscuous mode
[  900.350064][T17424] syzkaller1: entered allmulticast mode
[  900.438924][T17428] loop1: detected capacity change from 0 to 1024
[  900.452646][T17428] EXT4-fs: Ignoring removed nomblk_io_submit option
[  900.495382][T17429] loop3: detected capacity change from 0 to 1024
[  900.502440][T17429] EXT4-fs: inline encryption not supported
[  900.511241][T17429] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  900.554857][T17429] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  900.630749][T17428] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  900.715997][T13772] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  901.026868][T17441] ip6t_REJECT: TCP_RESET illegal for non-tcp
[  901.571425][T14304] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  901.849709][T17463] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3214'.
[  902.356658][T17471] loop1: detected capacity change from 0 to 32768
[  902.367167][T17471] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  902.375728][T17471] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  902.408553][T17471] gfs2: fsid=syz:syz.0: journal 0 mapped with 3 extents in 0ms
[  902.425322][T17000] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  902.463263][T17000] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  902.553789][T17000] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 90ms
[  902.571468][T17000] gfs2: fsid=syz:syz.0: jid=0: Done
[  902.578567][T17471] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  902.629103][T17482] syzkaller1: entered promiscuous mode
[  902.634745][T17482] syzkaller1: entered allmulticast mode
[  903.514923][T17471] gfs2: fsid=syz:syz.0: found 1 quota changes
[  904.239252][T17498] loop2: detected capacity change from 0 to 1024
[  904.246319][T17498] EXT4-fs: inline encryption not supported
[  904.254078][T17498] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  904.308299][T17498] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  904.451562][T13494] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  904.477367][T14304] gfs2: fsid=syz:syz.0: warning: assertion "!qd->qd_change" failed at function = gfs2_qd_dispose, file = fs/gfs2/quota.c, line = 129
[  904.508524][T14304] CPU: 0 PID: 14304 Comm: syz-executor Not tainted syzkaller #0
[  904.516227][T14304] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  904.526307][T14304] Call Trace:
[  904.529598][T14304]  <TASK>
[  904.532537][T14304]  dump_stack_lvl+0x18c/0x250
[  904.537242][T14304]  ? show_regs_print_info+0x20/0x20
[  904.542463][T14304]  ? load_image+0x400/0x400
[  904.546987][T14304]  ? do_raw_spin_unlock+0x121/0x230
[  904.552212][T14304]  gfs2_assert_warn_i+0x193/0x2c0
[  904.557301][T14304]  gfs2_qd_dispose+0x4aa/0x5b0
[  904.562080][T14304]  gfs2_quota_cleanup+0x410/0x720
[  904.567121][T14304]  ? spin_lock_bucket+0x150/0x150
[  904.572164][T14304]  ? __might_sleep+0xe0/0xe0
[  904.576781][T14304]  ? gfs2_ail_empty_tr+0x2f0/0x2f0
[  904.581976][T14304]  ? gfs2_quota_sync+0x591/0x5a0
[  904.586953][T14304]  gfs2_make_fs_ro+0x2aa/0x320
[  904.591837][T14304]  ? gfs2_dinode_out+0xb10/0xb10
[  904.596807][T14304]  ? __lock_acquire+0x7d40/0x7d40
[  904.601861][T14304]  ? __rwlock_init+0x150/0x150
[  904.607269][T14304]  ? do_raw_spin_unlock+0x121/0x230
[  904.612494][T14304]  gfs2_put_super+0x224/0x930
[  904.617450][T14304]  ? gfs2_evict_inode+0x1350/0x1350
[  904.622860][T14304]  generic_shutdown_super+0x134/0x2b0
[  904.628352][T14304]  kill_block_super+0x44/0x90
[  904.633138][T14304]  deactivate_locked_super+0x97/0x100
[  904.638503][T14304]  cleanup_mnt+0x43b/0x4d0
[  904.642919][T14304]  task_work_run+0x1d4/0x260
[  904.647518][T14304]  ? task_work_cancel+0x220/0x220
[  904.653246][T14304]  ? exit_to_user_mode_loop+0x3b/0x110
[  904.659639][T14304]  exit_to_user_mode_loop+0xe6/0x110
[  904.665534][T14304]  exit_to_user_mode_prepare+0xee/0x180
[  904.671078][T14304]  syscall_exit_to_user_mode+0x1a/0x50
[  904.676533][T14304]  do_syscall_64+0x61/0xa0
[  904.681036][T14304]  ? clear_bhb_loop+0x40/0x90
[  904.685707][T14304]  ? clear_bhb_loop+0x40/0x90
[  904.690377][T14304]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  904.696262][T14304] RIP: 0033:0x7efe6419d9d7
[  904.700670][T14304] Code: a2 c7 05 1c fd 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8
[  904.720276][T14304] RSP: 002b:00007ffc673f99b8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  904.728692][T14304] RAX: 0000000000000000 RBX: 00007efe64232050 RCX: 00007efe6419d9d7
[  904.736652][T14304] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffc673f9a70
[  904.744735][T14304] RBP: 00007ffc673f9a70 R08: 00007ffc673faa70 R09: 00000000ffffffff
[  904.752807][T14304] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffc673fab00
[  904.761210][T14304] R13: 00007efe64232050 R14: 00000000000dcbe6 R15: 00007ffc673fab40
[  904.769186][T14304]  </TASK>
[  904.805494][T17509] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3225'.
[  904.906552][T17513] syzkaller0: entered promiscuous mode
[  904.912185][T17513] syzkaller0: entered allmulticast mode
[  905.049951][T17518] loop3: detected capacity change from 0 to 128
[  905.073594][T17518] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  905.093902][T17518] ext4 filesystem being mounted at /203/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  905.274790][T13772] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  906.575793][T17548] loop3: detected capacity change from 0 to 32768
[  906.593675][T17548] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  906.601898][T17548] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  906.616055][T17548] gfs2: fsid=syz:syz.0: journal 0 mapped with 3 extents in 0ms
[  906.625304][  T788] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  906.632132][  T788] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  906.694084][  T788] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 61ms
[  906.701863][  T788] gfs2: fsid=syz:syz.0: jid=0: Done
[  906.723276][T17548] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  907.003802][T17548] gfs2: fsid=syz:syz.0: found 1 quota changes
[  909.232372][T13772] gfs2: fsid=syz:syz.0: warning: assertion "!qd->qd_change" failed at function = gfs2_qd_dispose, file = fs/gfs2/quota.c, line = 129
[  909.257559][T13772] CPU: 1 PID: 13772 Comm: syz-executor Not tainted syzkaller #0
[  909.265265][T13772] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  909.275343][T13772] Call Trace:
[  909.278628][T13772]  <TASK>
[  909.281565][T13772]  dump_stack_lvl+0x18c/0x250
[  909.286284][T13772]  ? show_regs_print_info+0x20/0x20
[  909.291516][T13772]  ? load_image+0x400/0x400
[  909.296052][T13772]  ? do_raw_spin_unlock+0x121/0x230
[  909.301288][T13772]  gfs2_assert_warn_i+0x193/0x2c0
[  909.306357][T13772]  gfs2_qd_dispose+0x4aa/0x5b0
[  909.311155][T13772]  gfs2_quota_cleanup+0x410/0x720
[  909.316216][T13772]  ? spin_lock_bucket+0x150/0x150
[  909.321283][T13772]  ? __might_sleep+0xe0/0xe0
[  909.325906][T13772]  ? gfs2_ail_empty_tr+0x2f0/0x2f0
[  909.331051][T13772]  ? gfs2_quota_sync+0x591/0x5a0
[  909.336025][T13772]  gfs2_make_fs_ro+0x2aa/0x320
[  909.340817][T13772]  ? gfs2_dinode_out+0xb10/0xb10
[  909.345789][T13772]  ? __lock_acquire+0x7d40/0x7d40
[  909.350850][T13772]  ? __rwlock_init+0x150/0x150
[  909.353141][T17558] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3235'.
