last executing test programs: 7.79418421s ago: executing program 0 (id=309): bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1}, 0x48) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, 0x0) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x4d801) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f00000005c0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc6751dfb265a0d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fd52347125907000000000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df262ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71d20fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada12f7a1001500a710eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff000000000000000000000000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18a904c0e585a66c3b84b138efc20a546d3d5227e23b03f2a834391ad24fe7d9b20cf92cb151763d41f5c76e2ff3e93ee296c4082ee73e7e197253a2b66c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0842b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f04c7f0be31491eb8c9ff68236c8600000000000000000000000066e034c81c3cab4e33fc8dc55ce0ada18dcbf31c6ea1893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f2243471221c15fa12313ffbfa7c2730302b66a99f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca20508011132153c528f7bca92980a3223c5b9cdddedb0a14adddf9a6e70a26b5c0ee0879c349814bee9d96d8bd23db4e801d49201ae84090455682794098afa42b34196b1d849020eeeb1ef48d003d71524683d7cdfa841bca708414fb8ff49742420d1ab7fa678aa4806d5247616e8bc0b02887f8efe9310ccf9bec1c9b7f6671c9d59ac6b09b4436cafdd1887c8e884c930d21ace088ccc99a94d4b33da2fc1b1310bb607a9"], &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x6}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000240)={0xffffffffffffffff, 0x0, 0x0}, 0x10) r4 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x0) mmap(&(0x7f000001a000/0x3000)=nil, 0x3000, 0xf, 0x11012, r4, 0x0) r5 = fsopen(&(0x7f0000000000)='bpf\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r5, 0x6, 0x0, 0x0, 0x0) 6.520154734s ago: executing program 0 (id=313): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f00000000c0)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x46d, 0xc293, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x2, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x7}}}}]}}]}}, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r1 = getpid() sched_setscheduler(r1, 0x1, &(0x7f0000000100)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000240)='sched_switch\x00', r2}, 0x10) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000040)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x10, 0x10, 0x2, [@int]}}, 0x0, 0x2a}, 0x20) bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000001c0)={r3, 0x38, 0x0}, 0x10) listen(0xffffffffffffffff, 0x0) r4 = epoll_create(0x0) epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, 0xffffffffffffffff, &(0x7f00000000c0)={0xb0000000}) socket$netlink(0x10, 0x3, 0x0) r5 = socket(0x10, 0x3, 0x0) write(r5, &(0x7f0000000000)="240000001a005f0314f9f407000904000200000001000000000000000800040001000000", 0x24) recvmmsg(r5, &(0x7f0000006340)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000001740)=""/17, 0x11}}], 0x1, 0x0, 0x0) r6 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000040)={'syz_tun\x00', 0x0}) setsockopt$packet_int(r6, 0x107, 0xf, &(0x7f0000000080)=0xf3e, 0x62) sendto$packet(r6, &(0x7f00000000c0)="3f043608eee812002c001e0089e9aaa911d7c2290f0086dd1327c9167c643c4a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1529fdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0x11, 0x0, r7, 0x1, 0x0, 0x6, @multicast}, 0x14) bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) 6.29699616s ago: executing program 3 (id=316): bpf$MAP_CREATE(0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f00000005c0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc6751dfb265a0d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fd52347125907000000000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df262ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71d20fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada12f7a1001500a710eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff000000000000000000000000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18a904c0e585a66c3b84b138efc20a546d3d5227e23b03f2a834391ad24fe7d9b20cf92cb151763d41f5c76e2ff3e93ee296c4082ee73e7e197253a2b66c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0842b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f04c7f0be31491eb8c9ff68236c8600000000000000000000000066e034c81c3cab4e33fc8dc55ce0ada18dcbf31c6ea1893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f2243471221c15fa12313ffbfa7c2730302b66a99f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca20508011132153c528f7bca92980a3223c5b9cdddedb0a14adddf9a6e70a26b5c0ee0879c349814bee9d96d8bd23db4e801d49201ae84090455682794098afa42b34196b1d849020eeeb1ef48d003d71524683d7cdfa841bca708414fb8ff49742420d1ab7fa678aa4806d5247616e8bc0b02887f8efe9310ccf9bec1c9b7f6671c9d59ac6b09b4436cafdd1887c8e884c930d21ace088ccc99a94d4b33da2fc1b1310bb607a9ad65844655de1ac9fd36d12e07a821fb951368a970c58fb4f3f403fdaf68902874"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x6}, 0x70) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10) syz_open_dev$usbfs(0x0, 0x204, 0x0) socket$pppl2tp(0x18, 0x1, 0x1) r4 = fsopen(&(0x7f0000000000)='bpf\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0) r5 = fsmount(r4, 0x0, 0x0) symlinkat(&(0x7f0000000040)='.\x00', r5, &(0x7f0000000140)='./file0\x00') bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7020000111e6ca5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000020000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) mkdir(&(0x7f00000002c0)='./file0\x00', 0x0) mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='tmpfs\x00', 0x0, &(0x7f0000000240)='no,azytime') mount_setattr(r5, &(0x7f0000000200)='./file0\x00', 0x0, &(0x7f0000000300)={0x0, 0x78}, 0x20) 6.296566071s ago: executing program 1 (id=317): write$UHID_INPUT(0xffffffffffffffff, &(0x7f0000001040)={0xfc, {"a2e3ad09ed1a09f91b5d090987f70e06d038e7ff7fc6e5539b0d3d0e8b089b3f38306d090890e0879b0a0ac6e70a9b3348959b509a240d5b0af3988f7ef319520100ffe8d178708c523c921b1b5b31070d07640936cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006) socket$unix(0x1, 0x2, 0x0) sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000180)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x30, 0x30, 0x3, [@array={0x0, 0x0, 0x0, 0x3, 0x0, {0x5, 0x1, 0xfa5d}}, @volatile={0xf}, @func={0xb, 0x0, 0x0, 0xc, 0x1}]}, {0x0, [0x30]}}, &(0x7f0000002080)=""/4096, 0x4b, 0x1000, 0x1, 0x2}, 0x20) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@bloom_filter={0x1e, 0x80000001, 0x200006, 0xc, 0x500, 0x1, 0x5, '\x00', 0x0, r3, 0x5, 0x2, 0x5, 0x2}, 0x48) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000001e0000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r5}, 0x10) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000700), 0xffffffffffffffff) sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x4004, &(0x7f0000000640)={0xa, 0x4e24, 0x2, @local, 0x6}, 0x1c) sendmsg$ETHTOOL_MSG_WOL_SET(r6, &(0x7f0000005d40)={0x0, 0x0, &(0x7f0000005d00)={&(0x7f0000006240)={0x14, r7, 0x1, 0x0, 0x0, {0x1c}}, 0x14}}, 0x0) 5.529450698s ago: executing program 3 (id=319): r0 = openat$vhost_vsock(0xffffffffffffff9c, 0x0, 0x2, 0x0) r1 = syz_clone(0x6800100, &(0x7f00000011c0)="40a8e74d372483d642f32d1db6ca87ae88926307643578286522ab0f4824fc68c53b05294ae771444aa042ee8fb4c06033e1f0f8a537c52afc77c92fae3c58c9d21f74e4018cfe0f682607b5fef3dc13b36bf41a128208b685a29eb401b1158597b8be235b38ba63182bf77af4710951e6f97f738ea439b887a8e2767dc18aced971f087346c5e3f81a9739f3f1e6884613a0111fbac6cef02f7018d22448dab49841d08114187b860251eb893f92b050d1baf8dc11f7020b1b475d76d4fc4ab6566c0fbe2ecb1248c68a9c4b3466d3ef91d58374e31391a", 0xd8, &(0x7f00000012c0), &(0x7f0000001300), &(0x7f0000001340)="3011f0a2b06192409eded69198689c401fd5f4224997df59117d5a5bb561e0a44a0b26a66c5b9c4e0084c5c0cf698d657ab4ff125013d42c5e90dc7e2ccd281c2dd07bec5ddda58a628111748820f1b4f529399469ef2bc8b68c4aff19f5b3f409e28c3d609c9b8d64f0dccd5ed43521fe9bf11bfdb81da51c37a86fd3f605e87b5769a7b7ecc0a996f87c899f7bbdfdaad1e0ab7a") prlimit64(r1, 0x2, &(0x7f0000001400)={0xd1, 0x1}, 0x0) ioctl$VHOST_SET_VRING_BUSYLOOP_TIMEOUT(r0, 0x4008af23, &(0x7f0000000300)={0x1, 0x4}) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000070000000000000000000085000000230000009500000000000000"], &(0x7f00000001c0)='GPL\x00', 0x4, 0x8f, &(0x7f00000002c0)=""/143}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x0, 0x25, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x56, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001300)={&(0x7f0000000700)='net_dev_start_xmit\x00', r3}, 0x10) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00010000850000000d000000b7000000000000009500000000000000496cf2827fb43a431ca7f8fbc9cdfa146ec56175037958e271f60d25b7937f02c8695e5a1b2cdf41dc10d1e8bf076d83923dd29c0301000000010000003d5d58c07fa1f7e4d5b318e2ec0e0700897a74a0091ff110026e6d2ef831ab7ea0c34f17e3ad6e70af07da5ceb01b7551ef3bb6220030100dfd8e012e79578e51bc53099e90fbdb2ca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e060e3670ef0e789f93781965f1328d6704902cbe7bc0476619f28d99cde7a6b73340cc2160a1fe3c184b751c51160fbce841dfebd31a08b32808b80200000000009dd27080e71113610e10d8fb9c2aec61ce63a3462fd50117b89a9ab759b4eeb8cb000066d42b4e54861d0227dbfd2ed8576a3f7f3deadd7130856f756436303767d2e24f29e5dad9796edb697a6ea0180aabc18cae2ed4b4390af9a9ceafd07ed0030000002cab154ad029a119ca3c9727ec84222fff0d7216fdb0d3a0ec4bfae563858dc06e7c337642d3e5a815212f5e16c1b30c3a2a71bc85018e5ff2c910496f0dafc9ffc2cc788bee1b47683db01a46939868d75211bbae0e7313bff5d4c391ddece00fc772dd6b4d4d0a917b239fe12280fc92c88c5b8dcdcc22ee1747790a8992533ac2a9f5a699593f084419cae0b4183fb01c73f99857399537f5cc2acb72c7eae993fc9eb22d130665b6341da114f08cd0509d380578673fffffff7f23877a6b24db0e067345560942fa1c22015e53fd8a46be933ab460d8629fbef2461c96a08707671215c302fae29187d4f5c06a960fd37c10223fdae7ed04935c3c90d3add8eebc8619d73415e6adcda2130f5011e42e50adab988dd8f12baf5cc9398c88607a08009c2977aab37d9a44cfc1c7b4000000000000fa47742f6c5b9c4b11e7d7262a1457c39495c826b956ba859adfe38f77b91bd7d5ca1664fe2f3ced8468911806e8916dc15e21644db60c2499d5d16d7d915836ab26c169482008ef069dc42749289f854797f2f900c2a12d8c38a967c1bbe09315c29877a331bcc874b2f663ddeef0005b3d96c7aae73835d5a3cda9e90d76c1993e0799d4894ee7f8249dc1e3428d2129369ee1b85afa1a5b6154eb2eea0d0df414b315f65112412392191fa83ee830548f11e1038debd64cbe359454a3f2239cfe35f81b7ade8a5b859968ff0e90500d0b07c0dd00490f167e6d5c1109681739dc33f75b20428d6474a0a91ee90b8de802c6b538622e6bbcb80f87b415263c401e64ed69a2f75409000000000000001d695c4559b82cabac3cccadc1e1c19af4e03020abf5ff0433d660f20898d2a045d009a0ffb20a77c9af2b80c05184a66d30bbea2ca45a4d6d6d1e6e79aef42355a500587b603306a5af8d867d80a07f10d82eafb03062e95196d5e3ffea0000000000000be959096ea948cfa8e7194123e918914a71ad5a8521fb9553bc60f7d9719b55b3abb6bba3d113a680a8d46fe074c83fbe378a3889e8145b2eaceab05ef932c6e4f8ef0ed0d818a7b76d839cf3c63ebb4380b168c38fa32e49563cfee3a7f0fc18bfa32c418cef875fb49e2989177a1bcd1e30280bc586e79a5dd80701018e7d6e97b3ce267dd4e27b6ef206660090bb2164474cef378f97ca33fc03000000000000001547053453d0c9aec91a24079b21d52fb5516bf0c28ef37aa76442f6083dc99cd61afaf6be45d7b00d3639f2f10ac2d5c759c3e5468f0000000011d415b6b085fb73a2c7c3852e0e658ffeb4e863428a792bee94f6cd895424360e0464f9d7ea425f2fa6aac029d15af607ad83532ff181c985f54b39370c06e63055b4d6a36fa98a44e379d28307c9912fb097601f3f88a2ca6fd1f9320cfe7fc8e9f7f15f02e177ce23f43a154b42e26f037e8a01377cbd3f509e6e540c9ba9c2a589c95d8ad67a65e9a44c576dc24452eaa9d819e2b04bdd1c000000070000000000000000000000005333c6199c12dcd926891927a7267c47cf897853d160100b39b613faefe16bed1fc105dddd77ab929b837d4442d13d5a29179a00837918dd7854aa17eb9fbdc2bdc0e98ae2c3f23a6131e2879f04ff01000030b92dd493be66c2242f8184733b80ba28e8ffffff7f00000000bb2f89049c5f6d63d56995747639964217aacfe548bc869098aa8e07e51dbc9e2d4db3c5f79fd355222ec2a00cf7f2ccd6dd6d2dc2a815d8314221a5472f1318a9dfbec5a759579caf3262129b14e99040b5d91398e17df85c25ccae973eecc7d187168d5c9cd848d566cc17587641ed01889c927da38d83314480b15e23138c5b877a72bd4cf74a299df4fbfc8e6ea96939f15d254d9033c5a45706bda78ab60200000000000000000000000000000000000000706f78f0a2ea9667fb5b951808545a46830970c2dfae01adbda7d29bf1f7abdaf52e0de6f9d7150808ed086642e64ebf98762b34338b80e41b704c3eefaf0bb5ff070000000000000ea15ccc0d7a830b6eb33b6b61675511d693ef5e3c44bbf71cabc5f45c879e7499f8baae2a1a09cf38da73297764fbc0e723e1cc3abb12e3076982ed32c94a2ce3e6f37c47e983da4ca5c96187db5a2a2e1742bc93a65d7187126126b3a80f17dd2f7dbbe82d104ede9ba6925afc2ee6cb94f56f1363cad635abf8f983292c49c0ebf5005154c7b58a3a2a2ea86d2fd92b8661264f781e3fb02d05a28f3f17b64d0258853d45cb5ebde10cd3d82eeed2f1ed925b7cf400304932c5ed0a362b235ce37e1f17700f7d1fecf8be8a2c5d25a9c60657560d05441387ff158a018d19a286c58684a1d2f624c3eb59d509ee89cc2df52881d005b2e5c27563ba54e4153c132d0366aa660000000000000009c1aaec93ec0f925921fb2e9eb202a29bef28224dbabe723de5c584bc398a8792e493048c87f60a51a391e95921218149403558fd13c649f90b0911d57eeb298b590581eba1ce383b539ab80fd15445987b1bb4eb512545e1ab65fef3103ce10b1ee362b51c72f82edf2f502ddf52567775e34a56d1be892f1e62b08950d517fa6fb1b0ef2edf1b67f8644786116b037d4a36fdd30b000063e58c856ec44cbbc2d370553f832af9480215e09aaa3843fe360b1c293a14627f2cfbe278f31d0abc0f5aaa10926dbbfe8a4b131c13a73d4e6d065c2c0fed3ab8442520ce0e0ad7d2d177377ab197ace3ef8b1c24ceb0bdee84bd6e6317633938dd19dc42de7f8f860eca6d9c74525fcd3497526df4c13e3ba5f0d75365a4542ae9440d2fede416d61800aaf7e038879c5d177b3876fda4121e00000100000000003edd3d43cc64e0d26b46907b42e08d000000000000903350932d3eef7fdada20c19807066e3c72d0d816eb9fa50be213bf6bbb7ccb9f2e8a153e6ced68f192ebed6e86af0f2cec7335fa8039fd6eb025440bc2a34d071f0a0e6774308a74748b8cd994ed368695aa2c59869c9200a1306ffa5a71ca69e89a69fc858f37c2c398515a910a35e22ab0573c10b85df4c2972a2fb8b9c080fbb41a753791df727fdeaded2930376eda31312256191c620cce34d1e3bf40a4a207ab1575b399eb8155781bfc7cb5920b49c039935a888d77041894f60fbbcafa487ee96b368e8769da90b44190e569fe8b923c32c288baaca5c5558b5a78bb43e5d9e47a1d5809bb178184b5672d08e29aecf1f572ac1e6cab7e820751e95999b7532603494d37a2bff35a9eec46dfc8a52433f605ebf151c837b4966b5f3628a406175a87e32c5e4268d3000933b580415b162e2946446b8f02554c8a1225217d69d049685dd06aa8528673a9673a723ac414af77f523ad730d00e8700c213f95c87a94f39f506b9e000000000000000000000000000000000000000000000000000090668ac41a1c2a4f7831e6c6a3e9c68ca2c449482bb70a994e71a7f24873848fbb128c820c1de19cc003dfa65a2b296caeb1253802080e08eeb724c4c7b7e052afa19b0f2cd7a13bda4b5a8f3b8fa3ca70bb756a3d529718d5c79d9bdb89e5d33793533211d76d00a45079eff797476106bf76f1fed952a7c9162b88911b5b00c3d26fd2fb4d7b29d1ce025e102d458efd5cca3f3835ce760359eaa01cb13cb28d60e8942fdc02b6824c00dac62f8a2d4c680ae284a82f09d6641921536814b444e4188d9b2e97eb3b108e7876f0f3f3863147ab694218c7cecc075d52d590dddbb57fc6fedf5ec69d7894a7b5c8109f303dab998815c80534b0bd34c49eea63997e56728a8185a8bb6988a7197b87f5548f5edfdfb3efc907fe561b33a6f7c707f7828c6adaf3b2a39929b4b65253e787d65c08aff5e4a9b2267bd8f803ea38f10a6e9c4a49bf23525e08c12d229211fe4d88cf1440f29accfa50f327ac1fb20d7f164100111bd21fca713b2475f1c997f3000000000080c426bcec79c6bc83ce4e6cbb17c01be69db342192d0a716cc24710d23321441f475ec485d642b61c6bd907071dbbe37c0b78f60fd2ad0d13ca62d9d9aafb01c3920b64cb5e023810e2de4327f90c389ce36d90ff9f3cb9d8cd2260d05a8126943a3df17157470595c68ac8df7fea6d42ecb2cdb65b4f2aef0dc4b2de949a6d4ec37f2fd693ae44944041a64fe6336aba1c66b1b95d2edbc40364a049616ae962d75eae619548aa86bd5f0bad56e7ad7de2ee5e6f3b42e3a27094b6b5face99456d9af1926b21d37faf7612d9752cf58e6424decd530b5419e117ec086174439af6ee6c7fdb2d19c9280fa9a02e8fa6a38acfff09050d912635fed175fd06f577d40000000000000000000000000000754bffd73c0888ba8834f20b3acea57b7817663e12c1a5503bc4c13af59bda21688d68698c53ce3aa767657774db09ece7ec888d3af290207d36fa433b35e17dc0f3dc728ea1c633a4ef9e7d9bf81b57492e0544800921d1b751c5fbc163"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x55, 0x0, 0xffffffffffffffff, 0x3}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r4, 0x18000000000002a0, 0xe06, 0x1000000, &(0x7f0000000100)="b9ff030f6044238cb89e14f088ca1bff43052f002000636777fbac141443e000000d62079f4b4d2f87e56dca6aab845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0xfe, 0x60000000}, 0x2c) (fail_nth: 19) 5.23234728s ago: executing program 1 (id=320): pipe(&(0x7f0000001540)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) bind$inet6(r1, &(0x7f0000000000)={0xa, 0x8000002}, 0x1c) sendto$inet6(r1, 0x0, 0x0, 0x22004001, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x3000056, &(0x7f0000000440)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@jqfmt_vfsv1}, {@lazytime}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4007b1}}, {@orlov}, {@grpquota}, {@max_batch_time={'max_batch_time', 0x3d, 0x2}}, {@user_xattr}, {@bh}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}]}, 0x1, 0x54f, &(0x7f0000000b00)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbZdnamc8HbnvOvTc995t7v6fn5iQkgKE1kf0oRLwcEd8kEQfbto1GvnFibb/V+1dnsyWJRuPTv5JI8nWt/ZP89/688lJE/PZVxPHCxnZryysLpXI5Xczrk/XKpcna8sqJC5XSfDqfXpyemTn19sz0e+++M7BY3zj7z/ef3P7w1NdHV7/75e6hm0mcjgP5tvY4nsC19spETOTPyVicfmTHqQE0tpMk230A9GUkz/OxyPqAgzGSZz3w//dlRDSAIZXIfxhSrXFA695+QPfBz417H6zdAG2Mf3TttZHY07w32reaPHRnlN3vjg+g/ayNX/+8dTNbYnCvQwBs6dr1iDg5Orqx/0vy/q9/J3vY59E29H/w7NzOxj9vdhr/FNbHP9Fh/LO/Q+72Y+v8L9wdQDNdZeO/9zuOf9cnrcZH8toLzTHfWHL+QjnN+rYXI+JYjO3O6pvN55xavdPotq19/JctWfutsWB+HHdHdz/8mLlSvfQkMbe7dz3ilY7j32T9/Ccdzn/2fJztsY0j6a3Xum3bOv6nq/FTxOsdz/+DGa1k8/nJyeb1MNm6Kjb6+8aR37u1v93xZ+d/3+bxjyft87W1x2/jxz3/pt229Xv970o+a5Z35euulOr1xamIXcnHG9dPP3hsq97aP4v/2NHN+79O1//eiPi8x/hvHP751f7jf7qy+Oce6/w/fuHOR1/80K393s7/W83SsXxNL/1frwf4JM8dAAAAAAAA7DSFiDgQSaG4Xi4UisW193ccjn2FcrVWP36+unRxLpqflR2PsUJrpvtg2/shpvL3w7bq04/UZyLiUER8O7K3WS/OVstz2x08AAAAAAAAAAAAAAAAAAAA7BD7u3z+P/PHyHYfHfDU+cpvGF5b5v8gvukJ2JH8/4fhJf9heMl/GF7yH4aX/IfhJf9heMl/GF7yHwAAAAAAAAAAAAAAAAAAAAAAAAAAAAbq7Jkz2dJYvX91NqvPXV5eWqhePjGX1haKlaXZ4mx18VJxvlqdL6fF2Wplq79XrlYvTU3H0pXJelqrT9aWV85VqksX6+cuVErz6bl07JlEBQAAAAAAAAAAAAAAAAAAAM+X2vLKQqlcThcVFPoqjO6Mw1AYcGG7eyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeOC/AAAA///ktDiZ") r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001480)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c0ef815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaad1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69922050000f5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762e122428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302be7ff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9d3fded31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d9a0e06da200481cde8bf475bc3e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a000000000000000000000000000000000000000000000000000000bb60bc1f1635caf0ca9eabf804adc94e0a73923976299c7ac285542e5de1dd14183f1bb171eabe19fe98f551e1b635300d8e38f07eda29341535e532a6d64ed36fac9c77827bf85ac369eac8879e515b58a03438561c5e78157649c6d45e7e621b79d724e277f1ee49e5b63e81180626a73510be26082a097de42b016336707866d422a93e01c1cbe0cefd4a89dc24b0d7f549908b8620ffd7d900a0a96a381fdd763b39f0bc0af5faf593c5d39fdf43430e4b7c23b5cf691792248cfb9ec9f882dd19a9f6e9426b4f88fe14487942bb34e585083f7b98900682e2683922a94e2f0baecc00f74071d025220bcdbc7f5575ce72981e918681b5a0b1ee9af749885fd8cefb9e182b326eaebad4616647fe1c8c16e42e123c9651f634e962219f"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r3}, 0x10) socket$key(0xf, 0x3, 0x2) sendto$inet6(r1, &(0x7f0000000080), 0x0, 0x4014, 0x0, 0x0) shutdown(r1, 0x1) splice(r1, 0x0, r0, 0x0, 0x406f413, 0x0) 4.886200326s ago: executing program 3 (id=321): socket$packet(0x11, 0x2, 0x300) r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={0x0, r1}, 0x10) r2 = syz_usb_connect(0x0, 0x24, &(0x7f00000007c0)=ANY=[@ANYBLOB="1201000064172f2057155081ed29010203010902120001000000000904"], 0x0) syz_usb_control_io(r2, 0x0, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0x3, &(0x7f00000001c0)=@framed, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000000)='kfree\x00', r3}, 0x10) syz_usb_control_io$uac1(r2, 0x0, &(0x7f00000053c0)={0x44, &(0x7f00000051c0)={0x20, 0x0, 0x3, "251176"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000005380)={0x20, 0x85, 0x3, "26a335"}}) read$FUSE(0xffffffffffffffff, &(0x7f0000000c00)={0x2020, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x2020) r5 = syz_open_procfs(r4, &(0x7f0000000000)='environ\x00') preadv(r5, &(0x7f0000000380)=[{0x0}, {&(0x7f0000000040)=""/99, 0x63}], 0x2, 0x0, 0x0) r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x5}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r6}, &(0x7f0000000280), &(0x7f00000001c0)}, 0x20) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000540)='inet_sock_set_state\x00', r7}, 0x10) r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000540)='inet_sock_set_state\x00', r8}, 0x10) socket$inet_tcp(0x2, 0x1, 0x0) 4.611029386s ago: executing program 1 (id=324): ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'sit0\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x26, 0x4, 0x0, 0x0, 0x98, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast, @remote, {[@timestamp={0x44, 0x1c, 0x0, 0x0, 0x0, [0x401, 0x1000, 0x0, 0x3, 0x0, 0x0]}, @timestamp_prespec={0x44, 0x34, 0xc0, 0x3, 0x0, [{@multicast1}, {@dev={0xac, 0x14, 0x14, 0x1}, 0x659}, {@broadcast, 0x8000}, {@empty}, {@multicast1, 0xffd200}, {@private}]}, @timestamp_prespec={0x44, 0x24, 0x0, 0x3, 0x0, [{@multicast2}, {@private=0xa010101}, {}, {@broadcast}]}, @noop, @noop, @lsrr={0x83, 0xb, 0x0, [@private, @rand_addr]}]}}}}}) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r3, 0x89f1, &(0x7f0000000180)={'syztnl1\x00', &(0x7f0000000380)={'ip6tnl0\x00', r0, 0x29, 0x9, 0x5, 0x7, 0x50, @private0={0xfc, 0x0, '\x00', 0x1}, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x40, 0x80, 0x200, 0x1}}) setsockopt$packet_add_memb(r3, 0x107, 0x1, &(0x7f0000000280)={r4, 0x1, 0x6}, 0x10) write$binfmt_script(r3, &(0x7f0000000240), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r3, 0x0) r5 = dup(r2) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000}) ioctl$KVM_NMI(r6, 0xae9a) ioctl$KVM_RUN(r6, 0xae80, 0x0) bind$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x8000002}, 0x1c) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x12, &(0x7f0000000180)=0x4000000, 0x4) sendto$inet6(0xffffffffffffffff, 0x0, 0x1e, 0x2200c851, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) poll(&(0x7f0000000040)=[{0xffffffffffffffff, 0x80}], 0x1, 0x800) sendto$inet6(0xffffffffffffffff, &(0x7f0000000080)="44f9b108b1cdc885c9c533d21f474bec8bfef1df1e2da71e578dc6b91d09f7ab15378571d8e27546090011006e75436914ab717528ee4b7a9beaf908d11137c11903064e83b4951f4d433a5404970c85d92d7083fd38844cbb0c6c5eb508ddc2dc7a590aa7941b1e9eeb5a688138dea09b776cbfa784cbf550bf3074fb0d775da4df5a3f48bbdf452eeb6b923da9d0e25b80f76a873664b5753444fe05f33e5f91045540836c3cd6af10f0cd018f0c6f57f926ac959a5628c45088fbe0c87fbe6cbcda4662d2a12f6d00"/211, 0xd3, 0x1, 0x0, 0x0) shutdown(0xffffffffffffffff, 0x1) ioctl$BTRFS_IOC_BALANCE_PROGRESS(0xffffffffffffffff, 0x84009422, &(0x7f0000002540)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}}) bind$inet6(0xffffffffffffffff, 0x0, 0x0) ioctl$sock_SIOCOUTQNSD(0xffffffffffffffff, 0x894b, &(0x7f0000001980)) ioctl$BTRFS_IOC_GET_DEV_STATS(0xffffffffffffffff, 0xc4089434, &(0x7f0000000640)={r7, 0x9, 0x0, [0x0, 0x0, 0x0, 0x9], [0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x100000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x200, 0x0, 0x0, 0x0, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0xb062, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x5, 0x0, 0x800]}) ioctl$BTRFS_IOC_SNAP_CREATE_V2(0xffffffffffffffff, 0x50009417, &(0x7f0000000300)={{}, 0x0, 0x0, @inherit={0x58, 0x0}, @devid=r7}) ioctl$BTRFS_IOC_SCRUB(r3, 0xc400941b, &(0x7f0000000400)={r7, 0x80, 0x5, 0x23d5e75a74382f64}) syz_read_part_table(0x103c, &(0x7f0000001040)="$eJzszjEOQUEYhdE7iEwlswRqq/i1apVNWILEWjQ2p1BLRK+W95Jz6pubL8zS8X15JdftLrdaJD1pPUmN3A/7bEZy/s5qmWet00ay+vFyevy/HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACm5xMAAP//1hgIrg==") syz_kvm_setup_cpu$x86(r5, r5, &(0x7f0000a61000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f00000000c0)="06c4e221baf564660f75fb0fc77c6a0c0f01cf0f01c966ba400066b804e866ef0f01c4f3d400660f167ad2", 0x2b}], 0x1, 0x46, &(0x7f0000000180), 0x0) 3.653020557s ago: executing program 4 (id=328): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000f1ffffff0000000000100000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() ptrace$ARCH_ENABLE_TAGGED_ADDR(0x1e, r2, 0x1, 0x4002) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$nl_route(0x10, 0x3, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) syz_mount_image$fuse(0x0, &(0x7f0000001040)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f00000000c0)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}, {@metacopy_on}], [], 0x2c}) r5 = openat$dir(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0) r6 = openat$dir(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0) renameat2(r5, &(0x7f0000000380)='./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', r6, &(0x7f0000000040)='./file1\x00', 0x2) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000380)='kmem_cache_free\x00', r0}, 0x10) r7 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TUNSETOFFLOAD(r7, 0xc004743e, 0x20001439) 3.647006428s ago: executing program 0 (id=329): bpf$MAP_CREATE(0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f00000005c0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc6751dfb265a0d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fd52347125907000000000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df262ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71d20fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada12f7a1001500a710eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff000000000000000000000000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18a904c0e585a66c3b84b138efc20a546d3d5227e23b03f2a834391ad24fe7d9b20cf92cb151763d41f5c76e2ff3e93ee296c4082ee73e7e197253a2b66c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0842b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f04c7f0be31491eb8c9ff68236c8600000000000000000000000066e034c81c3cab4e33fc8dc55ce0ada18dcbf31c6ea1893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f2243471221c15fa12313ffbfa7c2730302b66a99f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca20508011132153c528f7bca92980a3223c5b9cdddedb0a14adddf9a6e70a26b5c0ee0879c349814bee9d96d8bd23db4e801d49201ae84090455682794098afa42b34196b1d849020eeeb1ef48d003d71524683d7cdfa841bca708414fb8ff49742420d1ab7fa678aa4806d5247616e8bc0b02887f8efe9310ccf9bec1c9b7f6671c9d59ac6b09b4436cafdd1887c8e884c930d21ace088ccc99a94d4b33da2fc1b1310bb607a9ad65844655de1ac9fd36d12e07a821fb951368a970c58fb4f3f403fdaf68902874"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x6}, 0x70) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10) syz_open_dev$usbfs(0x0, 0x204, 0x0) socket$pppl2tp(0x18, 0x1, 0x1) r4 = fsopen(&(0x7f0000000000)='bpf\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0) r5 = fsmount(r4, 0x0, 0x0) symlinkat(&(0x7f0000000040)='.\x00', r5, &(0x7f0000000140)='./file0\x00') bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7020000111e6ca5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000020000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) mkdir(&(0x7f00000002c0)='./file0\x00', 0x0) mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='tmpfs\x00', 0x0, &(0x7f0000000240)='no,azytime') mount_setattr(r5, &(0x7f0000000200)='./file0\x00', 0x0, &(0x7f0000000300)={0x0, 0x78}, 0x20) 3.243113408s ago: executing program 1 (id=330): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xf, 0x4, 0x8, 0x8}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000087b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) timer_create(0x2, &(0x7f0000533fa0)={0x0, 0x21, 0x1, @thr={&(0x7f0000000680)="cd60e3f2b383ccff607f8304a90205fb209ae161c6ea3123ebdec0c11a115c870b7b2526a9524f46318128d83f151b5465a8984a0633affb8a0ab117a2405e7ed06899fe18ed354059fe25362740e9e4622a7babd56300d27280a036d8ebc3dbe3f0e69d420603dfb7c84f9e5ebbd2992d1bff65ece40b16a1c8a3fc856705e0353d4925453016605baa72aeaeb021067e", &(0x7f00000004c0)="a2601884334f66d7177d08086ef97ec3f7e99f138e7d95916d924ab5b8a3271e245d8c4bc37eeb5a1b98b3a314dea3bc0d611e1ec90b2def839889d7ce9991478d25fb05b89b1d46c4f08bf54e538844f8c3a77082075de9f2baaf7d61922c89570c769a"}}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x10, 0xffffffffffffffff, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10) openat$fuse(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYRESDEC=r2], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000000)='kmem_cache_free\x00', r3}, 0x10) getpriority(0x0, 0x0) bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000180)=0xffffffffffffffff, 0x4) bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0) syz_open_pts(0xffffffffffffffff, 0x0) r5 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$TIOCSTI(r5, 0x5412, &(0x7f0000000000)=0x17) socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00'}) socket$nl_route(0x10, 0x3, 0x0) r6 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000400)=ANY=[@ANYRES8=r6, @ANYRES16=r4, @ANYRES16], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x21, '\x00', 0x0, 0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x90) bpf$PROG_LOAD(0x5, 0x0, 0x0) r7 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) write$UHID_CREATE(r7, &(0x7f0000000240)={0x0, {'syz1\x00', 'syz1\x00', 'syz1\x00', &(0x7f0000000540)=""/2, 0x2, 0xd}}, 0x120) readv(r7, &(0x7f0000000140)=[{&(0x7f0000000080)=""/155, 0x9b}, {0x0, 0x4}], 0x2) write$UHID_DESTROY(r7, &(0x7f0000000200), 0x4) 3.036670263s ago: executing program 1 (id=331): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) add_key$keyring(&(0x7f00000002c0), 0x0, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0xfffffffffffffddf, &(0x7f0000000040)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000)) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r2, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15) r3 = dup(r2) write$FUSE_BMAP(r3, &(0x7f0000000100)={0x18}, 0x18) write$FUSE_DIRENTPLUS(r3, &(0x7f0000000480)=ANY=[@ANYBLOB="9802"], 0x298) write$FUSE_DIRENTPLUS(r3, &(0x7f0000000580)=ANY=[@ANYBLOB="b0"], 0xb0) write$FUSE_NOTIFY_RETRIEVE(r3, &(0x7f00000000c0)={0x14c}, 0x137) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r3}}) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000fc850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r4}, 0x10) r5 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0) getdents(r5, 0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r6, 0x0, 0x0, 0x2, 0x0) r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=@framed={{}, [@printk={@p, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x71}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r8}, 0x10) socket$nl_route(0x10, 0x3, 0x0) 2.780858293s ago: executing program 0 (id=335): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="1801000000000000000000006dfeff00850000007b000000"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r0}, 0x10) r1 = getpgrp(0xffffffffffffffff) r2 = syz_pidfd_open(r1, 0x0) pidfd_send_signal(r2, 0x0, 0x0, 0x0) 2.773583293s ago: executing program 0 (id=336): bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1}, 0x48) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, 0x0) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x4d801) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f00000005c0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc6751dfb265a0d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fd52347125907000000000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df262ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71d20fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada12f7a1001500a710eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff000000000000000000000000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18a904c0e585a66c3b84b138efc20a546d3d5227e23b03f2a834391ad24fe7d9b20cf92cb151763d41f5c76e2ff3e93ee296c4082ee73e7e197253a2b66c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0842b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f04c7f0be31491eb8c9ff68236c8600000000000000000000000066e034c81c3cab4e33fc8dc55ce0ada18dcbf31c6ea1893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f2243471221c15fa12313ffbfa7c2730302b66a99f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca20508011132153c528f7bca92980a3223c5b9cdddedb0a14adddf9a6e70a26b5c0ee0879c349814bee9d96d8bd23db4e801d49201ae84090455682794098afa42b34196b1d849020eeeb1ef48d003d71524683d7cdfa841bca708414fb8ff49742420d1ab7fa678aa4806d5247616e8bc0b02887f8efe9310ccf9bec1c9b7f6671c9d59ac6b09b4436cafdd1887c8e884c930d21ace088ccc99a94d4b33da2fc1b1310bb607a9ad65844655de1ac9fd36d12e07a821fb95"], &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x6}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000240)={0xffffffffffffffff, 0x0, 0x0}, 0x10) r4 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x0) mmap(&(0x7f000001a000/0x3000)=nil, 0x3000, 0xf, 0x11012, r4, 0x0) r5 = fsopen(&(0x7f0000000000)='bpf\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r5, 0x6, 0x0, 0x0, 0x0) 2.749219915s ago: executing program 4 (id=337): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000020000000000000004850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10) r1 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/thread-self/attr/sockcreate\x00', 0x2, 0x0) write$selinux_attr(r1, 0x0, 0x0) 2.691097079s ago: executing program 4 (id=338): prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f00000006c0)={[{@journal_ioprio={'journal_ioprio', 0x3d, 0x1}}, {@resuid={'resuid', 0x3d, 0xee01}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@lazytime}, {@nombcache}, {@noload}]}, 0x3, 0x440, &(0x7f0000000280)="$eJzs28tvG8UfAPDv2kn66+uXUJVHH0CgIMoradJSeuACAokDSEhwKMeQpFWo26AmSLSKICBUjqgSJy6IIxJ/ASe4IOCExBXuqFKFcmnhZLT2bmI7thunTlzqz0dad2Z33Jmvd8ee2ckG0LdG05ckYk9E/B4Rw9VsfYHR6j83V5am/15Zmk6iXH7zr6RS7sbK0nReNH/f7jwzEFH4NIlDTepduHT53FSpNHsxy48vnn9vfOHS5Wfnzk+dnT07e2Hy1KkTxyeePzn5XFfiTOO6cfDD+cMHXn376uvTp6++8/O3SR5/QxxdMtru4OPlcper6629NelkoIcNoSPFajeNwUr/H45irJ284Xjlk542DthS5XK5fF/rw8tl4C6WRK9bAPRG/kOfzn/zbZuGHneE6y9WJ0Bp3DezrXpkIApZmcGG+W03jUbE6eV/vkq32Jr7EAAAdb5Pxz/PNBv/FaL2vtD/szWUkYi4JyL2RcTJiNgfEfdGVMreHxEPdFh/4yLJ+vFP4dqmAtugdPz3Qra2VT/+y0d/MVLMcnsr8Q8mZ+ZKs8eyz+RoDO5I8xNt6vjh5d8+b3WsdvyXbmn9+Vgwa8e1gR3175mZWpy6nZhrXf844uBAs/iT1ZWAJCIORMTBTdYx99Q3h1sdu3X8bXRhnan8dcQT1fO/HA3x55L265Pj/4vS7LHx/KpY75dfr7zRqv7bir8L0vO/q+n1vxr/SFK7XrvQyf/+5ZPp65U/Pms5p9ns9T+UvFW374OpxcWLExFDyWvVRtfun2woN7lWPo3/6JHm/X9frH0ShyIivYgfjIiHIuLhrO2PRMSjEXGkzafw00uPvbv5+LdWGv9MR+d/LTEUjXuaJ4rnfvyurtKRTuJPz/+JSupotmcj338baVenVzMAAAD8VxUiYk8khbHVdKEwNlb9G/79satQml9YfPrM/PsXZqrPCIzEYCG/0zVccz90IpvW5/nJhvzx7L7xF8WdlfzY9HxpptfBQ5/b3aL/p/4s9rp1wJbzvBb0L/0f+pf+D/1L/4f+1aT/7+xFO4Dt1+z3/6MetAPYfg3937If9BHzf+hfm+n/vjPg7tC2Lw9tXzuAbbWwM279kLyExLpEFO6IZkhsUaLX30wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADd8W8AAAD//58P56I=") prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800003f0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_CREATE(0x300000000000000, &(0x7f0000000100)=@base={0x18, 0x4, 0xa, 0x20004, 0x40b, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x1}, 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000000040)='./bus\x00', 0x2, &(0x7f0000001080)=ANY=[@ANYBLOB="7379735f696d6d757461626c652c666d61736b3d30313737373737373737373737373737373737373737332c73686f72746e616d653d6c6f7765722c636865636b3d7374726963742c2c756e695f786c6174653d302c726f6469722c726f6469722c73686f72746e616d653d6c6f7765722c73686f72746e616d653d6c6f7765722c6e6f6e756d7461696c3d302c756e695f786c6174653d312c756e695f786c6174653d312c6572726f72733d636f6e74696e75652c74696d655f6f66667365743d3078303030303030303030303030303465302c757466383d302c0077b5b28056fc4549cab55cccc917ad315c8ea56f5a89c104f92d058b92f5881e69e06002f5914c03fefbeb09121733eaf5ded73df976fbd4cfcb8b70b0bf44da1b46bc3935431d5e60a641f9e4ebbf71c77fc9a810ce726b8c6d6295a5f2e2b069b95ba8ecce52ded99b82923228c37d5e1ec11cdbcabb8a89cbf2cf2771d69e3cf0e6760094145e542e426bceaab9b2cf261046247bce0565db3ac5888b74efd48bc9f455e60f49496ca8137aba85fe39756814fda1f0624b33a2025792a477ccfff09befb1d0cf1599d272628028b9786e1fbfb3d637c2561421488c9d0000000094bf13ac582f6b67de0cad933631794271b2259fe5d73a74ad7da615c31505c7c0c168052d38e5b64c4bb7d0599e5dcf0000000000000000000000000000002790cf17418aa278cfc0c9d1c81c63e58b877706a4b7eed8a5aff253298db2939adc0efdab4745ab0e09ef8beaaf04e5374c2e7e4672e47fe5a25502919954242f8d779d84091f20646210edf871d3f20ad66fcf4b816323b8abb307381d4ada887dcc71e35f364baa1b992ced893ab946472440b53fc08cc41403e167b1f2605e04d5f0c16ed49969b59d650d88642b10c7893fe9b664421a40f4822ffcc284dfe9aea76e4a04293c970f2dae776decf07b085e16511b0bd365b0f86c7fcd8df00a87f4dbbf8e6255a2e5cd64402a4de537bf113fc7370099e4faebe3f8803d000000004c5f9b205ce1bbc8c0002a19457e05a210d9e9820bc7f318ebfdfcc22f83150503b2000000000000000000000000632ff0fa874ac0769142daca624cb4e0206734b6ed975359c4c61af929e56449437f109207ab97933bfa547d54f09f318a621c0180844af3362417ea3266d51c40f1f6abeaa2e90ce22d20600e22cd20de", @ANYBLOB="d23c17f6ec95b3b885b061be4d1d842e4a63ec77a88347691f71d1e41301cf3df73c16fd088806b677d36dfdfecb4a080900060031622d37a921b1c072bdbff76ef2fed6da828ab4e0f87928c18c0380050249fb6a2be8b8ea56db5b017149cfa27eb8080778c490a639625353dde9d1c6d1e69c8f629356c70f7c3b140340ce0d51592813652003977d21460538702c7a359af24a7cd83ee44c1c69a7abd35b7d27fe6f33ed371b3db09d05553843a2ae2fc8b1246690dd9db1b67e10fbeea0f8a5045a9f351faac4ffcb8f9a57b03f295c9517551310dda73d40c81eabda5628dc79bf012d0b37b49a05b0d275d46b97c4d8b237341491a2de17488a4fb9b18bf56c96c4ee499a69841d03c75e5837b20cdd1400d9d6d6fb17f88178adc14763fab9740607eccb9a03dee8abf7639e2f9530593b41172f8261bca7a34acd8eff67d25e03ac7532262f5c1256b5ba7bbb5a9966aaf4dddcf9000000000000"], 0xf, 0x2a6, &(0x7f0000000740)="$eJzs3c9qK2UUAPAz+deoiwRxowgO6MJVuXXrplGuIHalRFAXGrz3giThwi0ErGDsqk/g0vfwEdy48Q0Et4K7dlEZmcxMk9CkrTWm0Pv7rQ7zzTlz8n0lXeXMV6+Ph4+eJnF8+nu020nU9mM/zpLoRi0qP0QjAID74yzL4q/sNpmN2ua7AQC2ofj/X7jrXgCA7fjks88/6h0cPPw4Tdvxaudk0k8iYnwy6RfrvSfxTYzicTyITpxHZBeK+IMPDx5GI811463xdNLPM8df/lrW7/0ZMcvfi050V+fvpYWF/Omk34wXI43ek2bVaideWZ3/zor86Lfi7TcX+t+NTvz2dTyNUTyKPHee//1emr6f/Xj63Rf5Y/L8pBb9ndl9c1l9m+cCAAAAAAAAAAAAAAAAAAAAAMD9tpumSTG+Zza/J79Uzt+pn8/Wd9NKd3k+T5GfVIWK+UBZlCN6pln8VM3XeZCmaVbeOM9vxGsNLxYAAAAAAAAAAAAAAAAAAACA3OG3R8PBaPT42UaCahpA9bP+29bZX7jyRhwNB/X1BXdu/qzFaQN5r1feHI1GbGhbrgteyPvZeOWd+eF+GkVQHcy/L9hcn/Xye0XRo+EgLZeqTR4Okuue1a4O7ufFpVb8103IZn8S59nymbYvWl3Oam1o51svrVz6O8uym9V594/ijMoryWzExs2e3iyDlR8wD9qXz+KX9QXXfmXUN/LFAwAAAAAAAAAAAAAAAAAAXDL/0e+KxeMrU2v/W1MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsGXz9/9XQTsilq9cCqZl8lX3lEErnh3e8UcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgOfBPAAAA//8s7E5o") openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x7a05, 0x1700) write$cgroup_int(r4, &(0x7f0000000200), 0x43400) 2.404106671s ago: executing program 1 (id=339): mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0) r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TUNSETOFFLOAD(r0, 0xc004743e, 0x20001400) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) syz_usb_control_io$hid(0xffffffffffffffff, &(0x7f00000001c0)={0x24, &(0x7f0000000280)=ANY=[@ANYBLOB="00020c0000000c00025821fa91f49e2ec788b090393353554ef70b04ebb331d43bf263e323cb020858eae856f52e8295c0e714a485b28e586674fe7bbfe6f3f9a37dd848b634cfaf651e8e330bf5c145de2825342027f7345543c9d605b991ee7e54fc15480b0a84bdaf79124fd90701b91ef0914381"], 0x0, 0x0, 0x0}, 0x0) ptrace(0x10, 0x1) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) ioctl$VHOST_VSOCK_SET_GUEST_CID(r2, 0x4008af60, &(0x7f0000000040)={@my=0x1}) r3 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_stream(r3, &(0x7f0000000200)={0x28, 0x0, 0x0, @my=0x1}, 0x10) ioctl$TUNSETOFFLOAD(r0, 0x8004745a, 0x2000000c) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r5 = openat$cgroup_procs(r4, &(0x7f0000000140)='cgroup.procs\x00', 0x2, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff) r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r7 = openat$cgroup_procs(r6, &(0x7f0000000200)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r7, &(0x7f00000003c0), 0x12) write$cgroup_pid(r5, &(0x7f00000001c0), 0x74) 1.949518154s ago: executing program 2 (id=340): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5) (async) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x10, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) (async) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (async) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) syz_clone(0x4400000, 