[  909.355627][T13772]  ? do_raw_spin_unlock+0x121/0x230
[  909.355660][T13772]  gfs2_put_super+0x224/0x930
[  909.355687][T13772]  ? gfs2_evict_inode+0x1350/0x1350
[  909.355705][T13772]  generic_shutdown_super+0x134/0x2b0
[  909.355723][T13772]  kill_block_super+0x44/0x90
[  909.355740][T13772]  deactivate_locked_super+0x97/0x100
[  909.395104][T13772]  cleanup_mnt+0x43b/0x4d0
[  909.399557][T13772]  task_work_run+0x1d4/0x260
[  909.404204][T13772]  ? task_work_cancel+0x220/0x220
[  909.409267][T13772]  ? exit_to_user_mode_loop+0x3b/0x110
[  909.414760][T13772]  exit_to_user_mode_loop+0xe6/0x110
[  909.420082][T13772]  exit_to_user_mode_prepare+0xee/0x180
[  909.425667][T13772]  syscall_exit_to_user_mode+0x1a/0x50
[  909.431170][T13772]  do_syscall_64+0x61/0xa0
[  909.435631][T13772]  ? clear_bhb_loop+0x40/0x90
[  909.440341][T13772]  ? clear_bhb_loop+0x40/0x90
[  909.445051][T13772]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  909.450972][T13772] RIP: 0033:0x7f79bad9d9d7
[  909.455411][T13772] Code: a2 c7 05 1c fd 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8
[  909.475042][T13772] RSP: 002b:00007ffc3b2db6d8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  909.483485][T13772] RAX: 0000000000000000 RBX: 00007f79bae32050 RCX: 00007f79bad9d9d7
[  909.491488][T13772] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffc3b2db790
[  909.499484][T13772] RBP: 00007ffc3b2db790 R08: 00007ffc3b2dc790 R09: 00000000ffffffff
[  909.507483][T13772] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffc3b2dc820
[  909.515482][T13772] R13: 00007f79bae32050 R14: 00000000000dd815 R15: 00007ffc3b2dc860
[  909.523497][T13772]  </TASK>
[  909.630811][T17564] loop1: detected capacity change from 0 to 128
[  909.670908][T17564] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  909.686768][T17564] ext4 filesystem being mounted at /195/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  909.841450][T14304] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  910.151715][T17583] loop3: detected capacity change from 0 to 64
[  910.268822][T17583] Trying to free block not in datazone
[  910.461021][T17581] loop0: detected capacity change from 0 to 32768
[  910.471954][T17581] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  910.480260][T17581] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  910.486396][T17585] syzkaller0: entered promiscuous mode
[  910.524586][T17581] gfs2: fsid=syz:syz.0: journal 0 mapped with 3 extents in 0ms
[  910.534844][ T9494] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  910.541652][ T9494] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  910.545980][T17585] syzkaller0: entered allmulticast mode
[  910.586681][ T9494] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 45ms
[  910.596727][ T9494] gfs2: fsid=syz:syz.0: jid=0: Done
[  910.602149][T17581] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  910.632635][T17588] syzkaller1: entered promiscuous mode
[  910.659445][T17588] syzkaller1: entered allmulticast mode
[  910.848644][T17581] gfs2: fsid=syz:syz.0: found 1 quota changes
[  911.255656][T17595] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3247'.
[  911.646502][T14741] gfs2: fsid=syz:syz.0: warning: assertion "!qd->qd_change" failed at function = gfs2_qd_dispose, file = fs/gfs2/quota.c, line = 129
[  911.661963][T17603] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3248'.
[  911.671949][T17603] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate.
[  911.690174][T14741] CPU: 1 PID: 14741 Comm: syz-executor Not tainted syzkaller #0
[  911.697875][T14741] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  911.707948][T14741] Call Trace:
[  911.711227][T14741]  <TASK>
[  911.714158][T14741]  dump_stack_lvl+0x18c/0x250
[  911.718837][T14741]  ? show_regs_print_info+0x20/0x20
[  911.724034][T14741]  ? load_image+0x400/0x400
[  911.728537][T14741]  ? do_raw_spin_unlock+0x121/0x230
[  911.733731][T14741]  gfs2_assert_warn_i+0x193/0x2c0
[  911.738760][T14741]  gfs2_qd_dispose+0x4aa/0x5b0
[  911.743523][T14741]  gfs2_quota_cleanup+0x410/0x720
[  911.748541][T14741]  ? spin_lock_bucket+0x150/0x150
[  911.753556][T14741]  ? __might_sleep+0xe0/0xe0
[  911.758156][T14741]  ? gfs2_ail_empty_tr+0x2f0/0x2f0
[  911.763263][T14741]  ? gfs2_quota_sync+0x591/0x5a0
[  911.768640][T14741]  gfs2_make_fs_ro+0x2aa/0x320
[  911.773400][T14741]  ? gfs2_dinode_out+0xb10/0xb10
[  911.778331][T14741]  ? __lock_acquire+0x7d40/0x7d40
[  911.783350][T14741]  ? __rwlock_init+0x150/0x150
[  911.788110][T14741]  ? do_raw_spin_unlock+0x121/0x230
[  911.793306][T14741]  gfs2_put_super+0x224/0x930
[  911.797983][T14741]  ? gfs2_evict_inode+0x1350/0x1350
[  911.803177][T14741]  generic_shutdown_super+0x134/0x2b0
[  911.808553][T14741]  kill_block_super+0x44/0x90
[  911.813248][T14741]  deactivate_locked_super+0x97/0x100
[  911.818618][T14741]  cleanup_mnt+0x43b/0x4d0
[  911.823033][T14741]  task_work_run+0x1d4/0x260
[  911.827623][T14741]  ? task_work_cancel+0x220/0x220
[  911.832645][T14741]  ? exit_to_user_mode_loop+0x3b/0x110
[  911.838104][T14741]  exit_to_user_mode_loop+0xe6/0x110
[  911.843387][T14741]  exit_to_user_mode_prepare+0xee/0x180
[  911.848928][T14741]  syscall_exit_to_user_mode+0x1a/0x50
[  911.854390][T14741]  do_syscall_64+0x61/0xa0
[  911.858802][T14741]  ? clear_bhb_loop+0x40/0x90
[  911.863476][T14741]  ? clear_bhb_loop+0x40/0x90
[  911.868150][T14741]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  911.874064][T14741] RIP: 0033:0x7fb2b8d9d9d7
[  911.878489][T14741] Code: a2 c7 05 1c fd 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8
[  911.898104][T14741] RSP: 002b:00007ffea1162398 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  911.906514][T14741] RAX: 0000000000000000 RBX: 00007fb2b8e32050 RCX: 00007fb2b8d9d9d7
[  911.914475][T14741] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffea1162450
[  911.922466][T14741] RBP: 00007ffea1162450 R08: 00007ffea1163450 R09: 00000000ffffffff
[  911.930430][T14741] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffea11634e0
[  911.938397][T14741] R13: 00007fb2b8e32050 R14: 00000000000de896 R15: 00007ffea1163520
[  911.946386][T14741]  </TASK>
[  912.370394][T17622] loop0: detected capacity change from 0 to 128
[  912.478188][T17624] netlink: 48 bytes leftover after parsing attributes in process `syz.1.3255'.
[  912.668209][T17633] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3258'.
[  912.781796][T17635] syzkaller1: entered promiscuous mode
[  912.788728][T17635] syzkaller1: entered allmulticast mode
[  913.508629][T17652] loop1: detected capacity change from 0 to 128
[  913.938409][T17662] netdevsim netdevsim0: loading /lib/firmware/. failed with error -22
[  913.957559][T17656] loop2: detected capacity change from 0 to 32768
[  913.968992][T17662] netdevsim netdevsim0: Direct firmware load for . failed with error -22
[  913.979407][T17656] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  913.987657][T17656] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  913.995540][T17662] netdevsim netdevsim0: Falling back to sysfs fallback for: .
[  914.024805][T17656] gfs2: fsid=syz:syz.0: journal 0 mapped with 3 extents in 0ms
[  914.043294][ T9494] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  914.050114][ T9494] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  914.137510][T17665] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3268'.
[  914.148115][ T9494] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 98ms
[  914.155977][ T9494] gfs2: fsid=syz:syz.0: jid=0: Done
[  914.162219][T17656] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  914.248425][T17667] syzkaller1: entered promiscuous mode
[  914.255012][T17667] syzkaller1: entered allmulticast mode
[  914.407226][T17656] gfs2: fsid=syz:syz.0: found 1 quota changes
[  915.724149][T13494] gfs2: fsid=syz:syz.0: warning: assertion "!qd->qd_change" failed at function = gfs2_qd_dispose, file = fs/gfs2/quota.c, line = 129
[  915.761255][T13494] CPU: 0 PID: 13494 Comm: syz-executor Not tainted syzkaller #0
[  915.768960][T13494] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  915.779040][T13494] Call Trace:
[  915.782335][T13494]  <TASK>
[  915.785282][T13494]  dump_stack_lvl+0x18c/0x250
[  915.786214][T17690] loop1: detected capacity change from 0 to 1024
[  915.789974][T13494]  ? show_regs_print_info+0x20/0x20
[  915.801501][T13494]  ? load_image+0x400/0x400
[  915.806038][T13494]  ? do_raw_spin_unlock+0x121/0x230
[  915.811269][T13494]  gfs2_assert_warn_i+0x193/0x2c0
[  915.814466][T17690] EXT4-fs: Ignoring removed nomblk_io_submit option
[  915.816311][T13494]  gfs2_qd_dispose+0x4aa/0x5b0
[  915.827668][T13494]  gfs2_quota_cleanup+0x410/0x720
[  915.832717][T13494]  ? spin_lock_bucket+0x150/0x150
[  915.837765][T13494]  ? __might_sleep+0xe0/0xe0
[  915.842381][T13494]  ? gfs2_ail_empty_tr+0x2f0/0x2f0
[  915.847551][T13494]  ? gfs2_quota_sync+0x591/0x5a0
[  915.852525][T13494]  gfs2_make_fs_ro+0x2aa/0x320
[  915.857327][T13494]  ? gfs2_dinode_out+0xb10/0xb10
[  915.862293][T13494]  ? __lock_acquire+0x7d40/0x7d40
[  915.867339][T13494]  ? __rwlock_init+0x150/0x150
[  915.872123][T13494]  ? do_raw_spin_unlock+0x121/0x230
[  915.877337][T13494]  gfs2_put_super+0x224/0x930
[  915.882050][T13494]  ? gfs2_evict_inode+0x1350/0x1350
[  915.887241][T13494]  generic_shutdown_super+0x134/0x2b0
[  915.892599][T13494]  kill_block_super+0x44/0x90
[  915.897265][T13494]  deactivate_locked_super+0x97/0x100
[  915.902622][T13494]  cleanup_mnt+0x43b/0x4d0
[  915.907031][T13494]  task_work_run+0x1d4/0x260
[  915.911612][T13494]  ? task_work_cancel+0x220/0x220
[  915.916650][T13494]  ? exit_to_user_mode_loop+0x3b/0x110
[  915.922137][T13494]  exit_to_user_mode_loop+0xe6/0x110
[  915.927451][T13494]  exit_to_user_mode_prepare+0xee/0x180
[  915.933035][T13494]  syscall_exit_to_user_mode+0x1a/0x50
[  915.938525][T13494]  do_syscall_64+0x61/0xa0
[  915.942978][T13494]  ? clear_bhb_loop+0x40/0x90
[  915.947680][T13494]  ? clear_bhb_loop+0x40/0x90
[  915.952382][T13494]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  915.958384][T13494] RIP: 0033:0x7f9bd3f9d9d7
[  915.962820][T13494] Code: a2 c7 05 1c fd 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8
[  915.982441][T13494] RSP: 002b:00007ffdfaf124a8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  915.990849][T13494] RAX: 0000000000000000 RBX: 00007f9bd4032050 RCX: 00007f9bd3f9d9d7
[  915.998820][T13494] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffdfaf12560
[  916.006800][T13494] RBP: 00007ffdfaf12560 R08: 00007ffdfaf13560 R09: 00000000ffffffff
[  916.014795][T13494] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffdfaf135f0
[  916.022793][T13494] R13: 00007f9bd4032050 R14: 00000000000df648 R15: 00007ffdfaf13630
[  916.030800][T13494]  </TASK>
[  916.053663][T17690] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  917.030909][T14304] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  917.221824][T17706] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3278'.
[  917.484125][T17714] netdevsim netdevsim2: loading /lib/firmware/. failed with error -22
[  917.533628][T17714] netdevsim netdevsim2: Direct firmware load for . failed with error -22
[  917.563562][T17714] netdevsim netdevsim2: Falling back to sysfs fallback for: .
[  917.889023][T17730] loop3: detected capacity change from 0 to 256
[  917.941192][T17730] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  917.979439][   T27] audit: type=1800 audit(1774600281.985:7): pid=17730 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.3287" name="file1" dev="loop3" ino=1048618 res=0 errno=0
[  918.023323][   T27] audit: type=1800 audit(1774600282.025:8): pid=17730 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.3287" name="file1" dev="loop3" ino=1048618 res=0 errno=0
[  918.099315][T17708] loop0: detected capacity change from 0 to 40427
[  918.114555][T17708] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  918.118048][T17734] FAT-fs (loop3): error, corrupted file size (i_pos 196, 16779008)
[  918.131359][T17708] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  918.150579][T17734] FAT-fs (loop3): Filesystem has been set read-only
[  918.181429][T17734] FAT-fs (loop3): error, corrupted file size (i_pos 196, 16779008)
[  918.195889][T17708] F2FS-fs (loop0): invalid crc value
[  918.227975][T17734] FAT-fs (loop3): error, corrupted file size (i_pos 196, 16779008)
[  918.238116][T17708] F2FS-fs (loop0): Found nat_bits in checkpoint
[  918.250006][T17734] FAT-fs (loop3): error, corrupted file size (i_pos 196, 16779008)
[  918.266129][T17734] FAT-fs (loop3): error, corrupted file size (i_pos 196, 16779008)
[  918.307709][T17734] FAT-fs (loop3): error, corrupted file size (i_pos 196, 16779008)
[  918.371959][T17734] FAT-fs (loop3): error, corrupted file size (i_pos 196, 16779008)
[  918.390475][T17734] FAT-fs (loop3): error, corrupted file size (i_pos 196, 16779008)
[  918.398954][T17734] FAT-fs (loop3): error, corrupted file size (i_pos 196, 16779008)
[  918.409810][T17708] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  918.417341][T17708] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  918.435704][T17734] FAT-fs (loop3): error, corrupted file size (i_pos 196, 16779008)
[  918.485066][T17734] FAT-fs (loop3): error, corrupted file size (i_pos 196, 16779008)
[  918.493111][T17734] FAT-fs (loop3): error, corrupted file size (i_pos 196, 16779008)
[  918.534493][T17734] FAT-fs (loop3): error, corrupted file size (i_pos 196, 16779008)
[  918.563951][T17741] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3290'.