0x0, 0x0, 0x0, 0x0, 0x0) ioprio_get$pid(0x2, 0x0) bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000100)={r3, &(0x7f0000000a80)="2692c9f0bd28b950677bdb28e68ad68c6a8fb504f83ce91c77951cffc197fafe51a2e3a353ac8fb5a851c4e178bb5b4551b1ca11e9de2a1b04ae688255d2169b7d5e38f759726eab7d67ee4b205140000000000000002fe9f87498cf76b72938f8c5d33e4a6770db8db411d6572be578a7e1e4ca670f0f38e215c1d36dfd7ef66e54f9507c4204ff346da81f3dab2f88f9fd9d25776a86a47e1b2bb93806d5a2014cc093f57e145b"}, 0x20) (async) bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000100)={r3, &(0x7f0000000a80)="2692c9f0bd28b950677bdb28e68ad68c6a8fb504f83ce91c77951cffc197fafe51a2e3a353ac8fb5a851c4e178bb5b4551b1ca11e9de2a1b04ae688255d2169b7d5e38f759726eab7d67ee4b205140000000000000002fe9f87498cf76b72938f8c5d33e4a6770db8db411d6572be578a7e1e4ca670f0f38e215c1d36dfd7ef66e54f9507c4204ff346da81f3dab2f88f9fd9d25776a86a47e1b2bb93806d5a2014cc093f57e145b"}, 0x20) mkdir(&(0x7f0000000400)='./file1\x00', 0x0) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) pipe2$9p(0x0, 0x0) dup(0xffffffffffffffff) mount$9p_fd(0x0, &(0x7f0000000000)='./file2\x00', 0x0, 0x0, 0x0) newfstatat(0xffffffffffffff9c, 0x0, 0x0, 0x0) lstat(&(0x7f0000000440)='./file0\x00', 0x0) (async) lstat(&(0x7f0000000440)='./file0\x00', 0x0) mount$cgroup(0x0, 0x0, &(0x7f0000000340), 0x0, &(0x7f0000000500)={[{@clone_children}], [{@fowner_gt}, {@euid_eq}]}) (async) mount$cgroup(0x0, 0x0, &(0x7f0000000340), 0x0, &(0x7f0000000500)={[{@clone_children}], [{@fowner_gt}, {@euid_eq}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x1, &(0x7f0000000180)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) (async) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x1, &(0x7f0000000180)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) rt_sigsuspend(0x0, 0x0) (async) rt_sigsuspend(0x0, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@getneigh={0x14, 0x1e, 0x400, 0x70bd2c, 0x25dfdbfc, {}, ["", ""]}, 0x14}}, 0x48080) openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000380), 0x2, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000000)='\x00', 0x1e, &(0x7f0000000580)={[], [{@audit}, {@dont_measure}, {@euid_lt}, {@fsmagic={'fsmagic', 0x3d, 0x7}}, {@uid_eq}]}, 0x2, 0x456, &(0x7f0000000b40)="$eJzs3M1vVFUbAPDnzkzLy9fbivjBh1JFI9HY0oLKwgUYTVxoYqILXNa2EGSghtZECNHqApeGxL1xaeJf4Eo3Rl2ZuNW9ISGGDejqmjtzb5kOM3WYTpmW+f2SS8+590zOeXrumTnnHqYBDKyx7J8kYkdE/B4RI/XsygJj9R+3blye+fvG5Zkk0vTtv5JauZs3Ls8URYvXbS8yS/X8vhb1Lly8dHa6Wp27kOcnFs99MLFw8dLzZ85Nn547PXd+6tixo0cmX3px6oX2jU86jzNr0829H8/v3/P6u1ffnDl59b2fv02K+Jvi6JGxFufKReLpHlfWbzsb0kklT5T71Bg6lnVR1l1DtfE/EuWoLF8bidc+62vjgHWVpmm6pd3FJJZS4D6WRL9bAPRH8VGfrX+L455NPjaA6yfqC6As7lv5Ub9SiVJeZqhpfdtL2Wrr5NI/X2VHrM9zCACAFb4/Uf955/yvFA83lDue7w2NRsQDEbErIh6MiN0R8VBErewjEfFow2s62Z5p3iS5c/5TutZdZJ3J5n8v53tbK+d/xewvRst5bmct/qHk1Jnq3OGI+H9EHIqhLVl+cpU6fnj1ty/aXRtrmP9lR1Z/MRfM23Gt0vSAbnZ6cXotMTe6/mnE3kqr+JPlnYCsH/dExN4D3dVx5tlv9re79t/xr6LSXXsapV9HPFPv/6Voir+QrL4/OfG/qM4dnijuijv98uuVt9rVv6b4eyDr/20t7//l+EeTxv3ahbuv48ofn7dd03R7/w8n79TSw/m5j6YXFy9MRgwnb+Tnj98+P3X7tUW+KJ/Ff+hg6/G/K27/JvZFRHYTPxYRj0fEgbztT0TEkxFxcJX4f3rlqfe7j399ZfHP3lX/332ifPbH71ZUOrpK/Em06P+jtdSh/Ewn73+dNnCtvz8AAADYDEoRsSOS0vhyulQaH6//f/ndsa1UnV9YfO7U/IfnZ+vfERiNoVLxpGuk4XnoZP7EoMhP5cv8In8kf278ZXlrLT8+M1+d7XfwMOC2txn/mT99fwPufz3YRwM2qW7Hf5qmn/S4KcA95vMfBpfxD4Orxfjf2pRv+zcCgM2t1ee/hT0MBvN/GFzGPwwu4x8Gl/EPA2kt3+vvWSJ7/9kAzeg4kaZ9qn24/7EvJ6K0IZohsU6Jfr8zAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9Ma/AQAA//8prOfG") 1.764948918s ago: executing program 2 (id=341): r0 = openat$vcs(0xffffffffffffff9c, &(0x7f00000001c0), 0x800, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x1, 0x8, 0x8}, 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{r1}, &(0x7f00000006c0), &(0x7f0000000700)=r2}, 0x20) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70200000200ca48850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10) r5 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$IPT_SO_SET_REPLACE(r5, 0x0, 0x40, &(0x7f0000000540)=@raw={'raw\x00', 0x8, 0x3, 0x4d8, 0x340, 0x11, 0x148, 0x0, 0x0, 0x440, 0x2a8, 0x2a8, 0x440, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x2f8, 0x340, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'ip_vti0\x00', {0x0, 0x0, 0x3f, 0x0, 0x0, 0x3, 0x7}}}, @common=@unspec=@bpf1={{0x230}, @pinned={0x1, 0x0, 0x0, './file0\x00'}}]}, @unspec=@CT0={0x48}}, {{@ip={@multicast2, @empty, 0x0, 0x0, 'vlan0\x00', 'netdevsim0\x00'}, 0x0, 0xd0, 0x100, 0x0, {}, [@inet=@rpfilter={{0x28}}, @common=@unspec=@quota={{0x38}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x538) alarm(0x0) bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000200)={r0, 0x20, &(0x7f0000000280)={&(0x7f00000006c0)=""/235, 0xeb, 0x0, &(0x7f00000005c0)=""/185, 0xb9}}, 0x5e) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='smaps\x00') syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x1349080, 0x0, 0x0, 0x0, &(0x7f0000000000)) mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='huge=always']) chdir(&(0x7f0000000140)='./file0\x00') r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) bpf$ENABLE_STATS(0x20, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000002000000000000000000018190000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) r8 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r8], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x12, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_GET_PROG_INFO(0xa, &(0x7f0000000740)={r9, 0x0, 0x0}, 0x10) write$binfmt_script(r7, &(0x7f0000000000), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xa, 0x13, r7, 0x0) mlock(&(0x7f000069f000/0x2000)=nil, 0x2000) read$FUSE(r7, &(0x7f0000002140)={0x2020}, 0x2020) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r6, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000500)={r0, 0xe0, &(0x7f00000007c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000a80), ""/16, 0x0, 0x0, 0x0, 0x0, 0x3, 0x3, &(0x7f00000004c0)=[0x0, 0x0, 0x0], &(0x7f0000000300)=[0x0, 0x0, 0x0], 0x0, 0x38, &(0x7f0000000340)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f0000000380), &(0x7f00000003c0), 0x8, 0x9f, 0x8, 0x8, &(0x7f0000000400)}}, 0x10) 1.763005718s ago: executing program 4 (id=342): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008031, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_QGROUP_LIMIT(0xffffffffffffffff, 0x8030942b, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r0, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$VHOST_SET_FEATURES(r2, 0x4008af00, &(0x7f0000000080)=0x200000000) preadv(r2, &(0x7f0000000600)=[{&(0x7f0000000280)=""/117, 0x75}], 0x1, 0x0, 0x0) (fail_nth: 5) 1.679246305s ago: executing program 0 (id=343): r0 = syz_io_uring_setup(0x1002a34, &(0x7f00000001c0)={0x0, 0x613c, 0x10, 0x3, 0x1a5}, &(0x7f0000000640), &(0x7f0000000280)) fstatfs(r0, &(0x7f00000007c0)=""/240) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000004850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10) syz_mount_image$f2fs(&(0x7f0000000280), &(0x7f0000010280)='./mnt\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="70726a6a71756f74613d6469474bcc8aeef1a8827363736768643d000000000000", @ANYRES64, @ANYRESHEX], 0x1, 0x10212, &(0x7f0000020500)="$eJzs3L9uW1UYAPBzaxoVWkqEGNg4EiA5ErGu7aSCskRUVQdIFdEyMji2Y7lN7Ch2nNAJBv48BBtMvAMPwMbSoW+AxIbEUiGBfO4NQhVDVUzcOL+fdO93z3dvvnOO5eW7ihyAc2s5/v5bFq6GF0MIlRDClRDSdVYeyUYRXg8hvBFCuPCPIyvzfyeWQggvhRCuTosXNbPy1nc/fvXp9798+Pa3P/xUyb/5+tf57RqYt7dCCHv7xfXRXhGHvSLeK/OtST/FvbVJGYsbe/fL8bCIR93tVOGodfJcK8Vmr3h+uH84msad3VZ7Gnv9nZTfHxQTjia9kzrpD+61DtK4091OsT8apth7UKzruIwPRuOiTqes91kqH8bjk1jku8fdYj/791NsD8Zlvqg77HSPp3FSxnK60Nl+9s/3rPioPzg8jpPuwag/HMT1Wj2v5asH7WureV5/r7na67R22te6jbVOa2ctVrsbo+HuSqz22u1YvXXjxkqs57VGLX8n3rr9SdztxOo0ftAfHI77u6OV2Kg112v1lfhmPd7Z3IpbH9+8ubl1N24OB/H2cBKbeaw3r683rjffjVt37sZG3sjt/1R9ccrzsWCyeS8A4OzR/wPz8Ez9/6Uir/9fHOe9/z3v+9e+8Z/4AgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnFuXf37/MF0sF+MLZf7lMvVqOc7Ke3/+i+yJmpVp3RDCxad8/ssshKVyjpPjhRDCRnn88cr/+xkAAADAInv0uPowS916cVqe94I4TUvpnF35fEb10mudmX2H0ouo12ZVrZLWN6udXg7lG6qZuDg9XZpVtadSOdXZAACA54NOAAAAABbak/+GDwAAACwe/T8AAAAsvtT/+/0/AAAAWGyPHlcfznsNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPzF3r2cIAwEAQCd9XcJotiOF0uwGUuwEDvymjq8iUQRRxARFaKI4T0YkklCdue4e5gFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALqu2s5X9f58V1r9pzm286l6AAAAgCeml0sv03E+mmVe8t2jtfv9zkE/IqqIGL75/bpEjHKMawwiYpFxmHy7eAAAAOiuerNb/noOAAAAAAAAAAAAAAAAAAAAwI1/7P/XODgAAAAAXtH/DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABO7M7LCQAwCAPQfhbo/tMWQTcQvLwHCTkGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOizM+vUuFFv+hcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDZnWMbgAAgCqDnLKCyjyHUtjWLxgxETiVqQt5LLpf833wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+bR0ilrYuj6CrPM9+3Obp7l81Tw3+qv7tAbCzX4c2AAAhEAT/QwP0Xy0GQQcIZpLzZxcAALggem+0+s/FQwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFLtzaAUADAJRrKX7sP94FTw8DpMYvkAcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAyBt93BOdUQkAQMm+uTwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgM8OHAgAAAAAAPm/NkJVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVUVduBAAAAAAADI/7URqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrADBwIAAAAAQP6vjVBVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWFHTgQAAAAAADyf22EqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqKuzAgQAAAAAAkP9rI1RVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhBw4EAAAAAID8XxuhqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqCjtwIAAAAAAA5P/aCFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVXYgQMBAAAAACD/10aoqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwg4cCAAAAAAA+b82QlVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVRV24IAEAAAAQND/1+0IFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACYKAAA//8ypRiS") r2 = syz_mount_image$ext4(&(0x7f0000000700)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x8052, &(0x7f0000000000), 0x7, 0x4c6, &(0x7f0000000100)="$eJzs3EFsFFUfAPD/bFtaoHzsx8eHgqiLaGw0tlBQOJgYjCYeNDHiQY9NWwhSqKE1EUJkSQweDYl349GrB6/qzXgy8YpHE0NCDBfA05jZnW23292l3W670v5+ybLvzbzZN2/fvDdv3mMbwJZVyv5JIoYj4lZE7I6IQmOCUvXt/t2rkw/uXp2Mcpqe/ivJDot7WTyX5O8788hIIaLwebK4o87c5SvnJ2Zmpi/l8bH5Cx+PzV2+8tK5CxNnp89OXxw/efL4saMnXhl/efWFapJfVq57Bz6bPbj/rQ9vvjPZX9s+lL/Xl6NbSlFqdioVz3U7sx7bVRdO+tulfG39T4YVy67/rLoGKu1/d/RF28oDNpE0TdPB1rvLaaPry7YAj6wken0GQG/UbvTZ82/t1WwgsG19hh89d+dU9QEoK/f9/BXxdGVjbR5koOH5tptKEfFB+e+vs1es0zwEAEC9H0/VRoIN479ixL66dP/J11CKEfHfiNgTEf+LiL0R8f+opn0sIh5v+Py+iEjb5F9qiC8f/xRur62E7WXjv1fzta3F8V/Ur4IV+/LYrojagHn6SP6djMTA4JlzM9NH2+Tx0xu/fdlqX/34L3tl+dfGgvl53O5vmKCbmpif6LjADe5cjzjQ31j+pD8iWVgJSCJif0QcWMXnFuvC51749uBCZGBpuoeXvyJtuo7WhaWK9JuI56v1X44l9b+YY9J+fXJsKGamj4xlV8GRpnn88uuNd1vl/9Dyf/9H4yFvnvjhdN6y1i6r/x1113/U1m8Xy19MIpKF9dq51edx4/cvWj7TdHr9b0ver4Rrz6WfTszPXzoasS15e/n28cVja/HsPcrV8o8cbt7+9+THZN/EExGRXcRPRsRTUX1CLEV67VBEPBMRh9uU/+fXn/2o8/Kvr6z8U037vyX1v7he3yqQlKupm+zqO3/o1oMWncfK6v94JTSSb2ne/yVLuog2Z7oksNbvDwAAAB4FhYgYrptLGo5CYXS0Oge0N3YUZmbn5l88M/vJxanqbwSKMVCozXRV54MHktr8Z7EuPt4QP5bPG3/Vt70SH52cnZnqacmBnZU2nxRGF/qCavvP/NmdKWbg38xPfmDrelj733dzg04E2HDu/7B11bX/coskZf9TBjanldz/zQXC5tSs/V/r4Bjg0ZJqy7Clrab96ytgc+mP9xbChZ6eCbDR3NNhS1rRj+Q7DqSDzXcNxfLEMdT+A/uis9PY3iSvngSykVVPct/eyVG1v6bQMk0UVveBg9GdOj2z9q/l7L6uX/xpvj7W7Rr8bkPaabNA+35jfHj9+iQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBu+icAAP//KPXcbw==") mkdir(&(0x7f0000000000)='./control\x00', 0x0) r3 = open(&(0x7f0000022ff6)='./control\x00', 0x0, 0x0) getdents64(r3, &(0x7f0000fc4fbe)=""/34, 0x22) lseek(r3, 0x8, 0x1) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) creat(0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x18, 0x20000000000002d0, 0x0, &(0x7f0000000600)='syzkaller\x00', 0xa74e, 0x0, 0x0, 0x41000, 0x4, '\x00', 0x0, 0x2}, 0x90) r4 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) ioctl$VHOST_SET_OWNER(r4, 0xaf01, 0x0) ioctl$VHOST_SET_VRING_ADDR(r4, 0x4028af11, &(0x7f0000000300)={0x1, 0x0, 0x0, &(0x7f0000001600)=""/78, 0x0}) ioctl$VHOST_SET_MEM_TABLE(r4, 0x4008af03, &(0x7f0000003380)) r5 = eventfd2(0x55, 0x801) ioctl$VHOST_SET_VRING_ERR(r4, 0x4008af22, &(0x7f00000001c0)={0x0, r5}) ioctl$VHOST_SET_VRING_ADDR(r4, 0x4028af11, &(0x7f0000000240)={0x0, 0x0, 0x0, &(0x7f00000016c0)=""/175, 0x0}) ioctl$VHOST_SET_VRING_KICK(r4, 0x4008af20, &(0x7f0000000000)={0x0, r5}) ioctl$VHOST_VSOCK_SET_RUNNING(r4, 0x4004af61, &(0x7f00000000c0)=0x1) mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x0, 0x2172, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x4000, 0x2, &(0x7f0000005000/0x4000)=nil) getsockname$packet(0xffffffffffffffff, &(0x7f0000000340)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000380)=0x14) getuid() fstat(r5, &(0x7f00000004c0)) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x10, 0x5, &(0x7f0000000680)=ANY=[@ANYRES8=r2, @ANYBLOB="00000000000400"/16], &(0x7f0000000100)='GPL\x00', 0xfffffffc, 0x0, 0x0, 0x40f00, 0x58, '\x00', r6, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/cpuinfo\x00', 0x0, 0x0) 1.555089284s ago: executing program 2 (id=344): socket$inet6(0xa, 0x800000000000002, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x9, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000000085000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r1 = getpid() sched_setscheduler(r1, 0x1, &(0x7f0000000240)=0x5) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000200)='sched_switch\x00', r0}, 0x10) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$packet(0x11, 0x0, 0x300) sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="9feb010018000000000000005c0000005c00000005000000000000000000000b03000000000000000000000d000000000800000007000006040000000f000000ff0000000000000000000000000000000600001eb41f860001000100010000000000000001ffe50007000000bd00000007000000002e302e00bf10396a50e1de9a5d93bd92f6203aba63df5bfba5d7e2c2f89862b1eb2545cb4b4b02394c3ae18283e4b349e9232c690832b1fd125c6127a18ac330af09b9cd611936c6f1ab67fbc57778c3adb4d80a31a8d350cc016c6977fcacbfd023a8513bb709dff2d046a30c3a0de7b1318c474835aa4e28dea9c76078ac892f51e1433ddcfeb53d5546fb630ad5f992d39e7947f23357673ac9d9e92319659a20fd256f4464d0d96df711c2a1507ea1d9f46968ec3fd7311140dcd424eb9415a725ed55545226f13a5aa0c1718b54cfde2c0df8c5a7a3958b47e82cf6f8faf59f013ad71655cfdb1a5e4ef8fa701079d75cd45290b669c2c6c4b0d8"], 0x0, 0x79, 0x0, 0x0, 0xfff}, 0x20) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=@framed={{}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r4}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r5}, 0x10) r6 = socket(0x1e, 0x4, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000080)=ANY=[@ANYBLOB="1500"], 0x15) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$MAP_GET_NEXT_KEY(0x2, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x0, 0xc, 0x0, &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r7 = socket(0x1e, 0x4, 0x0) setsockopt$packet_tx_ring(r7, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10) setsockopt$packet_tx_ring(r6, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10) sendmmsg(r6, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x3514}], 0x1}}], 0x400000000000181, 0x9200000000000000) 1.297464583s ago: executing program 4 (id=345): bpf$MAP_CREATE(0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f00000005c0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc6751dfb265a0d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fd52347125907000000000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df262ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71d20fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada12f7a1001500a710eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff000000000000000000000000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18a904c0e585a66c3b84b138efc20a546d3d5227e23b03f2a834391ad24fe7d9b20cf92cb151763d41f5c76e2ff3e93ee296c4082ee73e7e197253a2b66c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0842b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f04c7f0be31491eb8c9ff68236c8600000000000000000000000066e034c81c3cab4e33fc8dc55ce0ada18dcbf31c6ea1893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f2243471221c15fa12313ffbfa7c2730302b66a99f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca20508011132153c528f7bca92980a3223c5b9cdddedb0a14adddf9a6e70a26b5c0ee0879c349814bee9d96d8bd23db4e801d49201ae84090455682794098afa42b34196b1d849020eeeb1ef48d003d71524683d7cdfa841bca708414fb8ff49742420d1ab7fa678aa4806d5247616e8bc0b02887f8efe9310ccf9bec1c9b7f6671c9d59ac6b09b4436cafdd1887c8e884c930d21ace088ccc99a94d4b33da2fc1b1310bb607a9ad65844655de1ac9fd36d12e07a821fb951368a970c58fb4f3f403fdaf68902874"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x6}, 0x70) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10) syz_open_dev$usbfs(0x0, 0x204, 0x0) socket$pppl2tp(0x18, 0x1, 0x1) r4 = fsopen(&(0x7f0000000000)='bpf\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0) r5 = fsmount(r4, 0x0, 0x0) symlinkat(&(0x7f0000000040)='.\x00', r5, &(0x7f0000000140)='./file0\x00') bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7020000111e6ca5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000020000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) mkdir(&(0x7f00000002c0)='./file0\x00', 0x0) mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='tmpfs\x00', 0x0, &(0x7f0000000240)='no,azytime') mount_setattr(r5, &(0x7f0000000200)='./file0\x00', 0x0, &(0x7f0000000300)={0x0, 0x78}, 0x20) 1.009119394s ago: executing program 3 (id=346): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="1801000000000000000000006dfeff00850000007b000000"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r0}, 0x10) r1 = getpgrp(0xffffffffffffffff) r2 = syz_pidfd_open(r1, 0x0) pidfd_send_signal(r2, 0x0, 0x0, 0x0) 907.068952ms ago: executing program 3 (id=347): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000f1ffffff0000000000100000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() ptrace$ARCH_ENABLE_TAGGED_ADDR(0x1e, r2, 0x1, 0x4002) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$nl_route(0x10, 0x3, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) syz_mount_image$fuse(0x0, &(0x7f0000001040)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f00000000c0)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}, {@metacopy_on}], [], 0x2c}) r5 = openat$dir(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0) r6 = openat$dir(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0) renameat2(r5, &(0x7f0000000380)='./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', r6, &(0x7f0000000040)='./file1\x00', 0x2) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000380)='kmem_cache_free\x00', r0}, 0x10) r7 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TUNSETOFFLOAD(r7, 0xc004743e, 0x20001439) 462.379425ms ago: executing program 2 (id=348): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000020000000000000004850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10) r1 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/thread-self/attr/sockcreate\x00', 0x2, 0x0) write$selinux_attr(r1, 0x0, 0x0) 451.400846ms ago: executing program 2 (id=349): syz_mount_image$ext4(&(0x7f0000000740)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x1810714, &(0x7f00000007c0), 0x1, 0x472, &(0x7f0000000c00)="$eJzs289vVEUcAPDve7sFBGUrIgqCVNGk8UdLCyoHE6PRxIMmJnrAY20LQRZqaE2ENFqNwaMh8W48mvgXePJk1JOJVzyaGBKixAT04pq3+17ZLrullS27YT+fZGFm3+zMfPvevJ2d2Q1gYI1k/yQRd0fExYioNLIrC4w0/rt2ZXH67yuL00nUam/+kdTLXb2yOF3LFa/bltc5mkaknyZ5IzHUXO382XMnp6rV2TN5fnzh1Hvj82fPPX3i1NTx2eOzpyePHDl8aOK5ZyefadPr3y6sN84svqt7Ppzbu/vVty+8Pn30wjs/fpP1d9e+xvEsjvXW2UGtlidGssD/bPxtWgs93qXG+sW/tetxJuVe94a1KkVEOR+cF6MSpbh+8irxyic97RywobJ79ubOh5dqwB0siY0rDfSz4o0++/xbPG7T1KMvXH6x8QEoi/ta/mgcKUealxnawPZHIuLo0j9fZo9oWYeotVk3AAC4Vd9l85+n2s3/0tjVVG57vjc0HBH3RsSOiLgvInZGxP0R9bIPRMSD62x/pCV/4/wzvfS/AlujbP73fL63tXL+V8z+YriU5+6pxz+UHDtRnT2Y/01GY2hzlp9oV3lRxcu/fN6p/eb5X/bI2i/mgnkll8qNBbotxTMzUwtT3ZqUXv44Yk+5XfzJ8k5AEhG7I2LP+qreXiROPPH13k6Fbh7/Krqwz1T7qqhkcSla4i8kq+9Pjm+J6uzB8eKquNFPP59/o1P7txR/F2Tnf+vK67+lROWvpHm/dn75wAvNpVZZQ47zv37W8TNlee3X/7Ls+t+UvFXf092UP/fB1MLCmYmITclr9fyK5yevv7bIF+Wz+EcPtB//O/LXZPE/FBHZRbwvIh6OiP35uXskIh6NiAOrxP/DS4+92+lYP5z/mbb3v+Xrf3jl+V9/onTy+287tb+2+9/hemo0f6Z+/7uJzt0pbqMtVzMAAADcwdL6d+OTdGw5naZjY43v8O+MrWl1bn7hyWNz75+eaXyHfjiG0mKlq9K0HjqRLOU1NvKT+VpxcfxQvm78Remuen5seq460+PYYdBt6zD+M7+Xet07YMP5vRYMrtbxn/aoH8Dt5/0fBpfxD4PL+IfB1W78f9SStxcAd6Japdc9AHrH/B8Gl/EPg8v4h4F0K7/r36hEeZVf70v0SyLSvuhG3yT2txlNaY/GV7kLo7vHNyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAu+S8AAP//W5/4VQ==") r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000200)='ext4_free_blocks\x00', r0}, 