[  918.583559][T17734] FAT-fs (loop3): error, corrupted file size (i_pos 196, 16779008)
[  918.592200][T17734] FAT-fs (loop3): error, corrupted file size (i_pos 196, 16779008)
[  918.600495][T17734] FAT-fs (loop3): error, corrupted file size (i_pos 196, 16779008)
[  918.611452][T17734] FAT-fs (loop3): error, corrupted file size (i_pos 196, 16779008)
[  918.657946][T17734] FAT-fs (loop3): error, corrupted file size (i_pos 196, 16779008)
[  918.680139][T17734] FAT-fs (loop3): error, corrupted file size (i_pos 196, 16779008)
[  918.698060][T17734] FAT-fs (loop3): error, corrupted file size (i_pos 196, 16779008)
[  918.727149][T17734] FAT-fs (loop3): error, corrupted file size (i_pos 196, 16779008)
[  918.832651][T17734] FAT-fs (loop3): error, corrupted file size (i_pos 196, 16779008)
[  918.915840][T17734] FAT-fs (loop3): error, corrupted file size (i_pos 196, 16779008)
[  919.022247][T17734] FAT-fs (loop3): error, corrupted file size (i_pos 196, 16779008)
[  919.090153][T17747] loop2: detected capacity change from 0 to 256
[  919.135725][T17734] FAT-fs (loop3): error, corrupted file size (i_pos 196, 16779008)
[  919.377149][T17734] FAT-fs (loop3): error, corrupted file size (i_pos 196, 16779008)
[  919.520392][T17734] FAT-fs (loop3): error, corrupted file size (i_pos 196, 16779008)
[  919.651954][T17734] FAT-fs (loop3): error, corrupted file size (i_pos 196, 16779008)
[  919.783141][T17734] FAT-fs (loop3): error, corrupted file size (i_pos 196, 16779008)
[  919.791255][T17734] FAT-fs (loop3): error, corrupted file size (i_pos 196, 16779008)
[  919.866301][T17734] FAT-fs (loop3): error, corrupted file size (i_pos 196, 16779008)
[  919.916455][T17734] FAT-fs (loop3): error, corrupted file size (i_pos 196, 16779008)
[  919.926975][T17734] FAT-fs (loop3): error, corrupted file size (i_pos 196, 16779008)
[  919.940815][T17734] FAT-fs (loop3): error, corrupted file size (i_pos 196, 16779008)
[  920.448997][T17770] loop1: detected capacity change from 0 to 1024
[  920.511629][T17770] EXT4-fs: inline encryption not supported
[  920.622651][T17772] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3299'.
[  920.696984][T17770] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  920.836452][T17770] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  920.864430][T17778] loop0: detected capacity change from 0 to 4096
[  920.907303][T17778] ntfs3: loop0: Different NTFS sector size (4096) and media sector size (512).
[  921.030959][T14304] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  921.506093][ T5874] usb 2-1: new high-speed USB device number 25 using dummy_hcd
[  921.531495][T17797] loop3: detected capacity change from 0 to 256
[  921.939228][T17774] loop2: detected capacity change from 0 to 40427
[  922.068954][T17774] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  922.165084][T17774] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  922.308668][T17774] F2FS-fs (loop2): invalid crc value
[  922.393938][T17774] F2FS-fs (loop2): Found nat_bits in checkpoint
[  922.478609][ T5874] usb 2-1: unable to get BOS descriptor or descriptor too short
[  922.594758][ T5874] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  922.630715][ T5874] usb 2-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  922.640088][ T5874] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7
[  922.653845][ T5874] usb 2-1: New USB device found, idVendor=2b53, idProduct=0024, bcdDevice= 0.40
[  922.673220][ T5874] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  922.681245][ T5874] usb 2-1: Product: syz
[  922.707212][T17774] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  922.723297][ T5874] usb 2-1: Manufacturer: syz
[  922.723451][T17774] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  922.728049][ T5874] usb 2-1: SerialNumber: syz
[  925.046580][T17814] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3310'.
[  925.050704][ T5874] usb 2-1: USB disconnect, device number 25
[  925.139039][T16928] udevd[16928]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  925.427507][T17819] loop0: detected capacity change from 0 to 1024
[  925.435875][T17819] EXT4-fs: inline encryption not supported
[  925.463053][T17819] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  925.616583][T17819] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  925.990267][T17830] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  926.055234][T14741] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  926.508125][T17843] loop1: detected capacity change from 0 to 1024
[  926.524109][T17843] EXT4-fs: Ignoring removed nomblk_io_submit option
[  926.548072][T17839] loop2: detected capacity change from 0 to 1024
[  926.585500][T17844] loop0: detected capacity change from 0 to 1024
[  926.592523][T17844] EXT4-fs: inline encryption not supported
[  926.611576][T17844] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  926.629241][T17839] EXT4-fs: inline encryption not supported
[  926.660511][T17844] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  926.702399][T17843] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  926.763430][T17839] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  927.051821][T17839] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  927.603965][T17852] EXT4-fs warning (device loop2): ext4_xattr_inode_get:560: inode #18: comm syz.2.3312: EA inode hash validation failed
[  927.654076][T17852] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2853: Unable to expand inode 13. Delete some EAs or run e2fsck.
[  927.790835][T14741] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  927.879960][T13494] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  928.336890][T17857] syzkaller0: entered promiscuous mode
[  928.363108][T17857] syzkaller0: entered allmulticast mode
[  928.384711][T17860] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3321'.
[  929.077956][T17874] loop0: detected capacity change from 0 to 1024
[  929.120448][T14304] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  929.444616][T17874] EXT4-fs: inline encryption not supported
[  929.458146][T17874] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  929.522959][T17882] (null): rxe_set_mtu: Set mtu to 1024
[  929.529249][T17882] rdma_rxe: rxe_newlink: failed to add ip6gretap0
[  929.614093][T17874] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  929.935185][T14741] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  930.907188][T17893] loop0: detected capacity change from 0 to 256
[  931.763363][ T1275] ieee802154 phy0 wpan0: encryption failed: -22
[  931.770009][ T1275] ieee802154 phy1 wpan1: encryption failed: -22
[  935.834860][T17875] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  935.851515][T17882] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  936.003766][T17904] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3333'.
[  936.045882][T17907] binder: 17906:17907 ioctl 4018620d 0 returned -22
[  936.265506][T17916] loop3: detected capacity change from 0 to 256
[  937.219824][T17921] syzkaller0: entered promiscuous mode
[  937.280570][T17921] syzkaller0: entered allmulticast mode
[  941.138704][T17930] netlink: 76 bytes leftover after parsing attributes in process `syz.1.3339'.
[  941.180355][T17935] syzkaller0: entered promiscuous mode
[  941.210590][T17935] syzkaller0: entered allmulticast mode
[  941.216031][T17954] syz1: rxe_newlink: already configured on ip6gretap0
[  943.951552][T17944] syzkaller0: entered promiscuous mode
[  943.957163][T17944] syzkaller0: entered allmulticast mode
[  946.479373][T17954] infiniband syz1: set active
[  946.487381][T17954] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  946.517539][T17958] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  946.528802][T17965] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3345'.
[  946.548313][ T9494] ip6gretap0 speed is unknown, defaulting to 1000
[  946.674242][T17968] binder: 17967:17968 ioctl 4018620d 0 returned -22
[  946.904494][T17979] loop3: detected capacity change from 0 to 1024
[  946.964033][T17979] EXT4-fs: inline encryption not supported
[  947.001480][T17979] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  947.140011][T17979] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  947.679724][T13772] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  947.752742][T17991] syzkaller0: entered promiscuous mode
[  947.759503][T17991] syzkaller0: entered allmulticast mode
[  947.767578][T17993] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3353'.
[  947.777478][T17993] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3353'.
[  947.830246][T17996] (null): rxe_set_mtu: Set mtu to 1024
[  947.854274][T17996] rdma_rxe: rxe_newlink: failed to add ip6gretap0
[  948.675676][T17996] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -512 0
[  950.836613][T18001] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3356'.
[  950.952196][T18017] syzkaller0: entered promiscuous mode
[  950.983332][T18017] syzkaller0: entered allmulticast mode
[  951.361659][T18027] loop2: detected capacity change from 0 to 32768
[  952.101223][T18044] (null): rxe_set_mtu: Set mtu to 1024
[  952.107613][T18044] rdma_rxe: rxe_newlink: failed to add ip6gretap0
[  952.488030][T18046] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3367'.
[  952.917555][T18044] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -512 0
[  953.169254][T18055] syzkaller0: entered promiscuous mode
[  953.185281][T18063] loop1: detected capacity change from 0 to 8
[  953.192299][T18063] squashfs: Unknown parameter 'ÿÿÿÿ'
[  953.198321][T18055] syzkaller0: entered allmulticast mode
[  953.263420][ T9496] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  953.485742][ T9496] usb 3-1: unable to get BOS descriptor or descriptor too short
[  953.500022][ T9496] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  953.510421][ T9496] usb 3-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  953.526200][ T9496] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7
[  953.554316][ T9496] usb 3-1: New USB device found, idVendor=2b53, idProduct=0024, bcdDevice= 0.40
[  953.559295][T18060] loop0: detected capacity change from 0 to 32768
[  953.565840][ T9496] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  953.578703][ T9496] usb 3-1: Product: syz
[  953.582919][ T9496] usb 3-1: Manufacturer: syz
[  953.595645][T18060] (syz.0.3371,18060,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  953.624268][ T9496] usb 3-1: SerialNumber: syz
[  953.640650][T18060] (syz.0.3371,18060,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  953.748607][T18060] JBD2: Ignoring recovery information on journal
[  954.070800][T18077] loop2: detected capacity change from 0 to 4096
[  954.085371][T18077] ntfs3: loop2: Different NTFS sector size (2048) and media sector size (512).
[  954.120491][T18060] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  954.131994][T18077] ntfs3: loop2: Mark volume as dirty due to NTFS errors
[  954.151304][T18077] ntfs3: loop2: try to read out of volume at offset 0x1ff000
[  954.159275][T18077] ntfs3: loop2: Failed to load $MFT.
[  956.722482][   T27] audit: type=1800 audit(1774600320.715:9): pid=18060 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.3371" name="file1" dev="loop0" ino=16978 res=0 errno=0
[  957.470051][T14741] ocfs2: Unmounting device (7,0) on (node local)
[  957.544174][ T9496] usb 3-1: USB disconnect, device number 14
[  957.586709][T16928] udevd[16928]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  958.304444][T18102] loop2: detected capacity change from 0 to 32768
[  959.319828][T18107] loop2: detected capacity change from 0 to 1024
[  959.340203][T18107] EXT4-fs: inline encryption not supported
[  959.351099][T18107] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  959.434576][T18107] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  959.519845][T18107] EXT4-fs warning (device loop2): ext4_xattr_inode_get:560: inode #18: comm syz.2.3377: EA inode hash validation failed
[  959.578000][T13494] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  960.730361][T18112] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3378'.
[  960.847203][T18115] syz1: rxe_newlink: already configured on ip6gretap0
[  961.184217][T18125] syzkaller0: entered promiscuous mode
[  961.189842][T18125] syzkaller0: entered allmulticast mode
[  961.248396][T18123] loop0: detected capacity change from 0 to 32768
[  961.315304][T18123] JBD2: Ignoring recovery information on journal
[  961.402341][ T5874] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  961.424622][T18123] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  961.644724][ T5874] usb 4-1: unable to get BOS descriptor or descriptor too short
[  961.654090][ T5874] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  961.668314][ T5874] usb 4-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  961.677696][ T5874] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7
[  961.680078][T18115] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -512 0
[  961.696513][ T5874] usb 4-1: New USB device found, idVendor=2b53, idProduct=0024, bcdDevice= 0.40
[  961.734039][T18131] (syz.0.3381,18131,1):ocfs2_remount:623 ERROR: Cannot change heartbeat mode on remount
[  961.763308][ T5874] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  961.771372][ T5874] usb 4-1: Product: syz
[  961.787591][ T5874] usb 4-1: Manufacturer: syz
[  961.792254][ T5874] usb 4-1: SerialNumber: syz
[  961.973548][T14741] ocfs2: Unmounting device (7,0) on (node local)
[  962.257452][T18141] loop3: detected capacity change from 0 to 4096
[  962.276236][T18141] ntfs3: loop3: Different NTFS sector size (2048) and media sector size (512).
[  962.336702][T18141] ntfs3: loop3: Mark volume as dirty due to NTFS errors
[  962.348680][T18141] ntfs3: loop3: try to read out of volume at offset 0x1ff000
[  962.356641][T18141] ntfs3: loop3: Failed to load $MFT.