0x10) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.empty_time\x00', 0x275a, 0x0) write$cgroup_pid(r1, &(0x7f0000000040), 0x12) ioctl$SIOCSIFHWADDR(r1, 0x4030582b, &(0x7f0000000280)={'lo\x00', @link_local={0x0, 0x2, 0xc2, 0x0, 0x87}}) 408.612659ms ago: executing program 4 (id=350): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1}, 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x6}, 0x90) r1 = socket(0x1e, 0x4, 0x0) syz_open_dev$usbfs(0x0, 0x76, 0x101301) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r5}, 0x10) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc, 0x0, 0x2}, 0x10) sendmmsg(0xffffffffffffffff, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x3514}], 0x1}}], 0x400000000000181, 0x9200000000000000) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20) r6 = syz_io_uring_setup(0x6678, &(0x7f0000000340)={0x0, 0xd9eb, 0x800, 0x0, 0xc9}, &(0x7f0000000000), &(0x7f00000002c0)) syz_io_uring_setup(0x4d51, &(0x7f00000003c0)={0x0, 0xdbc2, 0x2000, 0x0, 0x324, 0x0, r6}, &(0x7f00000004c0), &(0x7f0000000540)) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) socket(0x1e, 0x4, 0x0) 182.665476ms ago: executing program 2 (id=351): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1a, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0xfffffffe}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000800000850000002300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000040)={r0, &(0x7f0000000280)="ba396de974824ec26220d4f1b6729fda2d9c85592f3fa91c415d8ffc457da49bda80cc14077fe808f2b4f5530d129d604cf35a03288f3d2785e0f2ce11cc4df3499ba659b380fc10488d51206e3f59362f32f16e2068013efd1c7a3275babf06cb19b5b79f50892af371b4217e1386733026e543540825a5badab266d72e36b3ce1c4c14d0327404fe679fff72ddc085512f93d122d800644e10621c26cca2f964faa2553d01da05af29e338f4a74eb2f23e72adc60906f13576843bdcc538ba2efd079eb1085c629678732cd5ecf18609018f14"}, 0x20) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='module_request\x00', r1}, 0x10) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r2, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c) listen(r2, 0x0) setsockopt$inet6_int(r2, 0x29, 0x8, &(0x7f0000000000)=0x3, 0x4) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000ffffffff000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x19, 0xc, &(0x7f0000000540)=ANY=[@ANYBLOB="042788046cd6e0f276e74abffe2ca97b925cecfc1fcae8c33f204cf5eec17301e7b12090b5fe472505031b030000008d6e0dcb12fac1d6dce8d8a0d2f821246bb200c690dfe444662aff315c15a64bcfaba9ef7d8a37ef5cc4339b0997659b2ba3093d92dcc682995ce05e5a9da228", @ANYRES8=r3], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r4}, 0x10) r5 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) writev(r5, &(0x7f0000002800)=[{&(0x7f0000002500)='\f7', 0x2}], 0x1) write$cgroup_pid(r5, &(0x7f00000031c0), 0x12) r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000f000000c5000000a0ef010095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000200)='kmem_cache_free\x00', r6}, 0x10) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0x0, 0x0, 0x0}, 0x90) r7 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0) r8 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r8}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x1, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) readv(r7, &(0x7f0000002140)=[{&(0x7f00000010c0)=""/29, 0x1d}], 0x1) socketpair(0x0, 0x0, 0x0, &(0x7f00000006c0)) openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) 0s ago: executing program 3 (id=352): bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000002000000000000000000018190000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xfff, 0x7}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000200)='fdb_delete\x00', r1}, 0x10) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000200)='fdb_delete\x00', r2}, 0x10) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r3, 0x8924, &(0x7f0000000000)={'bridge_slave_0\x00', @random="010000201000"}) truncate(&(0x7f0000000080)='./file0\x00', 0x4) r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340), 0x48) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r4}, 0x4) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r5}, 0x10) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r6, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c) listen(r6, 0x3) syz_emit_ethernet(0x4a, &(0x7f0000000640)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c200000086dd602a84350014060000000000000000000000000000000000fe8000000000000000000000000000aa00004e22", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="58c2000090780000cbf0403007e0c6d2a03dc0afb5f60298f13317a42bfbb9cdafe550c83d6818357bcfa8f3116e1254bc306a8b95de208d6c532809f1cf377d64cdba24ac75d2faf7ee03ce4a2c14179e0013294160e79de0525a282016a049bab62ba156ea5db82c912ab7b1f007fdbbc4ac2c5654521082b62026a7d12179f2c60278f93608d7252b6aabf24befe7da04cfd0e1ee13d22661a5ec36f61ed18dd3994abddf7ee8343c5478abde882df0ea76e56f242316d327e148574c2c4e93baad70287dc98492464e3331e876520f080786330c7da072e7e55ef4893d672b39c3588d0a66d9b686fed5142f407ad935676d12a7bd7ddbe041cb255fbd8f54be83dc2d7c5f2af52b37eadd2a31818099c098c2b611c089af30de2ea7e6dbf6b13f9dae4c29eb4ffd32631e64fc0699f6"], 0x0) syz_emit_ethernet(0x8a, &(0x7f0000000500)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "8a9646", 0x54, 0x6, 0x0, @empty, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x15, 0x7, 0x0, 0x0, 0x0, {[@timestamp={0x8, 0xa}, @md5sig={0x13, 0x12, "ca0c734891a263a2ef1df715fb24b095"}, @mptcp=@synack={0x1e, 0x10}, @md5sig={0x13, 0x12, "2bdd4b74a1f6aa675459bc4d77085aa8"}]}}}}}}}}, 0x0) kernel console output (not intermixed with test programs): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000001,resuid=0x000000000000ee01,debug_want_extra_isize=0x0000000000000068,lazytime,nombcache,noload,,errors=continue. Quota mode: none. [ 39.480160][ T10] device bridge_slave_0 left promiscuous mode [ 39.486135][ T10] bridge0: port 1(bridge_slave_0) entered disabled state [ 39.499886][ T10] device veth1_macvtap left promiscuous mode [ 39.505860][ T10] device veth0_vlan left promiscuous mode [ 39.572291][ T711] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 39.585194][ T711] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 39.596011][ T711] F2FS-fs (loop4): Found nat_bits in checkpoint [ 39.632455][ T711] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 39.639514][ T711] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 39.829666][ T287] syz-executor (287) used greatest stack depth: 20912 bytes left [ 39.996445][ T732] bridge0: port 1(bridge_slave_0) entered blocking state [ 40.003651][ T732] bridge0: port 1(bridge_slave_0) entered disabled state [ 40.011265][ T732] device bridge_slave_0 entered promiscuous mode [ 40.020087][ T732] bridge0: port 2(bridge_slave_1) entered blocking state [ 40.027358][ T732] bridge0: port 2(bridge_slave_1) entered disabled state [ 40.034628][ T732] device bridge_slave_1 entered promiscuous mode [ 40.146160][ T741] loop4: detected capacity change from 0 to 512 [ 40.183133][ T741] EXT4-fs (loop4): error: could not find journal device path: error -2 [ 40.325903][ T743] loop1: detected capacity change from 0 to 512 [ 40.345713][ T743] EXT4-fs error (device loop1): ext4_find_inline_data_nolock:164: inode #12: comm syz.1.115: inline data xattr refers to an external xattr inode [ 40.360647][ T743] EXT4-fs error (device loop1): ext4_orphan_get:1402: comm syz.1.115: couldn't read orphan inode 12 (err -117) [ 40.372627][ T743] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 40.407059][ T732] bridge0: port 2(bridge_slave_1) entered blocking state [ 40.414008][ T732] bridge0: port 2(bridge_slave_1) entered forwarding state [ 40.421208][ T732] bridge0: port 1(bridge_slave_0) entered blocking state [ 40.427983][ T732] bridge0: port 1(bridge_slave_0) entered forwarding state [ 40.443586][ T447] bridge0: port 1(bridge_slave_0) entered disabled state [ 40.450932][ T447] bridge0: port 2(bridge_slave_1) entered disabled state [ 40.469386][ T60] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 40.471302][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 40.484240][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 40.495712][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 40.504178][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 40.512165][ T26] bridge0: port 1(bridge_slave_0) entered blocking state [ 40.518999][ T26] bridge0: port 1(bridge_slave_0) entered forwarding state [ 40.529015][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 40.537239][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 40.545748][ T26] bridge0: port 2(bridge_slave_1) entered blocking state [ 40.552724][ T26] bridge0: port 2(bridge_slave_1) entered forwarding state [ 40.565072][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 40.572934][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 40.580724][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 40.588595][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 40.601982][ T447] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 40.610278][ T447] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 40.619071][ T10] device bridge_slave_1 left promiscuous mode [ 40.625035][ T10] bridge0: port 2(bridge_slave_1) entered disabled state [ 40.632327][ T10] device bridge_slave_0 left promiscuous mode [ 40.638314][ T10] bridge0: port 1(bridge_slave_0) entered disabled state [ 40.646011][ T10] device veth1_macvtap left promiscuous mode [ 40.651897][ T10] device veth0_vlan left promiscuous mode [ 40.709378][ T309] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 40.719390][ T60] usb 4-1: Using ep0 maxpacket: 32 [ 40.728388][ T732] device veth0_vlan entered promiscuous mode [ 40.734584][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 40.742463][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 40.750525][ T447] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 40.757782][ T447] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 40.770585][ T732] device veth1_macvtap entered promiscuous mode [ 40.777119][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 40.805503][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 40.814185][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 40.826590][ T447] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 40.837320][ T447] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 40.867245][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 40.875849][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 41.188397][ T60] usb 4-1: New USB device found, idVendor=1557, idProduct=8150, bcdDevice=29.ed [ 41.197414][ T60] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 41.205265][ T60] usb 4-1: Product: syz [ 41.209652][ T60] usb 4-1: Manufacturer: syz [ 41.214060][ T60] usb 4-1: SerialNumber: syz [ 41.219935][ T60] usb 4-1: config 0 descriptor?? [ 41.269459][ T309] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 41.280319][ T309] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 41.289884][ T309] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1 [ 41.302545][ T309] usb 2-1: New USB device found, idVendor=056a, idProduct=009f, bcdDevice= 0.00 [ 41.311406][ T309] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 41.319747][ T309] usb 2-1: config 0 descriptor?? [ 41.349377][ T6] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 41.589358][ T6] usb 1-1: Using ep0 maxpacket: 16 [ 41.680909][ T762] loop1: detected capacity change from 0 to 512 [ 41.720376][ T762] SELinux: security_context_str_to_sid(root) failed for (dev ?, type ?) errno=-22 [ 41.730867][ T762] EXT4-fs (loop1): Quota format mount options ignored when QUOTA feature is enabled [ 41.846197][ T6] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 41.929693][ T60] (unnamed net_device) (uninitialized): Assigned a random MAC address: aa:12:3a:aa:c8:ed [ 41.940006][ T762] [EXT4 FS bs=4096, gc=1, bpg=71, ipg=32, mo=a842c09c, mo2=0000] [ 41.947603][ T762] System zones: 0-2, 18-18, 34-34 [ 41.953619][ T762] EXT4-fs (loop1): 1 orphan inode deleted [ 41.955390][ T768] loop4: detected capacity change from 0 to 1024 [ 41.959158][ T762] EXT4-fs (loop1): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000001,stripe=0x0000000000000008,nolazytime,noquota,jqfmt=vfsold,minixdf,auto_da_alloc,grpid,debug,,errors=continue. Quota mode: writeback. [ 41.971557][ T60] rtl8150 4-1:0.0: eth1: rtl8150 is detected [ 41.987328][ T762] SELinux: security_context_str_to_sid(root) failed for (dev loop1, type ext4) errno=-22 [ 42.010666][ T60] usb 4-1: USB disconnect, device number 6 [ 42.020555][ T290] syz-executor (290) used greatest stack depth: 20880 bytes left [ 42.039624][ T768] EXT4-fs (loop4): Ignoring removed orlov option [ 42.046118][ T768] EXT4-fs (loop4): Ignoring removed bh option [ 42.066263][ T768] EXT4-fs (loop4): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,jqfmt=vfsv1,lazytime,max_dir_size_kb=0x00000000004007b1,orlov,grpquota,max_batch_time=0x0000000000000002,user_xattr,bh,mb_optimize_scan=0x0000000000000001,,errors=continue. Quota mode: writeback. [ 42.140729][ T769] bridge0: port 1(bridge_slave_0) entered blocking state [ 42.147639][ T769] bridge0: port 1(bridge_slave_0) entered disabled state [ 42.155199][ T769] device bridge_slave_0 entered promiscuous mode [ 42.162334][ T769] bridge0: port 2(bridge_slave_1) entered blocking state [ 42.169184][ T769] bridge0: port 2(bridge_slave_1) entered disabled state [ 42.177212][ T769] device bridge_slave_1 entered promiscuous mode [ 42.179348][ T6] usb 1-1: New USB device found, idVendor=045e, idProduct=0721, bcdDevice=90.c4 [ 42.209135][ T6] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 42.225380][ T6] usb 1-1: Product: syz [ 42.233323][ T6] usb 1-1: Manufacturer: syz [ 42.244503][ T6] usb 1-1: SerialNumber: syz [ 42.256183][ T6] usb 1-1: config 0 descriptor?? [ 42.274902][ T769] bridge0: port 2(bridge_slave_1) entered blocking state [ 42.281788][ T769] bridge0: port 2(bridge_slave_1) entered forwarding state [ 42.288947][ T769] bridge0: port 1(bridge_slave_0) entered blocking state [ 42.295777][ T769] bridge0: port 1(bridge_slave_0) entered forwarding state [ 42.393518][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 42.402337][ T26] bridge0: port 1(bridge_slave_0) entered disabled state [ 42.410438][ T26] bridge0: port 2(bridge_slave_1) entered disabled state [ 42.433484][ T618] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 42.445312][ T618] bridge0: port 1(bridge_slave_0) entered blocking state [ 42.452210][ T618] bridge0: port 1(bridge_slave_0) entered forwarding state [ 42.461727][ T618] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 42.470048][ T618] bridge0: port 2(bridge_slave_1) entered blocking state [ 42.476882][ T618] bridge0: port 2(bridge_slave_1) entered forwarding state [ 42.493336][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 42.502409][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 42.513317][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 42.517053][ T781] loop3: detected capacity change from 0 to 512 [ 42.521687][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 42.541072][ T764] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 42.549217][ T764] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 42.560279][ T618] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 42.567936][ T618] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 42.576374][ T618] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 42.583867][ T618] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 42.591586][ T781] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 42.604953][ T781] EXT4-fs (loop3): 1 truncate cleaned up [ 42.605071][ T769] device veth0_vlan entered promiscuous mode [ 42.616353][ T781] EXT4-fs (loop3): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000001,resuid=0x000000000000ee01,debug_want_extra_isize=0x0000000000000068,lazytime,nombcache,noload,,errors=continue. Quota mode: none. [ 42.622055][ T618] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 42.649796][ T6] usb 1-1: Found UVC 0.00 device syz (045e:0721) [ 42.656451][ T6] usb 1-1: No valid video chain found. [ 42.663450][ T6] usb 1-1: USB disconnect, device number 3 [ 42.688977][ T618] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 42.699355][ T769] device veth1_macvtap entered promiscuous mode [ 42.709806][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 42.717337][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 42.725669][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 42.735436][ T618] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 42.744055][ T618] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 42.871530][ T522] device bridge_slave_1 left promiscuous mode [ 42.963145][ T522] bridge0: port 2(bridge_slave_1) entered disabled state [ 42.970781][ T522] device bridge_slave_0 left promiscuous mode [ 42.977105][ T522] bridge0: port 1(bridge_slave_0) entered disabled state [ 42.985059][ T522] device veth1_macvtap left promiscuous mode [ 42.990960][ T522] device veth0_vlan left promiscuous mode [ 43.250271][ T786] loop2: detected capacity change from 0 to 40427 [ 43.288553][ T790] loop0: detected capacity change from 0 to 128 [ 43.330099][ T786] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 43.337820][ T786] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 43.384247][ T786] F2FS-fs (loop2): Found nat_bits in checkpoint [ 43.423305][ T786] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 43.430332][ T786] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 43.480662][ T309] usb 2-1: string descriptor 0 read error: -71 [ 43.492829][ T786] overlayfs: failed to resolve './file0': -2 [ 43.579456][ T309] usbhid 2-1:0.0: can't add hid device: -71 [ 43.585416][ T309] usbhid: probe of 2-1:0.0 failed with error -71 [ 43.600277][ T309] usb 2-1: USB disconnect, device number 4 [ 43.642742][ T800] loop3: detected capacity change from 0 to 512 [ 43.649445][ T764] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 43.710570][ T800] EXT4-fs (loop3): Ignoring removed orlov option [ 43.716807][ T800] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 43.738398][ T800] EXT4-fs (loop3): 1 truncate cleaned up [ 43.741279][ T808] syz.1.128[808] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 43.744016][ T808] syz.1.128[808] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 43.744014][ T800] EXT4-fs (loop3): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000002,resuid=0x000000000000ee01,orlov,lazytime,block_validity,quota,,errors=continue. Quota mode: writeback. [ 43.852757][ T788] loop4: detected capacity change from 0 to 131072 [ 43.887775][ T810] loop3: detected capacity change from 0 to 1024 [ 43.909403][ T764] usb 1-1: Using ep0 maxpacket: 16 [ 43.914904][ T788] F2FS-fs (loop4): QUOTA feature is enabled, so ignore qf_name [ 43.924549][ T810] EXT4-fs (loop3): Ignoring removed orlov option [ 43.931154][ T810] EXT4-fs (loop3): Ignoring removed bh option [ 43.937258][ T788] F2FS-fs (loop4): invalid crc value [ 43.945089][ T788] F2FS-fs (loop4): Disable nat_bits due to incorrect cp_ver (15359802341028777995, 275811881701387) [ 43.959341][ T39] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 43.968349][ T810] EXT4-fs (loop3): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,jqfmt=vfsv1,lazytime,max_dir_size_kb=0x00000000004007b1,orlov,grpquota,max_batch_time=0x0000000000000002,user_xattr,bh,mb_optimize_scan=0x0000000000000001,,errors=continue. Quota mode: writeback. [ 43.970289][ T788] F2FS-fs (loop4): Mounted with checkpoint version = 753bd00b [ 44.119456][ T764] usb 1-1: config 0 has an invalid interface number: 2 but max is 0 [ 44.130717][ T764] usb 1-1: config 0 has an invalid descriptor of length 48, skipping remainder of the config [ 44.140842][ T764] usb 1-1: config 0 has no interface number 0 [ 44.146813][ T764] usb 1-1: too many endpoints for config 0 interface 2 altsetting 8: 48, using maximum allowed: 30 [ 44.157384][ T764] usb 1-1: config 0 interface 2 altsetting 8 has 0 endpoint descriptors, different from the interface