[  964.224245][ T5874] usb 4-1: USB disconnect, device number 14
[  964.309905][T16928] udevd[16928]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  964.465775][T18147] loop0: detected capacity change from 0 to 32768
[  964.499232][T18147] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop0 scanned by syz.0.3385 (18147)
[  964.531919][T18147] BTRFS info (device loop0): first mount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0
[  964.542456][T18147] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm
[  964.551258][T18147] BTRFS info (device loop0): enabling disk space caching
[  964.558459][T18147] BTRFS info (device loop0): force clearing of disk cache
[  964.565749][T18147] BTRFS info (device loop0): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  964.575259][T18147] BTRFS info (device loop0): use zstd compression, level 3
[  964.582491][T18147] BTRFS info (device loop0): disk space caching is enabled
[  964.818075][T18147] BTRFS info (device loop0): enabling ssd optimizations
[  964.826263][T18147] BTRFS info (device loop0): auto enabling async discard
[  964.849229][T18147] BTRFS info (device loop0): rebuilding free space tree
[  965.000915][T18147] BTRFS info (device loop0): disabling free space tree
[  965.008180][T18147] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  965.018691][T18147] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  965.102908][T18147] capability: warning: `syz.0.3385' uses deprecated v2 capabilities in a way that may be insecure
[  965.605010][T18185] fs-verity: sha512 using implementation "sha512-avx2"
[  965.808804][T18185] BTRFS info (device loop0): setting compat-ro feature flag for VERITY (0x4)
[  967.979459][T18194] syzkaller0: entered promiscuous mode
[  967.981873][T14741] BTRFS info (device loop0): last unmount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0
[  967.997788][T18194] syzkaller0: entered allmulticast mode
[  968.245362][T18199] loop1: detected capacity change from 0 to 1024
[  968.261805][T18199] EXT4-fs: Ignoring removed nomblk_io_submit option
[  968.324755][T18199] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  968.666370][T18209] ip6t_REJECT: TCP_RESET illegal for non-tcp
[  968.954607][T18221] loop0: detected capacity change from 0 to 1024
[  968.981353][T18221] EXT4-fs: Ignoring removed nomblk_io_submit option
[  969.051440][T18221] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  969.206749][T14304] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  969.273805][T18227] syzkaller1: entered promiscuous mode
[  969.291883][T18227] syzkaller1: entered allmulticast mode
[  969.527058][T18230] delete_channel: no stack
[  969.746348][T18233] syzkaller0: entered promiscuous mode
[  969.752225][T18233] syzkaller0: entered allmulticast mode
[  969.862360][T14741] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  971.027473][T18272] loop2: detected capacity change from 0 to 32768
[  974.250255][T18292] delete_channel: no stack
[  974.371375][T18299] loop2: detected capacity change from 0 to 1024
[  975.234337][T18299] EXT4-fs: Ignoring removed nomblk_io_submit option
[  975.345904][T18299] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  975.733811][T18296] loop1: detected capacity change from 0 to 32768
[  975.829708][T18314] syzkaller0: entered promiscuous mode
[  975.838025][T18314] syzkaller0: entered allmulticast mode
[  976.045340][   T27] audit: type=1800 audit(1774600339.995:10): pid=18296 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.3411" name="file1" dev="loop1" ino=4 res=0 errno=0
[  976.186721][T13494] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  979.983865][T18363] loop3: detected capacity change from 0 to 256
[  981.585341][T18365] syzkaller0: entered promiscuous mode
[  981.612000][T18365] syzkaller0: entered allmulticast mode
[  981.698498][T18376] loop1: detected capacity change from 0 to 256
[  981.859485][   T27] audit: type=1800 audit(1774600345.865:11): pid=18376 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.3424" name="file1" dev="loop1" ino=1048636 res=0 errno=0
[  982.182737][T18378] loop3: detected capacity change from 0 to 512
[  982.207597][T18380] loop1: detected capacity change from 0 to 1024
[  982.214048][T18378] EXT4-fs: Ignoring removed nobh option
[  982.230866][T18378] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  982.232389][T18380] EXT4-fs: Ignoring removed nomblk_io_submit option
[  982.312550][T18380] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  982.313767][T18378] EXT4-fs (loop3): 1 truncate cleaned up
[  982.363596][T18378] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  982.882075][T13772] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  983.171760][T14304] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  983.261935][T18397] syzkaller0: entered promiscuous mode
[  983.268281][T18397] syzkaller0: entered allmulticast mode
[  983.277605][T18399] syzkaller0: entered promiscuous mode
[  983.283713][T18399] syzkaller0: entered allmulticast mode
[  984.417153][T18408] delete_channel: no stack
[  987.126943][T18412] netdevsim netdevsim0: loading /lib/firmware/. failed with error -22
[  987.138269][T18412] netdevsim netdevsim0: Direct firmware load for . failed with error -22
[  987.153437][T18412] netdevsim netdevsim0: Falling back to sysfs fallback for: .
[  987.433938][T18429] loop2: detected capacity change from 0 to 16
[  987.499598][T18429] erofs: (device loop2): mounted with root inode @ nid 36.
[  987.820894][T18430] loop1: detected capacity change from 0 to 32768
[  987.883033][T18432] ip6_tunnel: non-ECT from fc02:0000:0000:0000:0000:0000:0000:0000 with DS=0x1
[  987.984801][T18430] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  987.993064][T18430] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  988.031019][T18430] gfs2: fsid=syz:syz.0: journal 0 mapped with 3 extents in 0ms
[  988.164813][ T5874] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  988.439196][ T5874] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  988.494170][T18436] syzkaller0: entered promiscuous mode
[  988.518904][T18436] syzkaller0: entered allmulticast mode
[  989.424808][ T5874] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 985ms
[  989.432548][ T5874] gfs2: fsid=syz:syz.0: jid=0: Done
[  989.454523][T18430] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  989.674398][T18430] gfs2: fsid=syz:syz.0: found 1 quota changes
[  989.785422][T14304] gfs2: fsid=syz:syz.0: warning: assertion "!qd->qd_change" failed at function = gfs2_qd_dispose, file = fs/gfs2/quota.c, line = 129
[  989.813583][T14304] CPU: 0 PID: 14304 Comm: syz-executor Not tainted syzkaller #0
[  989.821288][T14304] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  989.832863][T14304] Call Trace:
[  989.836264][T14304]  <TASK>
[  989.839209][T14304]  dump_stack_lvl+0x18c/0x250
[  989.844216][T14304]  ? show_regs_print_info+0x20/0x20
[  989.849454][T14304]  ? load_image+0x400/0x400
[  989.853995][T14304]  ? do_raw_spin_unlock+0x121/0x230
[  989.859237][T14304]  gfs2_assert_warn_i+0x193/0x2c0
[  989.864302][T14304]  gfs2_qd_dispose+0x4aa/0x5b0
[  989.869090][T14304]  gfs2_quota_cleanup+0x410/0x720
[  989.870639][T18425] loop0: detected capacity change from 0 to 32768
[  989.874114][T14304]  ? spin_lock_bucket+0x150/0x150
[  989.874136][T14304]  ? __might_sleep+0xe0/0xe0
[  989.874159][T14304]  ? gfs2_ail_empty_tr+0x2f0/0x2f0
[  989.874178][T14304]  ? gfs2_quota_sync+0x591/0x5a0
[  989.874203][T14304]  gfs2_make_fs_ro+0x2aa/0x320
[  989.874223][T14304]  ? gfs2_dinode_out+0xb10/0xb10
[  989.874242][T14304]  ? __lock_acquire+0x7d40/0x7d40
[  989.883349][ T5874] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[  989.885650][T14304]  ? __rwlock_init+0x150/0x150
[  989.905247][T18425] (syz.0.3433,18425,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  989.909938][T14304]  ? do_raw_spin_unlock+0x121/0x230
[  989.918588][T18425] (syz.0.3433,18425,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  989.922506][T14304]  gfs2_put_super+0x224/0x930
[  989.963929][T14304]  ? gfs2_evict_inode+0x1350/0x1350
[  989.969144][T14304]  generic_shutdown_super+0x134/0x2b0
[  989.974536][T14304]  kill_block_super+0x44/0x90
[  989.979244][T14304]  deactivate_locked_super+0x97/0x100
[  989.984649][T14304]  cleanup_mnt+0x43b/0x4d0
[  989.984750][T18425] JBD2: Ignoring recovery information on journal
[  989.989074][T14304]  task_work_run+0x1d4/0x260
[  989.989106][T14304]  ? task_work_cancel+0x220/0x220
[  990.005078][T14304]  ? exit_to_user_mode_loop+0x3b/0x110
[  990.010606][T14304]  exit_to_user_mode_loop+0xe6/0x110
[  990.015942][T14304]  exit_to_user_mode_prepare+0xee/0x180
[  990.021703][T14304]  syscall_exit_to_user_mode+0x1a/0x50
[  990.027196][T14304]  do_syscall_64+0x61/0xa0
[  990.031644][T14304]  ? clear_bhb_loop+0x40/0x90
[  990.036355][T14304]  ? clear_bhb_loop+0x40/0x90
[  990.041069][T14304]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  990.046996][T14304] RIP: 0033:0x7efe6419d9d7
[  990.051434][T14304] Code: a2 c7 05 1c fd 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8
[  990.061293][T18425] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  990.071040][T14304] RSP: 002b:00007ffc673f99b8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  990.071063][T14304] RAX: 0000000000000000 RBX: 00007efe64232050 RCX: 00007efe6419d9d7
[  990.071073][T14304] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffc673f9a70
[  990.071082][T14304] RBP: 00007ffc673f9a70 R08: 00007ffc673faa70 R09: 00000000ffffffff
[  990.071091][T14304] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffc673fab00
[  990.071101][T14304] R13: 00007efe64232050 R14: 00000000000f1a03 R15: 00007ffc673fab40
[  990.071125][T14304]  </TASK>
[  990.144875][ T5874] usb 4-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  990.180756][   T27] audit: type=1800 audit(1774600354.185:12): pid=18425 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.3433" name="file1" dev="loop0" ino=16978 res=0 errno=0
[  990.201845][ T5874] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  990.257675][ T5874] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  990.323789][ T5874] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  990.377785][ T5874] usb 4-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  990.423570][T14741] ocfs2: Unmounting device (7,0) on (node local)
[  990.429751][ T5874] usb 4-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  990.450696][ T5874] usb 4-1: Manufacturer: syz
[  990.493010][ T5874] usb 4-1: config 0 descriptor??
[  990.512891][T18458] syzkaller0: entered promiscuous mode
[  990.532269][T18458] syzkaller0: entered allmulticast mode
[  990.631156][T18462] tipc: Enabling of bearer <eth:syzk> rejected, failed to enable media
[  990.672265][T18463] x_tables: ip_tables: sctp match: only valid for protocol 132
[  990.960601][ T5874] appleir 0003:05AC:8243.0001: unknown main item tag 0x0
[  990.987831][T18462] syzkaller0: entered promiscuous mode
[  990.992330][ T5874] appleir 0003:05AC:8243.0001: No inputs registered, leaving
[  990.994000][T18462] syzkaller0: entered allmulticast mode
[  991.099162][ T5874] appleir 0003:05AC:8243.0001: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.3-1/input0
[  992.147676][T18467] delete_channel: no stack
[  993.143715][T18484] loop3: detected capacity change from 0 to 32768
[  993.187682][ T1275] ieee802154 phy0 wpan0: encryption failed: -22
[  993.195399][ T1275] ieee802154 phy1 wpan1: encryption failed: -22
[  993.394815][ T5874] usb 4-1: USB disconnect, device number 15
[  995.829567][T18472] netdevsim netdevsim2: loading /lib/firmware/. failed with error -22
[  995.838964][T18472] netdevsim netdevsim2: Direct firmware load for . failed with error -22
[  995.852061][T18472] netdevsim netdevsim2: Falling back to sysfs fallback for: .
[  996.066717][T18507] loop1: detected capacity change from 0 to 1024
[  996.086894][T18507] EXT4-fs: inline encryption not supported
[  996.103033][T18505] loop2: detected capacity change from 0 to 2048
[  996.164264][T18507] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  996.219193][T18505] UDF-fs: error (device loop2): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0
[  996.270295][T18505] UDF-fs: warning (device loop2): udf_load_vrs: No anchor found
[  996.303302][T18505] UDF-fs: Scanning with blocksize 512 failed
[  996.312735][T18507] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  996.326658][   T27] audit: type=1326 audit(1774600360.335:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18519 comm="syz.0.3453" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb2b8d9c799 code=0x0
[  996.373075][T18517] syzkaller0: entered promiscuous mode
[  996.393398][T18517] syzkaller0: entered allmulticast mode
[  996.408212][T18505] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  996.469603][T14304] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  996.607319][   T27] audit: type=1800 audit(1774600360.605:14): pid=18505 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.3448" name="file1" dev="loop2" ino=838 res=0 errno=0
[  996.795458][T18526] program syz.2.3448 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  996.999846][T18531] netdevsim netdevsim1: loading /lib/firmware/. failed with error -22
[  997.009201][T18531] netdevsim netdevsim1: Direct firmware load for . failed with error -22
[  997.017866][T18531] netdevsim netdevsim1: Falling back to sysfs fallback for: .
[  997.673001][T18527] delete_channel: no stack
[  997.877626][T18536] tipc: Enabling of bearer <eth:syzk> rejected, failed to enable media
[  998.018080][T18536] syzkaller0: entered promiscuous mode
[  998.047457][T18536] syzkaller0: entered allmulticast mode
[  998.126813][T18538] syzkaller0: entered promiscuous mode
[  998.207333][T18538] syzkaller0: entered allmulticast mode
[  999.323136][T18563] loop0: detected capacity change from 0 to 1024
[  999.360407][T18563] EXT4-fs: inline encryption not supported
[  999.424039][T18563] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  999.509999][T18563] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  999.625365][T14741] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1002.505837][T18597] loop1: detected capacity change from 0 to 16
[ 1002.538685][T18597] erofs: (device loop1): mounted with root inode @ nid 36.
[ 1002.900773][T18603] loop3: detected capacity change from 0 to 32768
[ 1003.643414][T18603] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 scanned by syz.3.3471 (18603)
[ 1003.827293][T18603] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[ 1003.837583][T18603] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm
[ 1003.846713][T18603] BTRFS info (device loop3): setting nodatacow, compression disabled
[ 1003.854872][T18603] BTRFS info (device loop3): force clearing of disk cache
[ 1003.861974][T18603] BTRFS info (device loop3): enabling ssd optimizations
[ 1003.868980][T18603] BTRFS info (device loop3): using spread ssd allocation scheme
[ 1003.876652][T18603] BTRFS info (device loop3): disabling free space tree
[ 1003.883574][T18603] BTRFS info (device loop3): not using ssd optimizations
[ 1003.890606][T18603] BTRFS info (device loop3): not using spread ssd allocation scheme
[ 1003.980346][ T4487] BTRFS warning (device loop3): checksum verify failed on logical 5328896 mirror 1 wanted 0xac8366d3d2e6f7dc04e332773638acafeccdac9b39be662d19e98924efedf548 found 0x9a8b585491a9014beb142d92115e172274bbe0f06b5fe5f2e4d43cd3afae2e7c level 0
[ 1004.013342][T18603] BTRFS warning (device loop3): failed to read root (objectid=4): -5
[ 1004.068675][T18584] loop2: detected capacity change from 0 to 32768
[ 1004.081366][T18603] BTRFS error (device loop3): open_ctree failed: -5
[ 1004.129545][T18584] (syz.2.3465,18584,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[ 1004.196628][T18584] (syz.2.3465,18584,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[ 1004.312937][T18434] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 scanned by udevd (18434)
[ 1004.367589][T18584] JBD2: Ignoring recovery information on journal
[ 1004.383105][T18635] tipc: Enabling of bearer <eth:syzk> rejected, failed to enable media
[ 1004.462684][T18635] syzkaller0: entered promiscuous mode
[ 1004.469541][T18635] syzkaller0: entered allmulticast mode
[ 1004.526758][T18584] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[ 1004.780784][   T27] audit: type=1800 audit(1774600368.785:15): pid=18584 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.3465" name="file1" dev="loop2" ino=16978 res=0 errno=0
[ 1005.038507][T13494] ocfs2: Unmounting device (7,2) on (node local)
[ 1008.014225][T18670] syz1: rxe_newlink: already configured on ip6gretap0
[ 1008.038440][T18670] infiniband syz1: set active
[ 1008.053247][T18670] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1008.064575][T18672] loop3: detected capacity change from 0 to 16
[ 1008.070844][T17000] ip6gretap0 speed is unknown, defaulting to 1000
[ 1008.095491][T18672] erofs: (device loop3): mounted with root inode @ nid 36.