descriptor's value: 48 [ 44.170433][ T764] usb 1-1: config 0 interface 2 has no altsetting 0 [ 44.181644][ T818] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=818 comm=syz.4.125 [ 44.209331][ T39] usb 3-1: Using ep0 maxpacket: 32 [ 44.309404][ T764] usb 1-1: New USB device found, idVendor=0582, idProduct=0005, bcdDevice= 0.88 [ 44.323785][ T764] usb 1-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3 [ 44.331977][ T39] usb 3-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 44.344753][ T764] usb 1-1: Product: syz [ 44.354751][ T764] usb 1-1: SerialNumber: syz [ 44.355019][ T39] usb 3-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 44.368027][ T764] usb 1-1: config 0 descriptor?? [ 44.409462][ T39] usb 3-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 44.430200][ T39] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 44.509855][ T39] hub 3-1:4.0: USB hub found [ 44.690231][ T764] snd-usb-audio: probe of 1-1:0.2 failed with error -2 [ 44.709582][ T764] usb 1-1: USB disconnect, device number 4 [ 45.107630][ T827] loop4: detected capacity change from 0 to 131072 [ 45.163953][ T30] kauditd_printk_skb: 151 callbacks suppressed [ 45.163967][ T30] audit: type=1400 audit(1725251653.450:548): avc: denied { unmount } for pid=732 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1 [ 45.212936][ T827] F2FS-fs (loop4): QUOTA feature is enabled, so ignore qf_name [ 45.223979][ T827] F2FS-fs (loop4): invalid crc value [ 45.239528][ T827] F2FS-fs (loop4): Disable nat_bits due to incorrect cp_ver (15359802341028777995, 275811881701387) [ 45.268045][ T827] F2FS-fs (loop4): Mounted with checkpoint version = 753bd00b [ 45.669365][ T764] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 45.939369][ T764] usb 2-1: Using ep0 maxpacket: 16 [ 45.979398][ T309] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 46.084914][ T845] loop0: detected capacity change from 0 to 512 [ 46.159777][ T845] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 46.171073][ T845] EXT4-fs (loop0): 1 truncate cleaned up [ 46.176533][ T845] EXT4-fs (loop0): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000001,resuid=0x000000000000ee01,debug_want_extra_isize=0x0000000000000068,lazytime,nombcache,noload,,errors=continue. Quota mode: none. [ 46.219345][ T309] usb 5-1: Using ep0 maxpacket: 16 [ 46.249610][ T764] usb 2-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice=d8.08 [ 46.258607][ T764] usb 2-1: New USB device strings: Mfr=40, Product=98, SerialNumber=3 [ 46.266601][ T764] usb 2-1: Product: syz [ 46.270690][ T764] usb 2-1: Manufacturer: syz [ 46.275015][ T764] usb 2-1: SerialNumber: syz [ 46.280237][ T764] usb 2-1: config 0 descriptor?? [ 46.504787][ T764] ftdi_sio 2-1:0.0: FTDI USB Serial Device converter detected [ 46.512421][ T764] usb 2-1: Detected FT-X [ 46.539454][ T309] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 46.549456][ T764] ftdi_sio ttyUSB0: Unable to read latency timer: -5 [ 46.739625][ T309] usb 5-1: New USB device found, idVendor=045e, idProduct=0721, bcdDevice=90.c4 [ 46.748464][ T309] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 46.756689][ T309] usb 5-1: Product: syz [ 46.760915][ T309] usb 5-1: Manufacturer: syz [ 46.761390][ T829] syz.1.136 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 46.765320][ T309] usb 5-1: SerialNumber: syz [ 46.765967][ T309] usb 5-1: config 0 descriptor?? [ 46.789374][ T39] hub 3-1:4.0: config failed, can't read hub descriptor (err -22) [ 46.809543][ T764] ftdi_sio ttyUSB0: Unable to write latency timer: -71 [ 46.819911][ T39] usb 3-1: USB disconnect, device number 3 [ 46.830023][ T764] ftdi_sio 2-1:0.0: GPIO initialisation failed: -71 [ 46.837009][ T764] usb 2-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 46.845763][ T764] usb 2-1: USB disconnect, device number 5 [ 46.852018][ T764] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 46.861944][ T764] ftdi_sio 2-1:0.0: device disconnected [ 46.968110][ T853] loop0: detected capacity change from 0 to 512 [ 46.985018][ T853] EXT4-fs error (device loop0): ext4_find_inline_data_nolock:164: inode #12: comm syz.0.140: inline data xattr refers to an external xattr inode [ 47.000133][ T853] EXT4-fs error (device loop0): ext4_orphan_get:1402: comm syz.0.140: couldn't read orphan inode 12 (err -117) [ 47.011973][ T853] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 47.077366][ T851] loop3: detected capacity change from 0 to 40427 [ 47.099532][ T309] usb 5-1: Found UVC 0.00 device syz (045e:0721) [ 47.106152][ T309] usb 5-1: No valid video chain found. [ 47.110188][ T851] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 47.120928][ T30] audit: type=1400 audit(1725251655.410:549): avc: denied { remove_name } for pid=82 comm="syslogd" name="messages" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 47.124202][ T309] usb 5-1: USB disconnect, device number 3 [ 47.152611][ T851] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 47.158873][ T858] loop0: detected capacity change from 0 to 512 [ 47.161818][ T30] audit: type=1400 audit(1725251655.410:550): avc: denied { rename } for pid=82 comm="syslogd" name="messages" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 47.182470][ T851] F2FS-fs (loop3): Found nat_bits in checkpoint [ 47.188894][ T30] audit: type=1400 audit(1725251655.410:551): avc: denied { create } for pid=82 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 47.217353][ T858] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 47.223588][ T851] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 47.228662][ T858] EXT4-fs (loop0): 1 truncate cleaned up [ 47.234133][ T851] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 47.239475][ T858] EXT4-fs (loop0): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000001,resuid=0x000000000000ee01,debug_want_extra_isize=0x0000000000000068,lazytime,nombcache,noload,,errors=continue. Quota mode: none. [ 47.278373][ T851] overlayfs: failed to resolve './file0': -2 [ 47.340328][ T866] loop1: detected capacity change from 0 to 256 [ 47.723618][ T866] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010253, chksum : 0xa98551aa, utbl_chksum : 0xe619d30d) [ 48.531940][ T30] audit: type=1400 audit(1725251656.820:552): avc: denied { setopt } for pid=879 comm="syz.0.146" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 48.641648][ T888] loop0: detected capacity change from 0 to 1024 [ 48.748060][ T888] EXT4-fs (loop0): Ignoring removed orlov option [ 48.754496][ T888] EXT4-fs (loop0): Ignoring removed bh option [ 49.009615][ T888] EXT4-fs (loop0): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,jqfmt=vfsv1,lazytime,max_dir_size_kb=0x00000000004007b1,orlov,grpquota,max_batch_time=0x0000000000000002,user_xattr,bh,mb_optimize_scan=0x0000000000000001,,errors=continue. Quota mode: writeback. [ 49.293337][ T898] loop0: detected capacity change from 0 to 512 [ 49.341714][ T898] EXT4-fs error (device loop0): ext4_find_inline_data_nolock:164: inode #12: comm syz.0.151: inline data xattr refers to an external xattr inode [ 49.361564][ T898] EXT4-fs error (device loop0): ext4_orphan_get:1402: comm syz.0.151: couldn't read orphan inode 12 (err -117) [ 49.373387][ T898] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 49.491559][ T30] audit: type=1326 audit(1725251657.780:553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=904 comm="syz.0.154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd45f358eb9 code=0x7ffc0000 [ 49.518725][ T905] loop0: detected capacity change from 0 to 512 [ 49.533152][ T30] audit: type=1326 audit(1725251657.780:554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=904 comm="syz.0.154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd45f358eb9 code=0x7ffc0000 [ 49.579691][ T30] audit: type=1326 audit(1725251657.810:555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=904 comm="syz.0.154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7fd45f358eb9 code=0x7ffc0000 [ 49.593057][ T905] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 49.626454][ T905] EXT4-fs (loop0): 1 truncate cleaned up [ 49.632837][ T30] audit: type=1326 audit(1725251657.810:556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=904 comm="syz.0.154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd45f358eb9 code=0x7ffc0000 [ 49.660000][ T905] EXT4-fs (loop0): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000001,resuid=0x000000000000ee01,debug_want_extra_isize=0x0000000000000068,lazytime,nombcache,noload,,errors=continue. Quota mode: none. [ 49.680360][ T901] loop1: detected capacity change from 0 to 40427 [ 49.697246][ T30] audit: type=1326 audit(1725251657.810:557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=904 comm="syz.0.154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd45f358eb9 code=0x7ffc0000 [ 49.705227][ T882] loop3: detected capacity change from 0 to 131072 [ 49.759910][ T901] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 49.763375][ T882] F2FS-fs (loop3): QUOTA feature is enabled, so ignore qf_name [ 49.770348][ T901] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 49.789648][ T882] F2FS-fs (loop3): invalid crc value [ 49.796194][ T901] F2FS-fs (loop1): Found nat_bits in checkpoint [ 49.797748][ T882] F2FS-fs (loop3): Disable nat_bits due to incorrect cp_ver (15359802341028777995, 275811881701387) [ 50.070486][ T901] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 50.071723][ T918] binder: 916:918 unknown command 0 [ 50.082447][ T918] binder: 916:918 ioctl c0306201 20000080 returned -22 [ 50.084556][ T901] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 50.098744][ T882] F2FS-fs (loop3): Mounted with checkpoint version = 753bd00b [ 50.115209][ T901] overlayfs: failed to resolve './file0': -2 [ 50.203745][ T30] kauditd_printk_skb: 48 callbacks suppressed [ 50.203758][ T30] audit: type=1400 audit(1725251658.490:606): avc: denied { call } for pid=916 comm="syz.4.155" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1 [ 50.517944][ T30] audit: type=1326 audit(1725251658.640:607): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=904 comm="syz.0.154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd45f358eb9 code=0x7ffc0000 [ 50.541118][ T30] audit: type=1326 audit(1725251658.640:608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=904 comm="syz.0.154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd45f358eb9 code=0x7ffc0000 [ 50.888884][ T30] audit: type=1400 audit(1725251659.170:609): avc: denied { read } for pid=931 comm="syz.3.158" name="msr" dev="devtmpfs" ino=85 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1 [ 50.911235][ T30] audit: type=1400 audit(1725251659.170:610): avc: denied { open } for pid=931 comm="syz.3.158" path="/dev/cpu/0/msr" dev="devtmpfs" ino=85 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1 [ 50.948068][ T933] loop3: detected capacity change from 0 to 512 [ 51.045517][ T933] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 51.057728][ T933] EXT4-fs (loop3): orphan cleanup on readonly fs [ 51.066333][ T933] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3880: comm syz.3.158: Allocating blocks 41-42 which overlap fs metadata [ 51.080161][ T933] EXT4-fs (loop3): Remounting filesystem read-only [ 51.087446][ T933] Quota error (device loop3): write_blk: dquota write failed [ 51.096945][ T933] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota [ 51.107333][ T933] EXT4-fs error (device loop3): ext4_acquire_dquot:6187: comm syz.3.158: Failed to acquire dquot type 0 [ 51.130471][ T933] EXT4-fs (loop3): 1 truncate cleaned up [ 51.145378][ T942] loop4: detected capacity change from 0 to 128 [ 51.365444][ T30] audit: type=1400 audit(1725251659.650:611): avc: denied { write } for pid=937 comm="syz.4.160" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 51.414481][ T933] EXT4-fs (loop3): pa ffff88812ed24000: logic 1, phys. 41, len 23 [ 51.422795][ T933] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:4897: group 0, free 22, pa_free 23 [ 51.435582][ T933] EXT4-fs (loop3): mounted filesystem without journal. Opts: max_dir_size_kb=0x0000000000000005,noblock_validity,usrquota,resgid=0x0000000000000000,nogrpid,errors=remount-ro,noinit_itable,inode_readahead_blks=0x0000000000000001,resuid=0x00000000000000002. Quota mode: writeback. [ 51.463586][ T944] loop1: detected capacity change from 0 to 1024 [ 51.475929][ T946] loop0: detected capacity change from 0 to 512 [ 51.500170][ T944] EXT4-fs (loop1): Ignoring removed orlov option [ 51.506681][ T944] EXT4-fs (loop1): Ignoring removed bh option [ 51.530627][ T946] EXT4-fs error (device loop0): ext4_find_inline_data_nolock:164: inode #12: comm syz.0.162: inline data xattr refers to an external xattr inode [ 51.546639][ T946] EXT4-fs error (device loop0): ext4_orphan_get:1402: comm syz.0.162: couldn't read orphan inode 12 (err -117) [ 51.559635][ T946] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 51.582348][ T944] EXT4-fs (loop1): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,jqfmt=vfsv1,lazytime,max_dir_size_kb=0x00000000004007b1,orlov,grpquota,max_batch_time=0x0000000000000002,user_xattr,bh,mb_optimize_scan=0x0000000000000001,,errors=continue. Quota mode: writeback. [ 51.928795][ T30] audit: type=1326 audit(1725251660.210:612): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=962 comm="syz.1.168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fddc92e3eb9 code=0x7ffc0000 [ 51.971084][ T963] loop1: detected capacity change from 0 to 512 [ 51.987853][ T30] audit: type=1326 audit(1725251660.210:613): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=962 comm="syz.1.168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fddc92e3eb9 code=0x7ffc0000 [ 52.032440][ T963] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 52.060605][ T963] EXT4-fs (loop1): 1 truncate cleaned up [ 52.069418][ T963] EXT4-fs (loop1): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000001,resuid=0x000000000000ee01,debug_want_extra_isize=0x0000000000000068,lazytime,nombcache,noload,,errors=continue. Quota mode: none. [ 52.164343][ T961] loop0: detected capacity change from 0 to 40427 [ 52.194767][ T965] loop4: detected capacity change from 0 to 40427 [ 52.442367][ T961] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 52.464195][ T961] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 52.510136][ T961] F2FS-fs (loop0): Found nat_bits in checkpoint [ 52.586249][ T961] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 52.593309][ T961] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 52.622623][ T975] netlink: 8 bytes leftover after parsing attributes in process `syz.4.166'. [ 52.631270][ T975] netlink: 16 bytes leftover after parsing attributes in process `syz.4.166'. [ 52.642163][ T975] x_tables: duplicate underflow at hook 3 [ 52.758623][ T732] F2FS-fs (loop0): invalid namelen(0), ino:0, run fsck to fix. [ 52.758646][ T732] F2FS-fs (loop0): invalid namelen(0), ino:0, run fsck to fix. [ 52.769835][ T732] F2FS-fs (loop0): invalid namelen(0), ino:0, run fsck to fix. [ 52.777325][ T732] F2FS-fs (loop0): invalid namelen(0), ino:0, run fsck to fix. [ 52.785015][ T732] F2FS-fs (loop0): invalid namelen(0), ino:0, run fsck to fix. [ 52.792575][ T732] F2FS-fs (loop0): invalid namelen(0), ino:0, run fsck to fix. [ 52.801516][ T732] F2FS-fs (loop0): invalid namelen(0), ino:0, run fsck to fix. [ 53.078707][ T971] loop3: detected capacity change from 0 to 131072 [ 53.179826][ T971] F2FS-fs (loop3): QUOTA feature is enabled, so ignore qf_name [ 53.188359][ T971] F2FS-fs (loop3): invalid crc value [ 53.195054][ T971] F2FS-fs (loop3): Disable nat_bits due to incorrect cp_ver (15359802341028777995, 275811881701387) [ 53.216524][ T986] APIC base relocation is unsupported by KVM [ 53.234191][ T971] F2FS-fs (loop3): Mounted with checkpoint version = 753bd00b [ 53.499425][ T26] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 53.643512][ T1000] loop3: detected capacity change from 0 to 512 [ 53.707519][ T1000] EXT4-fs error (device loop3): ext4_find_inline_data_nolock:164: inode #12: comm syz.3.175: inline data xattr refers to an external xattr inode [ 53.722526][ T1000] EXT4-fs error (device loop3): ext4_orphan_get:1402: comm syz.3.175: couldn't read orphan inode 12 (err -117) [ 53.739389][ T26] usb 1-1: Using ep0 maxpacket: 8 [ 53.752340][ T1005] loop1: detected capacity change from 0 to 1024 [ 53.758564][ T1000] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 53.800089][ T1005] EXT4-fs (loop1): Ignoring removed orlov option [ 53.807373][ T1005] EXT4-fs (loop1): Ignoring removed bh option [ 53.821165][ T1005] EXT4-fs (loop1): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,jqfmt=vfsv1,lazytime,max_dir_size_kb=0x00000000004007b1,orlov,grpquota,max_batch_time=0x0000000000000002,user_xattr,bh,mb_optimize_scan=0x0000000000000001,,errors=continue. Quota mode: writeback. [ 53.860838][ T1006] bridge0: port 1(bridge_slave_0) entered blocking state [ 53.868083][ T1006] bridge0: port 1(bridge_slave_0) entered disabled state [ 53.875763][ T1006] device bridge_slave_0 entered promiscuous mode [ 53.882962][ T1006] bridge0: port 2(bridge_slave_1) entered blocking state [ 53.890257][ T1006] bridge0: port 2(bridge_slave_1) entered disabled state [ 53.897703][ T1006] device bridge_slave_1 entered promiscuous mode [ 53.899221][ T26] usb 1-1: config 179 has an invalid interface number: 65 but max is 0 [ 53.912151][ T26] usb 1-1: config 179 has no interface number 0 [ 53.918417][ T26] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 53.929420][ T26] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1029, setting to 1024 [ 53.940515][ T26] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 255, changing to 11 [ 53.951777][ T26] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 59391, setting to 1024 [ 53.962978][ T26] usb 1-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 53.986987][ T26] usb 1-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00 [ 53.997443][ T26] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 54.159416][ T995] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 54.166405][ T995] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 54.182488][ T1020] FAULT_INJECTION: forcing a failure. [ 54.182488][ T1020] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 54.197958][ T26] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:179.65/input/input4 [ 54.210792][ T1020] CPU: 0 PID: 1020 Comm: syz.1.180 Not tainted 5.15.156-syzkaller-00821-g29d153aabd54 #0 [ 54.220596][ T1020] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 54.230659][ T1020] Call Trace: [ 54.234014][ T1020] [ 54.236781][ T1020] dump_stack_lvl+0x151/0x1c0 [ 54.241325][ T1020] ? io_uring_drop_tctx_refs+0x190/0x190 [ 54.246763][ T1020] ? bpf_trace_run3+0x123/0x250 [ 54.251534][ T1020] dump_stack+0x15/0x20 [ 54.255523][ T1020] should_fail+0x3c6/0x510 [ 54.260210][ T1020] should_fail_usercopy+0x1a/0x20 [ 54.265078][ T1020] _copy_to_user+0x20/0x90 [ 54.269327][ T1020] simple_read_from_buffer+0xc7/0x150 [ 54.274720][ T1020] proc_fail_nth_read+0x1a3/0x210 [ 54.279580][ T1020] ? proc_fault_inject_write+0x390/0x390 [ 54.285042][ T1020] ? fsnotify_perm+0x470/0x5d0 [ 54.289644][ T1020] ? security_file_permission+0x86/0xb0 [ 54.295037][ T1020] ? proc_fault_inject_write+0x390/0x390 [ 54.300674][ T1020] vfs_read+0x27d/0xd40 [ 54.304656][ T1020] ? kernel_read+0x1f0/0x1f0 [ 54.309094][ T1020] ? __kasan_check_write+0x14/0x20 [ 54.314039][ T1020] ? mutex_lock+0xb6/0x1e0 [ 54.318284][ T1020] ? wait_for_completion_killable_timeout+0x10/0x10 [ 54.325142][ T1020] ? __fdget_pos+0x2e7/0x3a0 [ 54.329572][ T1020] ? ksys_read+0x77/0x2c0 [ 54.333734][ T1020] ksys_read+0x199/0x2c0 [ 54.337814][ T1020] ? vfs_write+0x1110/0x1110 [ 54.342242][ T1020] ? debug_smp_processor_id+0x17/0x20 [ 54.347445][ T1020] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 54.353352][ T1020] __x64_sys_read+0x7b/0x90 [ 54.357690][ T1020] x64_sys_call+0x28/0x9a0 [ 54.361943][ T1020] do_syscall_64+0x3b/0xb0 [ 54.366203][ T1020] ? clear_bhb_loop+0x35/0x90 [ 54.370709][ T1020] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 54.376438][ T1020] RIP: 0033:0x7fddc92e28fc [ 54.380694][ T1020] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48 [ 54.400136][ T1020] RSP: 002b:00007fddc7f61030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 54.408469][ T1020] RAX: ffffffffffffffda RBX: 00007fddc947ff80 RCX: 00007fddc92e28fc [ 54.416277][ T1020] RDX: 000000000000000f RSI: 00007fddc7f610a0 RDI: 0000000000000006 [ 54.424093][ T1020] RBP: 00007fddc7f61090 R08: 0000000000000000 R09: 0000000000000000 [ 54.431987][ T1020] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 54.439797][ T1020] R13: 0000000000000000 R14: 00007fddc947ff80 R15: 00007ffd624080b8 [ 54.447615][ T1020] [ 54.468799][ T1024] loop4: detected capacity change from 0 to 512 [ 54.513786][ T1024] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 54.528012][ T1024] EXT4-fs (loop4): 1 truncate cleaned up [ 54.530536][ T1006] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.533872][ T1024] EXT4-fs (loop4): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000001,resuid=0x000000000000ee01,debug_want_extra_isize=0x0000000000000068,lazytime,nombcache,noload,,errors=continue. Quota mode: none. [ 54.540470][ T1006] bridge0: port 2(bridge_slave_1) entered forwarding state [ 54.540575][ T1006] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.575881][ T1006] bridge0: port 1(bridge_slave_0) entered forwarding state [ 55.086664][ T26] bridge0: port 1(bridge_slave_0) entered disabled state [ 55.097037][ T26] bridge0: port 2(bridge_slave_1) entered disabled state [ 55.124122][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 55.131794][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 55.146527][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 55.154790][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 55.163095][ T39] bridge0: port 1(bridge_slave_0) entered blocking state [ 55.169959][ T39] bridge0: port 1(bridge_slave_0) entered forwarding state [ 55.178164][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 55.186445][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 55.195108][ T39] bridge0: port 2(bridge_slave_1) entered blocking state [ 55.201987][ T39] bridge0: port 2(bridge_slave_1) entered forwarding state [ 55.218554][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 55.226715][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 55.229318][ T309] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 55.235082][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 55.250511][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 55.264617][ T1033] loop3: detected capacity change from 0 to 40427 [ 55.264646][ T582] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 55.279064][ T1033] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 55.281965][ T582] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 55.286932][ T1033] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 55.302672][ T30] kauditd_printk_skb: 97 callbacks suppressed [ 55.302687][ T30] audit: type=1326 audit(1725251663.590:711): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1023 comm="syz.4.182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f880062ceb9 code=0x7ffc0000 [ 55.333141][ T30] audit: type=1326 audit(1725251663.590:712): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1023 comm="syz.4.182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f880062ceb9 code=0x7ffc0000 [ 55.359550][ T1006] device veth0_vlan entered promiscuous mode [ 55.359966][ T1033] F2FS-fs (loop3): Found nat_bits in checkpoint [ 55.369704][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 55.380231][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 55.388093][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 55.395783][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 55.408738][ T1006] device veth1_macvtap entered promiscuous mode [ 55.410940][ T1033] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 55.418766][ T582] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 55.429984][ T582] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 55.437979][ T582] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 55.439057][ T1033] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 55.460261][ T873] device bridge_slave_1 left promiscuous mode [ 55.466829][ T873] bridge0: port 2(bridge_slave_1) entered disabled state [ 55.474799][ T873] device bridge_slave_0 left promiscuous mode [ 55.481265][ T873] bridge0: port 1(bridge_slave_0) entered disabled state [ 55.489756][ T873] device veth1_macvtap left promiscuous mode [ 55.495632][ T873] device veth0_vlan left promiscuous mode [ 55.509332][ T309] usb 2-1: Using ep0 maxpacket: 16 [ 55.528013][ T699] F2FS-fs (loop3): invalid namelen(0), ino:0, run fsck to fix. [ 55.528036][ T699] F2FS-fs (loop3): invalid namelen(0), ino:0, run fsck to fix. [ 55.540468][ T699] F2FS-fs (loop3): invalid namelen(0), ino:0, run fsck to fix. [ 55.627764][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 55.639371][ T309] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 55.643570][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 55.661460][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 55.670312][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 55.703812][ T1048] cgroup: none used incorrectly [ 55.709132][ T30] audit: type=1400 audit(1725251663.990:713): avc: denied { bind } for pid=1047 comm="syz.2.188" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 55.718809][ T1048] loop2: detected capacity change from 0 to 2048 [ 55.735138][ T30] audit: type=1400 audit(1725251663.990:714): avc: denied { listen } for pid=1047 comm="syz.2.188" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 55.780856][ T1050] loop3: detected capacity change from 0 to 512 [ 55.827512][ T1048] EXT4-fs (loop2): mounted filesystem without journal. Opts: commit=0x0000000000000005,,errors=continue. Quota mode: none. [ 55.840660][ T1050] EXT4-fs error (device loop3): ext4_find_inline_data_nolock:164: inode #12: comm syz.3.187: inline data xattr refers to an external xattr inode [ 55.856792][ T1050] EXT4-fs error (device loop3): ext4_orphan_get:1402: comm syz.3.187: couldn't read orphan inode 12 (err -117) [ 55.870573][ T1050] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 55.889450][ T309] usb 2-1: New USB device found, idVendor=045e, idProduct=0721, bcdDevice=90.c4 [ 55.901437][ T309] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 55.909918][ T309] usb 2-1: Product: syz [ 55.914207][ T309] usb 2-1: Manufacturer: syz [ 55.918635][ T309] usb 2-1: SerialNumber: syz [ 55.930628][ T309] usb 2-1: config 0 descriptor?? [ 55.992537][ T1058] loop3: detected capacity change from 0 to 1024 [ 56.070766][ T1058] EXT4-fs (loop3): Ignoring removed orlov option [ 56.076957][ T1058] EXT4-fs (loop3): Ignoring removed bh option [ 56.130161][ T1058] EXT4-fs (loop3): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,jqfmt=vfsv1,lazytime,max_dir_size_kb=0x00000000004007b1,orlov,grpquota,max_batch_time=0x0000000000000002,user_xattr,bh,mb_optimize_scan=0x0000000000000001,,errors=continue. Quota mode: writeback. [ 56.154107][ T1056] loop2: detected capacity change from 0 to 40427 [ 56.190658][ T1056] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 56.198260][ T1056] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 56.207533][ T1044] loop4: detected capacity change from 0 to 131072 [ 56.210236][ T1056] F2FS-fs (loop2): invalid crc value [ 56.221228][ T1056] F2FS-fs (loop2): Found nat_bits in checkpoint [ 56.247513][ T1056] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 56.254771][ T1056] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 56.262407][ T309] usb 2-1: Found UVC 0.00 device syz (045e:0721) [ 56.274228][ T26] usb 1-1: USB disconnect, device number 5 [ 56.280262][ T309] usb 2-1: No valid video chain found. [ 56.289375][ T26] xpad 1-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 [ 56.302424][ T309] usb 2-1: USB disconnect, device number 6 [ 56.333956][ T1044] F2FS-fs (loop4): QUOTA feature is enabled, so ignore qf_name [ 56.350462][ T1044] F2FS-fs (loop4): invalid crc value [ 56.398382][ T1044] F2FS-fs (loop4): Disable nat_bits due to incorrect cp_ver (15359802341028777995, 275811881701387) [ 56.720808][ T1044] F2FS-fs (loop4): Mounted with checkpoint version = 753bd00b [ 57.131009][ T764] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 57.294458][ T30] audit: type=1326 audit(1725251665.580:715): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1089 comm="syz.4.195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f880062ceb9 code=0x7ffc0000 [ 57.298011][ T1090] loop4: detected capacity change from 0 to 512 [ 57.326950][ T30] audit: type=1326 audit(1725251665.580:716): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1089 comm="syz.4.195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f880062ceb9 code=0x7ffc0000 [ 57.350347][ T30] audit: type=1326 audit(1725251665.580:717): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1089 comm="syz.4.195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7f880062ceb9 code=0x7ffc0000 [ 57.353227][ T1090] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 57.373689][ T30] audit: type=1326 audit(1725251665.580:718): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1089 comm="syz.4.195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f880062ceb9 code=0x7ffc0000 [ 57.383156][ T6] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 57.406251][ T30] audit: type=1326 audit(1725251665.580:719): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1089 comm="syz.4.195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f880062ceb9 code=0x7ffc0000 [ 57.415731][ T1090] EXT4-fs (loop4): 1 truncate cleaned up [ 57.436584][ T30] audit: type=1326 audit(1725251665.580:720): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1089 comm="syz.4.195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f880062cef3 code=0x7ffc0000 [ 57.442318][ T1090] EXT4-fs (loop4): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000001,resuid=0x000000000000ee01,debug_want_extra_isize=0x0000000000000068,lazytime,nombcache,noload,,errors=continue. Quota mode: none. [ 57.486310][ T764] usb 4-1: Using ep0 maxpacket: 32 [ 57.527004][ T39] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 57.559452][ T309] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 57.819397][ T39] usb 1-1: Using ep0 maxpacket: 16 [ 57.859393][ T6] usb 3-1: device descriptor read/64, error -71 [ 57.939420][ T39] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 57.950284][ T39] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 57.959423][ T764] usb 4-1: New USB device found, idVendor=1557, idProduct=8150, bcdDevice=29.ed [ 57.960198][ T39] usb 1-1: New USB device found, idVendor=1b96, idProduct=0008, bcdDevice= 0.00 [ 57.968968][ T764] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 57.977968][ T39] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 57.985638][ T764] usb 4-1: Product: syz [ 57.996254][ T39] usb 1-1: config 0 descriptor?? [ 57.997516][ T764] usb 4-1: Manufacturer: syz [ 58.006679][ T764] usb 4-1: SerialNumber: syz [ 58.011725][ T764] usb 4-1: config 0 descriptor?? [ 58.129466][ T309] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 58.140541][ T309] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 58.150399][ T309] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 58.163649][ T309] usb 2-1: New USB device found, idVendor=046d, idProduct=c293, bcdDevice= 0.00 [ 58.172972][ T309] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 58.184559][ T309] usb 2-1: config 0 descriptor?? [ 58.259342][ T6] usb 3-1: device descriptor read/64, error -71 [ 58.326437][ T1097] loop4: detected capacity change from 0 to 40427 [ 58.419664][ T1097] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 58.427330][ T1097] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 58.437748][ T1097] F2FS-fs (loop4): Found nat_bits in checkpoint [ 58.460025][ T1097] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 58.466957][ T1097] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 58.480410][ T39] ntrig 0003:1B96:0008.0001: unknown main item tag 0x0 [ 58.490260][ T39] ntrig 0003:1B96:0008.0001: bogus close delimiter [ 58.496687][ T39] ntrig 0003:1B96:0008.0001: item 0 0 2 10 parsing failed [ 58.501134][ T291] f2fs_fill_dentries: 4 callbacks suppressed [ 58.501196][ T291] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix. [ 58.504157][ T39] ntrig 0003:1B96:0008.0001: parse failed [ 58.509737][ T291] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix. [ 58.517216][ T39] ntrig: probe of 0003:1B96:0008.0001 failed with error -22 [ 58.522453][ T291] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix. [ 58.536948][ T291] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix. [ 58.544243][ T6] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 58.559239][ T291] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix. [ 58.559254][ T291] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix. [ 58.566900][ T291] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix. [ 58.694592][ T1105] loop4: detected capacity change from 0 to 512 [ 58.708163][ T764] (unnamed net_device) (uninitialized): Assigned a random MAC address: 6e:49:cd:e0:07:7f [ 58.718234][ T39] usb 1-1: USB disconnect, device number 6 [ 58.722601][ T764] rtl8150 4-1:0.0: eth1: rtl8150 is detected [ 58.740290][ T764] usb 4-1: USB disconnect, device number 7 [ 58.746315][ T1105] EXT4-fs error (device loop4): ext4_find_inline_data_nolock:164: inode #12: comm syz.4.199: inline data xattr refers to an external xattr inode [ 58.761082][ T1105] EXT4-fs error (device loop4): ext4_orphan_get:1402: comm syz.4.199: couldn't read orphan inode 12 (err -117) [ 58.777209][ T1105] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 58.829402][ T6] usb 3-1: device descriptor read/64, error -71 [ 58.875444][ T1120] loop4: detected capacity change from 0 to 1024 [ 58.940301][ T1120] EXT4-fs (loop4): Ignoring removed nobh option [ 58.950117][ T1120] EXT4-fs (loop4): Mount option "journal_async_commit" incompatible with ext2 [ 59.161997][ T1140] loop2: detected capacity change from 0 to 1024 [ 59.212416][ T1140] EXT4-fs (loop2): Ignoring removed orlov option [ 59.218995][ T1140] EXT4-fs (loop2): Ignoring removed bh option [ 59.414899][ T1145] loop0: detected capacity change from 0 to 128 [ 59.422371][ T1140] EXT4-fs (loop2): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,jqfmt=vfsv1,lazytime,max_dir_size_kb=0x00000000004007b1,orlov,grpquota,max_batch_time=0x0000000000000002,user_xattr,bh,mb_optimize_scan=0x0000000000000001,,errors=continue. Quota mode: writeback. [ 60.579337][ T30] kauditd_printk_skb: 49 callbacks suppressed [ 60.579370][ T30] audit: type=1400 audit(1725251668.860:770): avc: denied { read write } for pid=291 comm="syz-executor" name="loop4" dev="devtmpfs" ino=116 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 60.652376][ T30] audit: type=1400 audit(1725251668.860:771): avc: denied { open } for pid=291 comm="syz-executor" path="/dev/loop4" dev="devtmpfs" ino=116 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 60.711838][ T30] audit: type=1400 audit(1725251668.860:772): avc: denied { ioctl } for pid=291 comm="syz-executor" path="/dev/loop4" dev="devtmpfs" ino=116 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 60.741484][ T309] usbhid 2-1:0.0: can't add hid device: -71 [ 60.747342][ T309] usbhid: probe of 2-1:0.0 failed with error -71 [ 60.767943][ T1171] loop2: detected capacity change from 0 to 512 [ 60.777829][ T309] usb 2-1: USB disconnect, device number 7 [ 60.797983][ T30] audit: type=1400 audit(1725251668.870:773): avc: denied { map_create } for pid=1162 comm="syz.0.206" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 60.817156][ T30] audit: type=1400 audit(1725251668.870:774): avc: denied { bpf } for pid=1162 comm="syz.0.206" capability=39 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 60.936843][ T1176] FAULT_INJECTION: forcing a failure. [ 60.936843][ T1176] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 60.949921][ T1176] CPU: 1 PID: 1176 Comm: syz.3.207 Not tainted 5.15.156-syzkaller-00821-g29d153aabd54 #0 [ 60.960063][ T1176] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 60.969965][ T1176] Call Trace: [ 60.973253][ T1176] [ 60.976043][ T1176] dump_stack_lvl+0x151/0x1c0 [ 60.980635][ T1176] ? io_uring_drop_tctx_refs+0x190/0x190 [ 60.986189][ T1176] ? __wake_up_klogd+0xd5/0x110 [ 60.990967][ T1176] dump_stack+0x15/0x20 [ 60.994960][ T1176] should_fail+0x3c6/0x510 [ 60.999215][ T1176] should_fail_usercopy+0x1a/0x20 [ 61.004152][ T1176] _copy_from_user+0x20/0xd0 [ 61.008586][ T1176] __copy_msghdr_from_user+0xaf/0x7c0 [ 61.013791][ T1176] ? __ia32_sys_shutdown+0x70/0x70 [ 61.018748][ T1176] ___sys_sendmsg+0x166/0x2e0 [ 61.023258][ T1176] ? __sys_sendmsg+0x260/0x260 [ 61.027861][ T1176] ? __fdget+0x1bc/0x240 [ 61.031941][ T1176] __se_sys_sendmsg+0x19a/0x260 [ 61.036614][ T1176] ? __x64_sys_sendmsg+0x90/0x90 [ 61.041399][ T1176] ? __kasan_check_read+0x11/0x20 [ 61.046260][ T1176] __x64_sys_sendmsg+0x7b/0x90 [ 61.050944][ T1176] x64_sys_call+0x16a/0x9a0 [ 61.055364][ T1176] do_syscall_64+0x3b/0xb0 [ 61.059615][ T1176] ? clear_bhb_loop+0x35/0x90 [ 61.064126][ T1176] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 61.069862][ T1176] RIP: 0033:0x7ff115696eb9 [ 61.074978][ T1176] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 61.094420][ T1176] RSP: 002b:00007ff1142d2038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 61.103369][ T1176] RAX: ffffffffffffffda RBX: 00007ff115833130 RCX: 00007ff115696eb9 [ 61.111175][ T1176] RDX: 0000000000000000 RSI: 0000000020001500 RDI: 0000000000000009 [ 61.118983][ T1176] RBP: 00007ff1142d2090 R08: 0000000000000000 R09: 0000000000000000 [ 61.126806][ T1176] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 61.134621][ T1176] R13: 0000000000000000 R14: 00007ff115833130 R15: 00007fff3df9d048 [ 61.142590][ T1176] [ 61.154685][ T1171] EXT4-fs error (device loop2): ext4_find_inline_data_nolock:164: inode #12: comm syz.2.211: inline data xattr refers to an external xattr inode [ 61.210084][ T30] audit: type=1400 audit(1725251668.870:775): avc: denied { map_read map_write } for pid=1162 comm="syz.0.206" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 61.231732][ T1171] EXT4-fs error (device loop2): ext4_orphan_get:1402: comm syz.2.211: couldn't read orphan inode 12 (err -117) [ 61.279108][ T30] audit: type=1400 audit(1725251668.870:776): avc: denied { prog_load } for pid=1162 comm="syz.0.206" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 61.307676][ T30] audit: type=1400 audit(1725251668.870:777): avc: denied { create } for pid=1162 comm="syz.0.206" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 61.319371][ T1171] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 61.327013][ T30] audit: type=1400 audit(1725251668.900:778): avc: denied { append } for pid=82 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=6 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 61.359829][ T30] audit: type=1400 audit(1725251668.950:779): avc: denied { execmem } for pid=1162 comm="syz.0.206" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 61.413695][ T1169] loop1: detected capacity change from 0 to 40427 [ 61.480467][ T1183] loop2: detected capacity change from 0 to 512 [ 61.499547][ T1169] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 61.507174][ T1169] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 61.518387][ T1169] F2FS-fs (loop1): Found nat_bits in checkpoint [ 61.531818][ T1183] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended [ 61.550429][ T1183] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem [ 61.813344][ T1169] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 61.820352][ T1169] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 61.830252][ T1183] EXT4-fs (loop2): warning: checktime reached, running e2fsck is recommended [ 61.839700][ T1183] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002] [ 61.847592][ T1183] System zones: 0-2, 18-18, 34-34 [ 61.853474][ T1183] EXT4-fs warning (device loop2): ext4_update_dynamic_rev:1053: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 61.868872][ T1183] EXT4-fs (loop2): 1 truncate cleaned up [ 61.872560][ T289] F2FS-fs (loop1): invalid namelen(0), ino:0, run fsck to fix. [ 61.874497][ T1183] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 61.892611][ T289] F2FS-fs (loop1): invalid namelen(0), ino:0, run fsck to fix. [ 61.892632][ T289] F2FS-fs (loop1): invalid namelen(0), ino:0, run fsck to fix. [ 61.959360][ T309] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 62.914700][ T309] usb 1-1: Using ep0 maxpacket: 32 [ 62.960837][ T1207] loop3: detected capacity change from 0 to 512 [ 62.990086][ T1208] EXT4-fs error (device loop2): ext4_find_dest_de:2112: inode #2: block 3: comm syz.2.212: bad entry in directory: inode out of bounds - offset=0, inode=63, rec_len=12, size=4096 fake=1 [ 63.219614][ T309] usb 1-1: New USB device found, idVendor=1557, idProduct=8150, bcdDevice=29.ed [ 63.233537][ T309] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 63.242473][ T309] usb 1-1: Product: syz [ 63.246541][ T309] usb 1-1: Manufacturer: syz [ 63.251992][ T309] usb 1-1: SerialNumber: syz [ 63.292279][ T309] usb 1-1: config 0 descriptor?? [ 63.419336][ T60] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 63.799426][ T60] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 63.828547][ T60] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 63.839460][ T60] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 63.852627][ T60] usb 5-1: New USB device found, idVendor=046d, idProduct=c293, bcdDevice= 0.00 [ 63.861739][ T60] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 63.870401][ T60] usb 5-1: config 0 descriptor?? [ 64.037418][ T1224] loop3: detected capacity change from 0 to 128 [ 64.156906][ T309] (unnamed net_device) (uninitialized): Assigned a random MAC address: 32:8e:0a:45:c7:34 [ 64.174826][ T309] rtl8150 1-1:0.0: eth1: rtl8150 is detected [ 64.182621][ T309] usb 1-1: USB disconnect, device number 7 [ 65.050572][ T1278] loop3: detected capacity change from 0 to 1024 [ 65.245302][ T1278] EXT4-fs (loop3): Ignoring removed nobh option [ 65.257426][ T1278] EXT4-fs (loop3): Mount option "journal_async_commit" incompatible with ext2 [ 65.507592][ T1287] FAULT_INJECTION: forcing a failure. [ 65.507592][ T1287] name failslab, interval 1, probability 0, space 0, times 0 [ 65.520354][ T1287] CPU: 1 PID: 1287 Comm: syz.0.232 Not tainted 5.15.156-syzkaller-00821-g29d153aabd54 #0 [ 65.529980][ T1287] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 65.539958][ T1287] Call Trace: [ 65.543080][ T1287] [ 65.546207][ T1287] dump_stack_lvl+0x151/0x1c0 [ 65.550720][ T1287] ? io_uring_drop_tctx_refs+0x190/0x190 [ 65.556490][ T1287] dump_stack+0x15/0x20 [ 65.560441][ T1287] should_fail+0x3c6/0x510 [ 65.564690][ T1287] __should_failslab+0xa4/0xe0 [ 65.569289][ T1287] should_failslab+0x9/0x20 [ 65.573629][ T1287] slab_pre_alloc_hook+0x37/0xd0 [ 65.578489][ T1287] ? netlink_sendmsg+0x797/0xd20 [ 65.583261][ T1287] __kmalloc_track_caller+0x6c/0x260 [ 65.588385][ T1287] ? netlink_sendmsg+0x797/0xd20 [ 65.593155][ T1287] ? netlink_sendmsg+0x797/0xd20 [ 65.597930][ T1287] __alloc_skb+0x10c/0x550 [ 65.602187][ T1287] netlink_sendmsg+0x797/0xd20 [ 65.606872][ T1287] ? netlink_getsockopt+0x560/0x560 [ 65.611910][ T1287] ? security_socket_sendmsg+0x82/0xb0 [ 65.617312][ T1287] ? netlink_getsockopt+0x560/0x560 [ 65.622323][ T1287] sock_write_iter+0x39b/0x530 [ 65.626929][ T1287] ? __kasan_check_read+0x11/0x20 [ 65.631793][ T1287] ? sock_read_iter+0x480/0x480 [ 65.636464][ T1287] ? irqentry_exit+0x30/0x40 [ 65.640895][ T1287] ? iov_iter_init+0x53/0x190 [ 65.645406][ T1287] vfs_write+0xd5d/0x1110 [ 65.649583][ T1287] ? file_end_write+0x1c0/0x1c0 [ 65.654261][ T1287] ? __fdget_pos+0x209/0x3a0 [ 65.658687][ T1287] ? ksys_write+0x77/0x2c0 [ 65.663026][ T1287] ksys_write+0x199/0x2c0 [ 65.667193][ T1287] ? __kasan_check_write+0x14/0x20 [ 65.672141][ T1287] ? __ia32_sys_read+0x90/0x90 [ 65.676826][ T1287] ? __kasan_check_read+0x11/0x20 [ 65.681985][ T1287] __x64_sys_write+0x7b/0x90 [ 65.686418][ T1287] x64_sys_call+0x2f/0x9a0 [ 65.690666][ T1287] do_syscall_64+0x3b/0xb0 [ 65.694917][ T1287] ? clear_bhb_loop+0x35/0x90 [ 65.699435][ T1287] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 65.705164][ T1287] RIP: 0033:0x7fd45f358eb9 [ 65.709413][ T1287] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 65.728853][ T1287] RSP: 002b:00007fd45dfb5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 65.737099][ T1287] RAX: ffffffffffffffda RBX: 00007fd45f4f5058 RCX: 00007fd45f358eb9 [ 65.745036][ T1287] RDX: 00000000000000fc RSI: 00000000200002c0 RDI: 0000000000000008 [ 65.752848][ T1287] RBP: 00007fd45dfb5090 R08: 0000000000000000 R09: 0000000000000000 [ 65.760660][ T1287] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 65.768475][ T1287] R13: 0000000000000000 R14: 00007fd45f4f5058 R15: 00007fff75f541b8 [ 65.776299][ T1287] [ 65.782513][ T30] kauditd_printk_skb: 93 callbacks suppressed [ 65.782528][ T30] audit: type=1326 audit(1725251674.070:873): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1277 comm="syz.3.230" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff115696eb9 code=0x7ffc0000 [ 65.822454][ T30] audit: type=1326 audit(1725251674.100:874): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1277 comm="syz.3.230" exe="/root/syz-executor" sig=0 arch=c000003e syscall=272 compat=0 ip=0x7ff115696eb9 code=0x7ffc0000 [ 65.848326][ T30] audit: type=1326 audit(1725251674.120:875): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1277 comm="syz.3.230" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff115696eb9 code=0x7ffc0000 [ 65.884830][ T30] audit: type=1326 audit(1725251674.120:876): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1277 comm="syz.3.230" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff115696eb9 code=0x7ffc0000 [ 65.890057][ T1290] loop1: detected capacity change from 0 to 1024 [ 65.915227][ T30] audit: type=1400 audit(1725251674.170:877): avc: denied { execute } for pid=1289 comm="syz.1.233" path="/49/cpuacct.usage_sys" dev="tmpfs" ino=297 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 65.938882][ T30] audit: type=1326 audit(1725251674.170:878): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1277 comm="syz.3.230" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff115696eb9 code=0x7ffc0000 [ 65.962636][ T30] audit: type=1326 audit(1725251674.170:879): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1277 comm="syz.3.230" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff115696eb9 code=0x7ffc0000 [ 65.986025][ T30] audit: type=1326 audit(1725251674.170:880): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1277 comm="syz.3.230" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff115696eb9 code=0x7ffc0000 [ 66.009217][ T30] audit: type=1326 audit(1725251674.170:881): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1277 comm="syz.3.230" exe="/root/syz-executor" sig=0 arch=c000003e syscall=83 compat=0 ip=0x7ff115696eb9 code=0x7ffc0000 [ 66.038894][ T30] audit: type=1326 audit(1725251674.170:882): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1277 comm="syz.3.230" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff115696eb9 code=0x7ffc0000 [ 66.082872][ T1290] EXT4-fs (loop1): Test dummy encryption mode enabled [ 66.091887][ T1290] EXT4-fs (loop1): Ignoring removed orlov option [ 66.099645][ T1290] EXT4-fs (loop1): Journaled quota options ignored when QUOTA feature is enabled [ 66.126094][ T1290] EXT4-fs (loop1): mounted filesystem without journal. Opts: test_dummy_encryption,debug_want_extra_isize=0x0000000000000084,stripe=0x0000000000000009,commit=0x0000000000000005,orlov,barrier=0x0000000000000005,grpjquota=./bus,data_err=abort,,errors=continue. Quota mode: writeback. [ 66.139373][ T60] usbhid 5-1:0.0: can't add hid device: -71 [ 66.158953][ T60] usbhid: probe of 5-1:0.0 failed with error -71 [ 66.159042][ T1299] loop3: detected capacity change from 0 to 512 [ 66.169761][ T60] usb 5-1: USB disconnect, device number 4 [ 66.190964][ T1299] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 66.228233][ T1299] EXT4-fs (loop3): 1 truncate cleaned up [ 66.233817][ T1299] EXT4-fs (loop3): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000001,resuid=0x000000000000ee01,debug_want_extra_isize=0x0000000000000068,lazytime,nombcache,noload,,errors=continue. Quota mode: none. [ 67.572651][ T1315] loop3: detected capacity change from 0 to 128 [ 67.804760][ T60] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 68.069379][ T60] usb 5-1: Using ep0 maxpacket: 32 [ 68.170079][ T1310] loop1: detected capacity change from 0 to 131072 [ 68.182965][ T1310] F2FS-fs (loop1): QUOTA feature is enabled, so ignore qf_name [ 68.191493][ T1310] F2FS-fs (loop1): invalid crc value [ 68.197850][ T1310] F2FS-fs (loop1): Disable nat_bits due to incorrect cp_ver (15359802341028777995, 275811881701387) [ 68.229693][ T1310] F2FS-fs (loop1): Mounted with checkpoint version = 753bd00b [ 68.575850][ T1328] loop3: detected capacity change from 0 to 40427 [ 68.609395][ T60] usb 5-1: New USB device found, idVendor=1557, idProduct=8150, bcdDevice=29.ed [ 68.618377][ T60] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 68.628587][ T60] usb 5-1: Product: syz [ 68.633139][ T60] usb 5-1: Manufacturer: syz [ 68.637616][ T60] usb 5-1: SerialNumber: syz [ 68.642949][ T60] usb 5-1: config 0 descriptor?? [ 68.669781][ T1328] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 68.683650][ T1328] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 68.702970][ T1328] F2FS-fs (loop3): invalid crc value [ 68.720940][ T1328] F2FS-fs (loop3): Found nat_bits in checkpoint [ 68.779582][ T1328] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 68.786607][ T1328] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 69.173676][ T8] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 69.187389][ T8] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix. [ 69.399370][ T60] (unnamed net_device) (uninitialized): Assigned a random MAC address: 7a:5a:18:25:dc:a6 [ 69.411531][ T60] rtl8150 5-1:0.0: eth1: rtl8150 is detected [ 69.426274][ T60] usb 5-1: USB disconnect, device number 5 [ 69.439364][ T309] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 69.539398][ T764] usb 2-1: new full-speed USB device number 8 using dummy_hcd [ 69.829432][ T309] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 69.840285][ T309] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 69.849836][ T309] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 69.862580][ T309] usb 1-1: New USB device found, idVendor=046d, idProduct=c293, bcdDevice= 0.00 [ 69.871384][ T309] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 69.880392][ T309] usb 1-1: config 0 descriptor?? [ 69.896589][ T1381] loop4: detected capacity change from 0 to 512 [ 69.929432][ T764] usb 2-1: config 179 has an invalid interface number: 65 but max is 0 [ 69.938060][ T764] usb 2-1: config 179 has no interface number 0 [ 69.944742][ T764] usb 2-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 1029, setting to 64 [ 69.955830][ T764] usb 2-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid maxpacket 65535, setting to 64 [ 69.967225][ T764] usb 2-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 69.980481][ T764] usb 2-1: config 179 interface 65 has no altsetting 0 [ 69.987095][ T764] usb 2-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00 [ 69.996108][ T764] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 70.002264][ T1381] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 70.015841][ T1381] EXT4-fs (loop4): 1 truncate cleaned up [ 70.021406][ T1381] EXT4-fs (loop4): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000001,resuid=0x000000000000ee01,debug_want_extra_isize=0x0000000000000068,lazytime,nombcache,noload,,errors=continue. Quota mode: none. [ 70.021568][ T1344] raw-gadget.2 gadget: fail, usb_ep_enable returned -22 [ 70.052054][ T1344] raw-gadget.2 gadget: fail, usb_ep_enable returned -22 [ 70.060686][ T764] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:179.65/input/input5 [ 70.131920][ T1385] loop3: detected capacity change from 0 to 256 [ 70.417855][ T39] usb 2-1: USB disconnect, device number 8 [ 70.419484][ C0] xpad 2-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 70.431703][ T39] xpad 2-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 [ 70.870383][ T30] kauditd_printk_skb: 98 callbacks suppressed [ 70.870402][ T30] audit: type=1326 audit(1725251679.040:981): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1380 comm="syz.4.248" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f880062ceb9 code=0x7ffc0000 [ 70.906654][ T30] audit: type=1326 audit(1725251679.040:982): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1380 comm="syz.4.248" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f880062ceb9 code=0x7ffc0000 [ 71.182106][ T30] audit: type=1400 audit(1725251679.440:983): avc: denied { unlink } for pid=1398 comm="syz.4.251" name="#17" dev="tmpfs" ino=386 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1 [ 71.264114][ T30] audit: type=1400 audit(1725251679.450:984): avc: denied { read } for pid=1398 comm="syz.4.251" name="ppp" dev="devtmpfs" ino=134 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1 [ 71.376650][ T30] audit: type=1400 audit(1725251679.450:985): avc: denied { open } for pid=1398 comm="syz.4.251" path="/dev/ppp" dev="devtmpfs" ino=134 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1 [ 71.411989][ T30] audit: type=1400 audit(1725251679.450:986): avc: denied { ioctl } for pid=1398 comm="syz.4.251" path="/dev/ppp" dev="devtmpfs" ino=134 ioctlcmd=0x743e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1 [ 71.968917][ T1418] loop4: detected capacity change from 0 to 512 [ 72.001853][ T1418] EXT4-fs (loop4): orphan cleanup on readonly fs [ 72.008826][ T1418] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.257: bg 0: block 248: padding at end of block bitmap is not set [ 72.023405][ T1418] Quota error (device loop4): write_blk: dquota write failed [ 72.030706][ T1418] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota [ 72.040609][ T1418] EXT4-fs error (device loop4): ext4_acquire_dquot:6187: comm syz.4.257: Failed to acquire dquot type 1 [ 72.052196][ T1418] EXT4-fs (loop4): 1 truncate cleaned up [ 72.057916][ T1418] EXT4-fs (loop4): mounted filesystem without journal. Opts: bsdgroups,nodiscard,noblock_validity,grpjquota=,grpjquota=,noquota,abort,noload,noload,,errors=continue. Quota mode: writeback. [ 72.079705][ T1418] FAULT_INJECTION: forcing a failure. [ 72.079705][ T1418] name failslab, interval 1, probability 0, space 0, times 0 [ 72.092221][ T30] audit: type=1400 audit(1725251680.370:987): avc: denied { remount } for pid=1417 comm="syz.4.257" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 72.111319][ T1418] CPU: 0 PID: 1418 Comm: syz.4.257 Not tainted 5.15.156-syzkaller-00821-g29d153aabd54 #0 [ 72.120846][ T1418] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 72.130741][ T1418] Call Trace: [ 72.133889][ T1418] [ 72.136645][ T1418] dump_stack_lvl+0x151/0x1c0 [ 72.141346][ T1418] ? io_uring_drop_tctx_refs+0x190/0x190 [ 72.146811][ T1418] ? __kernel_text_address+0x9b/0x110 [ 72.152018][ T1418] ? unwind_get_return_address+0x4d/0x90 [ 72.157488][ T1418] dump_stack+0x15/0x20 [ 72.161476][ T1418] should_fail+0x3c6/0x510 [ 72.165733][ T1418] __should_failslab+0xa4/0xe0 [ 72.170332][ T1418] should_failslab+0x9/0x20 [ 72.174670][ T1418] slab_pre_alloc_hook+0x37/0xd0 [ 72.179443][ T1418] ? ext4_remount+0xff/0x2cf0 [ 72.182773][ T1406] loop1: detected capacity change from 0 to 131072 [ 72.183954][ T1418] __kmalloc_track_caller+0x6c/0x260 [ 72.183979][ T1418] ? ext4_remount+0xff/0x2cf0 [ 72.200016][ T1418] kstrdup+0x34/0x70 [ 72.203753][ T1418] ext4_remount+0xff/0x2cf0 [ 72.208088][ T1418] ? __kasan_kmalloc+0x9/0x10 [ 72.209759][ T1406] F2FS-fs (loop1): QUOTA feature is enabled, so ignore qf_name [ 72.212687][ T1418] ? legacy_init_fs_context+0x51/0xb0 [ 72.212712][ T1418] ? alloc_fs_context+0x674/0x830 [ 72.212727][ T1418] ? fs_context_for_reconfigure+0x74/0x80 [ 72.223964][ T1406] F2FS-fs (loop1): invalid crc value [ 72.225268][ T1418] ? path_mount+0xbd4/0x1070 [ 72.225292][ T1418] ? __se_sys_mount+0x2c4/0x3b0 [ 72.245232][ T1406] F2FS-fs (loop1): Disable nat_bits due to incorrect cp_ver (15359802341028777995, 275811881701387) [ 72.245489][ T1418] ? __x64_sys_mount+0xbf/0xd0 [ 72.265474][ T1418] ? x64_sys_call+0x49d/0x9a0 [ 72.266812][ T1406] F2FS-fs (loop1): Mounted with checkpoint version = 753bd00b [ 72.270055][ T1418] ? entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 72.270080][ T1418] ? avc_has_perm_noaudit+0x348/0x430 [ 72.270097][ T1418] ? memcpy+0x56/0x70 [ 72.270114][ T1418] ? __kasan_check_write+0x14/0x20 [ 72.297225][ T1418] ? _raw_spin_lock+0xa4/0x1b0 [ 72.301831][ T1418] ? __list_lru_walk_one+0x4c0/0x500 [ 72.306944][ T1418] ? shrink_dcache_sb+0x190/0x190 [ 72.311808][ T1418] ? _raw_spin_unlock+0x4d/0x70 [ 72.316493][ T1418] ? ext4_statfs+0xe00/0xe00 [ 72.320922][ T1418] ? shrink_dcache_sb+0x190/0x190 [ 72.325777][ T1418] ? shrink_dcache_sb+0x144/0x190 [ 72.330639][ T1418] ? dentry_lru_isolate+0x330/0x330 [ 72.335671][ T1418] ? ext4_statfs+0xe00/0xe00 [ 72.340100][ T1418] legacy_reconfigure+0xfa/0x110 [ 72.344876][ T1418] reconfigure_super+0x436/0x860 [ 72.349647][ T1418] path_mount+0xcc3/0x1070 [ 72.353897][ T1418] __se_sys_mount+0x2c4/0x3b0 [ 72.358413][ T1418] ? __x64_sys_mount+0xd0/0xd0 [ 72.363012][ T1418] ? debug_smp_processor_id+0x17/0x20 [ 72.368305][ T1418] __x64_sys_mount+0xbf/0xd0 [ 72.372732][ T1418] x64_sys_call+0x49d/0x9a0 [ 72.377164][ T1418] do_syscall_64+0x3b/0xb0 [ 72.381505][ T1418] ? clear_bhb_loop+0x35/0x90 [ 72.386013][ T1418] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 72.391748][ T1418] RIP: 0033:0x7f880062e65a [ 72.395998][ T1418] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 72.415532][ T1418] RSP: 002b:00007f87ff2a9e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 72.423775][ T1418] RAX: ffffffffffffffda RBX: 00007f87ff2a9ef0 RCX: 00007f880062e65a [ 72.431586][ T1418] RDX: 0000000020000f40 RSI: 0000000020000f00 RDI: 0000000000000000 [ 72.439409][ T1418] RBP: 0000000020000f40 R08: 00007f87ff2a9ef0 R09: 0000000001a4a421 [ 72.447205][ T1418] R10: 0000000001a4a421 R11: 0000000000000246 R12: 0000000020000f00 [ 72.455019][ T1418] R13: 00007f87ff2a9eb0 R14: 0000000000000000 R15: 00000000200008c0 [ 72.462839][ T1418] [ 72.539383][ T309] usbhid 1-1:0.0: can't add hid device: -71 [ 72.545171][ T309] usbhid: probe of 1-1:0.0 failed with error -71 [ 72.555691][ T30] audit: type=1326 audit(1725251680.840:988): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1429 comm="syz.0.258" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd45f358eb9 code=0x7ffc0000 [ 72.559229][ T1430] loop0: detected capacity change from 0 to 512 [ 72.596052][ T309] usb 1-1: USB disconnect, device number 8 [ 72.642228][ T1430] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 72.670757][ T1430] EXT4-fs (loop0): 1 truncate cleaned up [ 72.686558][ T1430] EXT4-fs (loop0): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000001,resuid=0x000000000000ee01,debug_want_extra_isize=0x0000000000000068,lazytime,nombcache,noload,,errors=continue. Quota mode: none. [ 72.977965][ T1418] syz.4.257 (1418) used greatest stack depth: 19824 bytes left [ 73.989225][ T1450] loop0: detected capacity change from 0 to 512 [ 74.575122][ T1433] loop3: detected capacity change from 0 to 40427 [ 74.610322][ T1451] loop0: detected capacity change from 0 to 512 [ 74.634501][ T1433] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 74.642260][ T1433] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 74.662969][ T1451] EXT4-fs warning (device loop0): ext4_multi_mount_protect:403: Unable to create kmmpd thread for loop0. [ 74.692914][ T1464] loop1: detected capacity change from 0 to 512 [ 74.700800][ T1433] F2FS-fs (loop3): Found nat_bits in checkpoint [ 74.884271][ T1464] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 74.914718][ T1433] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 74.921888][ T1433] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 74.950362][ T1464] EXT4-fs (loop1): 1 truncate cleaned up [ 74.956121][ T1464] EXT4-fs (loop1): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000001,resuid=0x000000000000ee01,debug_want_extra_isize=0x0000000000000068,lazytime,nombcache,noload,,errors=continue. Quota mode: none. [ 75.002853][ T1475] tmpfs: Unknown parameter 'no' [ 75.008337][ T699] f2fs_fill_dentries: 4 callbacks suppressed [ 75.008351][ T699] F2FS-fs (loop3): invalid