[ 1008.983274][T18670] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -512 0
[ 1009.245725][T18687] tipc: Enabling of bearer <eth:syzkall> rejected, failed to enable media
[ 1009.373140][T18680] loop0: detected capacity change from 0 to 32768
[ 1009.566492][T18688] xt_connbytes: Forcing CT accounting to be enabled
[ 1009.656679][T18688] x_tables: ip_tables: sctp match: only valid for protocol 132
[ 1009.797747][T18696] ERROR: (device loop0): dbAdjCtl: the maximum free buddy is not the old root
[ 1009.797747][T18696] 
[ 1009.809610][T18696] ERROR: (device loop0): remounting filesystem as read-only
[ 1010.043916][T18687] syzkaller0: entered promiscuous mode
[ 1010.106026][T18687] syzkaller0: entered allmulticast mode
[ 1010.987235][T18722] loop0: detected capacity change from 0 to 32768
[ 1011.419993][T18725] ERROR: (device loop0): dbAdjCtl: the maximum free buddy is not the old root
[ 1011.419993][T18725] 
[ 1011.442739][T18725] ERROR: (device loop0): remounting filesystem as read-only
[ 1011.655350][T14741] ------------[ cut here ]------------
[ 1011.672481][T14741] kernel BUG at fs/jfs/inode.c:175!
[ 1011.678441][T14741] invalid opcode: 0000 [#1] PREEMPT SMP KASAN
[ 1011.684548][T14741] CPU: 0 PID: 14741 Comm: syz-executor Not tainted syzkaller #0
[ 1011.692201][T14741] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1011.702265][T14741] RIP: 0010:jfs_evict_inode+0x431/0x440
[ 1011.707816][T14741] Code: df fe e9 e0 fd ff ff 44 89 f1 80 e1 07 80 c1 03 38 c1 0f 8c 23 fe ff ff 4c 89 f7 e8 49 c2 df fe e9 16 fe ff ff e8 4f 86 87 fe <0f> 0b 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 f3 0f 1e fa 41 57 41
[ 1011.727425][T14741] RSP: 0018:ffffc90003267ac0 EFLAGS: 00010293
[ 1011.733480][T14741] RAX: ffffffff82ff99d1 RBX: ffff88805e0260b0 RCX: ffff8880220c8000
[ 1011.741440][T14741] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff88805e0260b0
[ 1011.749410][T14741] RBP: 0000000000000001 R08: ffffffff911c3687 R09: 1ffffffff22386d0
[ 1011.757385][T14741] R10: dffffc0000000000 R11: fffffbfff22386d1 R12: dffffc0000000000
[ 1011.765344][T14741] R13: dffffc0000000000 R14: ffff88805e025d38 R15: ffff88805e0260e8
[ 1011.773338][T14741] FS:  00005555671ad500(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000
[ 1011.782258][T14741] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1011.788827][T14741] CR2: 00007f18413f9810 CR3: 0000000065502000 CR4: 00000000003506f0
[ 1011.796791][T14741] Call Trace:
[ 1011.800059][T14741]  <TASK>
[ 1011.802978][T14741]  ? evict+0x4c4/0x8d0
[ 1011.807039][T14741]  ? jfs_write_inode+0x220/0x220
[ 1011.811967][T14741]  evict+0x4ca/0x8d0
[ 1011.815854][T14741]  ? proc_nr_inodes+0x230/0x230
[ 1011.820695][T14741]  ? do_raw_spin_unlock+0x121/0x230
[ 1011.825884][T14741]  ? do_raw_spin_unlock+0x121/0x230
[ 1011.831162][T14741]  evict_inodes+0x606/0x6a0
[ 1011.835657][T14741]  ? clear_inode+0x150/0x150
[ 1011.840237][T14741]  generic_shutdown_super+0x97/0x2b0
[ 1011.845510][T14741]  kill_block_super+0x44/0x90
[ 1011.850174][T14741]  deactivate_locked_super+0x97/0x100
[ 1011.855538][T14741]  cleanup_mnt+0x43b/0x4d0
[ 1011.859940][T14741]  task_work_run+0x1d4/0x260
[ 1011.864522][T14741]  ? task_work_cancel+0x220/0x220
[ 1011.869537][T14741]  ? exit_to_user_mode_loop+0x3b/0x110
[ 1011.874986][T14741]  exit_to_user_mode_loop+0xe6/0x110
[ 1011.880265][T14741]  exit_to_user_mode_prepare+0xee/0x180
[ 1011.885798][T14741]  syscall_exit_to_user_mode+0x1a/0x50
[ 1011.891246][T14741]  do_syscall_64+0x61/0xa0
[ 1011.895651][T14741]  ? clear_bhb_loop+0x40/0x90
[ 1011.900318][T14741]  ? clear_bhb_loop+0x40/0x90
[ 1011.904982][T14741]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1011.910862][T14741] RIP: 0033:0x7fb2b8d9d9d7
[ 1011.915264][T14741] Code: a2 c7 05 1c fd 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8
[ 1011.934856][T14741] RSP: 002b:00007ffea1162398 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[ 1011.943256][T14741] RAX: 0000000000000000 RBX: 00007fb2b8e32050 RCX: 00007fb2b8d9d9d7
[ 1011.951217][T14741] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffea1162450
[ 1011.959176][T14741] RBP: 00007ffea1162450 R08: 00007ffea1163450 R09: 00000000ffffffff
[ 1011.967140][T14741] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffea11634e0
[ 1011.975094][T14741] R13: 00007fb2b8e32050 R14: 00000000000f6f7e R15: 00007ffea1163520
[ 1011.983061][T14741]  </TASK>
[ 1011.986063][T14741] Modules linked in:
[ 1011.990501][T14741] ---[ end trace 0000000000000000 ]---
[ 1011.995985][T14741] RIP: 0010:jfs_evict_inode+0x431/0x440
[ 1012.002356][T14741] Code: df fe e9 e0 fd ff ff 44 89 f1 80 e1 07 80 c1 03 38 c1 0f 8c 23 fe ff ff 4c 89 f7 e8 49 c2 df fe e9 16 fe ff ff e8 4f 86 87 fe <0f> 0b 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 f3 0f 1e fa 41 57 41
[ 1012.038884][T14741] RSP: 0018:ffffc90003267ac0 EFLAGS: 00010293
[ 1012.045224][T14741] RAX: ffffffff82ff99d1 RBX: ffff88805e0260b0 RCX: ffff8880220c8000
[ 1012.053414][T14741] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff88805e0260b0
[ 1012.061587][T14741] RBP: 0000000000000001 R08: ffffffff911c3687 R09: 1ffffffff22386d0
[ 1012.069683][T14741] R10: dffffc0000000000 R11: fffffbfff22386d1 R12: dffffc0000000000
[ 1012.077834][T14741] R13: dffffc0000000000 R14: ffff88805e025d38 R15: ffff88805e0260e8
[ 1012.085859][T14741] FS:  00005555671ad500(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000
[ 1012.094989][T14741] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1012.101697][T14741] CR2: 00007f18413f9810 CR3: 0000000065502000 CR4: 00000000003506f0
[ 1012.109887][T14741] Kernel panic - not syncing: Fatal exception
[ 1012.116303][T14741] Kernel Offset: disabled
[ 1012.120615][T14741] Rebooting in 86400 seconds..