namelen(0), ino:0, run fsck to fix. [ 75.014632][ T699] F2FS-fs (loop3): invalid namelen(0), ino:0, run fsck to fix. [ 75.022258][ T699] F2FS-fs (loop3): invalid namelen(0), ino:0, run fsck to fix. [ 75.029965][ T699] F2FS-fs (loop3): invalid namelen(0), ino:0, run fsck to fix. [ 75.037471][ T699] F2FS-fs (loop3): invalid namelen(0), ino:0, run fsck to fix. [ 75.044990][ T699] F2FS-fs (loop3): invalid namelen(0), ino:0, run fsck to fix. [ 75.052827][ T699] F2FS-fs (loop3): invalid namelen(0), ino:0, run fsck to fix. [ 75.375088][ T1480] loop3: detected capacity change from 0 to 512 [ 75.399360][ T309] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 75.410414][ T1480] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 75.421533][ T1480] EXT4-fs (loop3): 1 truncate cleaned up [ 75.427066][ T1480] EXT4-fs (loop3): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000001,resuid=0x000000000000ee01,debug_want_extra_isize=0x0000000000000068,lazytime,nombcache,noload,,errors=continue. Quota mode: none. [ 75.834940][ T1485] mmap: syz.4.271 (1485) uses deprecated remap_file_pages() syscall. See Documentation/vm/remap_file_pages.rst. [ 75.868544][ T1491] loop0: detected capacity change from 0 to 512 [ 75.889767][ T30] kauditd_printk_skb: 128 callbacks suppressed [ 75.889782][ T30] audit: type=1326 audit(1725251684.180:1117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1489 comm="syz.0.273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7fd45f357757 code=0x7ffc0000 [ 75.938198][ T30] audit: type=1326 audit(1725251684.180:1118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1489 comm="syz.0.273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7fd45f35a65a code=0x7ffc0000 [ 75.964897][ T1491] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 75.989455][ T1491] EXT4-fs (loop0): 1 truncate cleaned up [ 75.997020][ T1491] EXT4-fs (loop0): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000001,resuid=0x000000000000ee01,debug_want_extra_isize=0x0000000000000068,lazytime,nombcache,noload,,errors=continue. Quota mode: none. [ 76.018863][ T309] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 76.033799][ T309] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 76.042583][ T30] audit: type=1326 audit(1725251684.320:1119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1489 comm="syz.0.273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fd45f357850 code=0x7ffc0000 [ 76.043591][ T309] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 76.091819][ T309] usb 3-1: New USB device found, idVendor=046d, idProduct=c293, bcdDevice= 0.00 [ 76.108982][ T309] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 76.128856][ T309] usb 3-1: config 0 descriptor?? [ 76.158744][ T30] audit: type=1326 audit(1725251684.320:1120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1489 comm="syz.0.273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=80 compat=0 ip=0x7fd45f357c37 code=0x7ffc0000 [ 76.188769][ T30] audit: type=1326 audit(1725251684.320:1121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1489 comm="syz.0.273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fd45f357850 code=0x7ffc0000 [ 76.617541][ T30] audit: type=1326 audit(1725251684.320:1122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1489 comm="syz.0.273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fd45f358abb code=0x7ffc0000 [ 76.689638][ T30] audit: type=1326 audit(1725251684.320:1123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1489 comm="syz.0.273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fd45f357b4a code=0x7ffc0000 [ 76.716342][ T30] audit: type=1326 audit(1725251684.320:1124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1489 comm="syz.0.273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd45f358eb9 code=0x7ffc0000 [ 76.740117][ T30] audit: type=1326 audit(1725251684.320:1125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1489 comm="syz.0.273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd45f358eb9 code=0x7ffc0000 [ 76.767684][ T30] audit: type=1326 audit(1725251684.360:1126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1489 comm="syz.0.273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fd45f358eb9 code=0x7ffc0000 [ 76.985473][ T1507] loop0: detected capacity change from 0 to 512 [ 77.002745][ T1509] loop3: detected capacity change from 0 to 512 [ 77.016515][ T1509] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 77.026363][ T309] usbhid 3-1:0.0: can't add hid device: -71 [ 77.032423][ T309] usbhid: probe of 3-1:0.0 failed with error -71 [ 77.042860][ T309] usb 3-1: USB disconnect, device number 6 [ 77.053162][ T1509] EXT4-fs (loop3): 1 truncate cleaned up [ 77.058631][ T1509] EXT4-fs (loop3): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000001,resuid=0x000000000000ee01,debug_want_extra_isize=0x0000000000000068,lazytime,nombcache,noload,,errors=continue. Quota mode: none. [ 77.081893][ T1490] loop1: detected capacity change from 0 to 131072 [ 77.115921][ T1490] F2FS-fs (loop1): QUOTA feature is enabled, so ignore qf_name [ 77.137574][ T1490] F2FS-fs (loop1): invalid crc value [ 77.154043][ T1515] fuse: Bad value for 'fd' [ 77.759239][ T1490] F2FS-fs (loop1): Disable nat_bits due to incorrect cp_ver (15359802341028777995, 275811881701387) [ 77.810294][ T1490] F2FS-fs (loop1): Mounted with checkpoint version = 753bd00b [ 78.259855][ T1530] loop0: detected capacity change from 0 to 1024 [ 78.288217][ T1530] EXT4-fs (loop0): Ignoring removed orlov option [ 78.295163][ T1530] EXT4-fs (loop0): Ignoring removed bh option [ 78.505218][ T1530] EXT4-fs (loop0): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,jqfmt=vfsv1,lazytime,max_dir_size_kb=0x00000000004007b1,orlov,grpquota,max_batch_time=0x0000000000000002,user_xattr,bh,mb_optimize_scan=0x0000000000000001,,errors=continue. Quota mode: writeback. [ 78.815238][ T1548] loop0: detected capacity change from 0 to 512 [ 78.839162][ T1551] tmpfs: Unknown parameter 'no' [ 78.845137][ T1548] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 78.870830][ T1548] EXT4-fs (loop0): 1 truncate cleaned up [ 78.885542][ T1548] EXT4-fs (loop0): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000001,resuid=0x000000000000ee01,debug_want_extra_isize=0x0000000000000068,lazytime,nombcache,noload,,errors=continue. Quota mode: none. [ 78.979192][ T1553] loop2: detected capacity change from 0 to 512 [ 79.264527][ T1553] EXT4-fs (loop2): Unrecognized mount option "permit_directio" or missing value [ 79.460738][ T1537] loop3: detected capacity change from 0 to 131072 [ 79.644309][ T1537] F2FS-fs (loop3): Unrecognized mount option "Íbr¤*Ï#¨g¬ËZ~Ù" or missing value [ 79.714042][ T1565] loop2: detected capacity change from 0 to 512 [ 79.740432][ T1565] EXT4-fs (loop2): ext4_check_descriptors: Block bitmap for group 0 not in group (block 46850)! [ 79.750815][ T1565] EXT4-fs (loop2): group descriptors corrupted! [ 79.889494][ T1572] loop3: detected capacity change from 0 to 512 [ 79.909358][ T20] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 79.941782][ T1572] EXT4-fs (loop3): Test dummy encryption mode enabled [ 79.954146][ T1572] EXT4-fs error (device loop3): ext4_fill_super:4831: inode #2: comm syz.3.284: casefold flag without casefold feature [ 79.966716][ T1572] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended [ 79.979366][ T309] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 79.989071][ T1575] loop2: detected capacity change from 0 to 1024 [ 79.996449][ T1572] EXT4-fs (loop3): mounted filesystem without journal. Opts: jqfmt=vfsv0,test_dummy_encryption,,errors=continue. Quota mode: none. [ 80.040149][ T1575] EXT4-fs (loop2): Ignoring removed orlov option [ 80.050968][ T1575] EXT4-fs (loop2): mounted filesystem without journal. Opts: inode_readahead_blks=0x0000000000040000,data_err=abort,barrier=0x0000000000000002,discard,norecovery,dioread_lock,orlov,bsdgroups,max_batch_time=0x0000000000000002,user_xattr,quota,,errors=continue. Quota mode: writeback. [ 80.257521][ T1584] loop2: detected capacity change from 0 to 1024 [ 80.267846][ T1584] EXT4-fs (loop2): Ignoring removed orlov option [ 80.269444][ T20] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 80.274186][ T1584] EXT4-fs (loop2): Ignoring removed bh option [ 80.294622][ T20] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 80.304431][ T20] usb 2-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 80.313502][ T20] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 80.324239][ T20] usb 2-1: config 0 descriptor?? [ 80.330223][ T1584] EXT4-fs (loop2): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,jqfmt=vfsv1,lazytime,max_dir_size_kb=0x00000000004007b1,orlov,grpquota,max_batch_time=0x0000000000000002,user_xattr,bh,mb_optimize_scan=0x0000000000000001,,errors=continue. Quota mode: writeback. [ 80.369619][ T309] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 80.381322][ T309] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 80.391165][ T309] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 80.404079][ T309] usb 1-1: New USB device found, idVendor=046d, idProduct=c293, bcdDevice= 0.00 [ 80.413120][ T309] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 80.421976][ T309] usb 1-1: config 0 descriptor?? [ 80.472296][ T1591] FAULT_INJECTION: forcing a failure. [ 80.472296][ T1591] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 80.485388][ T1591] CPU: 1 PID: 1591 Comm: syz.2.299 Not tainted 5.15.156-syzkaller-00821-g29d153aabd54 #0 [ 80.494951][ T1591] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 80.504852][ T1591] Call Trace: [ 80.507967][ T1591] [ 80.509312][ T6] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 80.510838][ T1591] dump_stack_lvl+0x151/0x1c0 [ 80.522745][ T1591] ? io_uring_drop_tctx_refs+0x190/0x190 [ 80.528196][ T1591] ? __local_bh_enable_ip+0x58/0x80 [ 80.533318][ T1591] ? release_sock+0x163/0x1b0 [ 80.537825][ T1591] dump_stack+0x15/0x20 [ 80.541937][ T1591] should_fail+0x3c6/0x510 [ 80.546203][ T1591] should_fail_alloc_page+0x5a/0x80 [ 80.551224][ T1591] prepare_alloc_pages+0x15c/0x700 [ 80.556172][ T1591] ? __alloc_pages_bulk+0xe40/0xe40 [ 80.561218][ T1591] ? avc_has_perm+0x16f/0x260 [ 80.565722][ T1591] ? udp_cmsg_send+0x3a0/0x3a0 [ 80.570323][ T1591] __alloc_pages+0x18c/0x8f0 [ 80.574746][ T1591] ? prep_new_page+0x110/0x110 [ 80.579368][ T1591] kmalloc_order+0x4a/0x160 [ 80.583688][ T1591] kmalloc_order_trace+0x1a/0xb0 [ 80.588559][ T1591] __kmalloc+0x19c/0x270 [ 80.592715][ T1591] iovec_from_user+0x8a/0x330 [ 80.597229][ T1591] ? __copy_msghdr_from_user+0x424/0x7c0 [ 80.602697][ T1591] __import_iovec+0x6d/0x420 [ 80.607120][ T1591] ? __ia32_sys_shutdown+0x70/0x70 [ 80.612072][ T1591] import_iovec+0xe5/0x120 [ 80.616363][ T1591] ___sys_sendmsg+0x215/0x2e0 [ 80.620928][ T1591] ? __sys_sendmsg+0x260/0x260 [ 80.625655][ T1591] ? __kasan_check_write+0x14/0x20 [ 80.630585][ T1591] ? proc_fail_nth_write+0x20b/0x290 [ 80.635711][ T1591] ? __fdget+0x1bc/0x240 [ 80.639791][ T1591] __sys_sendmmsg+0x2bf/0x530 [ 80.644302][ T1591] ? __ia32_sys_sendmsg+0x90/0x90 [ 80.649158][ T1591] ? mutex_unlock+0xb2/0x260 [ 80.653702][ T1591] ? __kasan_check_write+0x14/0x20 [ 80.658653][ T1591] ? __ia32_sys_read+0x90/0x90 [ 80.663249][ T1591] ? debug_smp_processor_id+0x17/0x20 [ 80.668463][ T1591] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 80.674355][ T1591] __x64_sys_sendmmsg+0xa0/0xb0 [ 80.679042][ T1591] x64_sys_call+0x81d/0x9a0 [ 80.683467][ T1591] do_syscall_64+0x3b/0xb0 [ 80.687821][ T1591] ? clear_bhb_loop+0x35/0x90 [ 80.692332][ T1591] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 80.698074][ T1591] RIP: 0033:0x7fe78d287eb9 [ 80.702319][ T1591] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 80.721763][ T1591] RSP: 002b:00007fe78bf05038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 80.730006][ T1591] RAX: ffffffffffffffda RBX: 00007fe78d423f80 RCX: 00007fe78d287eb9 [ 80.737816][ T1591] RDX: 0000000000000003 RSI: 0000000020004540 RDI: 0000000000000006 [ 80.745628][ T1591] RBP: 00007fe78bf05090 R08: 0000000000000000 R09: 0000000000000000 [ 80.753479][ T1591] R10: 00000000240080e4 R11: 0000000000000246 R12: 0000000000000002 [ 80.759365][ T6] usb 5-1: Using ep0 maxpacket: 8 [ 80.761262][ T1591] R13: 0000000000000000 R14: 00007fe78d423f80 R15: 00007fffd3e009b8 [ 80.761280][ T1591] [ 80.810456][ T1582] loop3: detected capacity change from 0 to 131072 [ 80.879409][ T20] usbhid 2-1:0.0: can't add hid device: -71 [ 80.885160][ T20] usbhid: probe of 2-1:0.0 failed with error -71 [ 80.891448][ T6] usb 5-1: config 0 has an invalid descriptor of length 129, skipping remainder of the config [ 80.902536][ T20] usb 2-1: USB disconnect, device number 9 [ 80.904934][ T1582] F2FS-fs (loop3): QUOTA feature is enabled, so ignore qf_name [ 80.910555][ T6] usb 5-1: config 0 interface 0 altsetting 209 has 0 endpoint descriptors, different from the interface descriptor's value: 13 [ 80.919749][ T1582] F2FS-fs (loop3): invalid crc value [ 80.929868][ T6] usb 5-1: config 0 interface 0 has no altsetting 0 [ 80.937516][ T1582] F2FS-fs (loop3): Disable nat_bits due to incorrect cp_ver (15359802341028777995, 275811881701387) [ 80.940541][ T6] usb 5-1: New USB device found, idVendor=29de, idProduct=7e02, bcdDevice= 0.00 [ 80.959794][ T6] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 80.968272][ T6] usb 5-1: config 0 descriptor?? [ 80.984641][ T1582] F2FS-fs (loop3): Mounted with checkpoint version = 753bd00b [ 81.010033][ T6] usbhid 5-1:0.0: couldn't find an input interrupt endpoint [ 81.099419][ T309] usbhid 1-1:0.0: can't add hid device: -71 [ 81.105199][ T309] usbhid: probe of 1-1:0.0 failed with error -71 [ 81.112485][ T309] usb 1-1: USB disconnect, device number 9 [ 81.119446][ T764] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 81.409447][ T764] usb 3-1: too many configurations: 112, using maximum allowed: 8 [ 81.427832][ T1604] tmpfs: Unknown parameter 'no' [ 81.549362][ T764] usb 3-1: unable to read config index 0 descriptor/start: -61 [ 81.556799][ T764] usb 3-1: can't read configurations, error -61 [ 81.565640][ T30] kauditd_printk_skb: 83 callbacks suppressed [ 81.565654][ T30] audit: type=1326 audit(1725251689.850:1210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1607 comm="syz.0.303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd45f358eb9 code=0x7ffc0000 [ 81.571937][ T1608] loop0: detected capacity change from 0 to 512 [ 81.615699][ T30] audit: type=1326 audit(1725251689.850:1211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1607 comm="syz.0.303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7fd45f358eb9 code=0x7ffc0000 [ 81.638890][ T30] audit: type=1326 audit(1725251689.850:1212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1607 comm="syz.0.303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd45f358eb9 code=0x7ffc0000 [ 81.662340][ T30] audit: type=1326 audit(1725251689.850:1213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1607 comm="syz.0.303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fd45f358eb9 code=0x7ffc0000 [ 81.684642][ T1606] loop3: detected capacity change from 0 to 40427 [ 81.685782][ T30] audit: type=1326 audit(1725251689.850:1214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1607 comm="syz.0.303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fd45f358ef3 code=0x7ffc0000 [ 81.715128][ T30] audit: type=1326 audit(1725251689.860:1215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1607 comm="syz.0.303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fd45f35799f code=0x7ffc0000 [ 81.715917][ T1608] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 81.738629][ T30] audit: type=1326 audit(1725251689.860:1216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1607 comm="syz.0.303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7fd45f358f47 code=0x7ffc0000 [ 81.748743][ T1606] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 81.770945][ T764] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 81.785810][ T30] audit: type=1326 audit(1725251689.860:1217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1607 comm="syz.0.303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fd45f357850 code=0x7ffc0000 [ 81.787102][ T1608] EXT4-fs (loop0): 1 truncate cleaned up [ 81.809025][ T30] audit: type=1326 audit(1725251689.860:1218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1607 comm="syz.0.303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fd45f358abb code=0x7ffc0000 [ 81.809052][ T30] audit: type=1326 audit(1725251689.890:1219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1607 comm="syz.0.303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fd45f357b4a code=0x7ffc0000 [ 81.809122][ T1606] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 81.816804][ T1608] EXT4-fs (loop0): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000001,resuid=0x000000000000ee01,debug_want_extra_isize=0x0000000000000068,lazytime,nombcache,noload,,errors=continue. Quota mode: none. [ 81.840302][ T1606] F2FS-fs (loop3): Found nat_bits in checkpoint [ 81.949643][ T1606] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 81.959394][ T1606] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 81.988216][ T699] F2FS-fs (loop3): invalid namelen(0), ino:0, run fsck to fix. [ 81.988241][ T699] F2FS-fs (loop3): invalid namelen(0), ino:0, run fsck to fix. [ 81.996028][ T699] F2FS-fs (loop3): invalid namelen(0), ino:0, run fsck to fix. [ 82.003487][ T699] F2FS-fs (loop3): invalid namelen(0), ino:0, run fsck to fix. [ 82.011973][ T699] F2FS-fs (loop3): invalid namelen(0), ino:0, run fsck to fix. [ 82.019449][ T699] F2FS-fs (loop3): invalid namelen(0), ino:0, run fsck to fix. [ 82.030095][ T307] usb 5-1: USB disconnect, device number 6 [ 82.243165][ T699] F2FS-fs (loop3): invalid namelen(0), ino:0, run fsck to fix. [ 82.250435][ T1620] loop4: detected capacity change from 0 to 256 [ 82.264649][ T1622] loop1: detected capacity change from 0 to 256 [ 82.279418][ T764] usb 3-1: too many configurations: 112, using maximum allowed: 8 [ 82.364772][ T1628] loop1: detected capacity change from 0 to 1024 [ 82.378870][ T1628] EXT4-fs (loop1): Ignoring removed orlov option [ 82.381151][ T1627] loop4: detected capacity change from 0 to 1024 [ 82.402150][ T1628] EXT4-fs (loop1): Ignoring removed bh option [ 82.419393][ T764] usb 3-1: unable to read config index 0 descriptor/start: -61 [ 82.438709][ T1627] EXT4-fs (loop4): Mount option "noacl" will be removed by 3.5 [ 82.438709][ T1627] Contact linux-ext4@vger.kernel.org if you think we should keep it. [ 82.438709][ T1627] [ 82.468557][ T764] usb 3-1: can't read configurations, error -61 [ 82.478910][ T764] usb usb3-port1: attempt power cycle [ 82.485842][ T1628] EXT4-fs (loop1): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,jqfmt=vfsv1,lazytime,max_dir_size_kb=0x00000000004007b1,orlov,grpquota,max_batch_time=0x0000000000000002,user_xattr,bh,mb_optimize_scan=0x0000000000000001,,errors=continue. Quota mode: writeback. [ 82.535396][ T1627] EXT4-fs (loop4): mounted filesystem without journal. Opts: nodioread_nolock,noquota,barrier=0x0000000000000002,jqfmt=vfsv1,block_validity,max_dir_size_kb=0x00000000000007b1,lazytime,min_batch_time=0x0000000000000008,delalloc,noauto_da_alloc,noacl,,errors=continue. Quota mode: none. [ 82.949325][ T764] usb 3-1: new high-speed USB device number 9 using dummy_hcd [ 83.099390][ T764] usb 3-1: too many configurations: 112, using maximum allowed: 8 [ 83.250697][ T764] usb 3-1: unable to read config index 0 descriptor/start: -61 [ 83.258333][ T764] usb 3-1: can't read configurations, error -61 [ 83.265658][ T1647] FAULT_INJECTION: forcing a failure. [ 83.265658][ T1647] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 83.278766][ T1647] CPU: 0 PID: 1647 Comm: syz.4.311 Not tainted 5.15.156-syzkaller-00821-g29d153aabd54 #0 [ 83.288301][ T1647] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 83.298194][ T1647] Call Trace: [ 83.301317][ T1647] [ 83.304093][ T1647] dump_stack_lvl+0x151/0x1c0 [ 83.308606][ T1647] ? io_uring_drop_tctx_refs+0x190/0x190 [ 83.314076][ T1647] ? unwind_get_return_address+0x4d/0x90 [ 83.319635][ T1647] dump_stack+0x15/0x20 [ 83.323622][ T1647] should_fail+0x3c6/0x510 [ 83.327874][ T1647] should_fail_alloc_page+0x5a/0x80 [ 83.332907][ T1647] prepare_alloc_pages+0x15c/0x700 [ 83.337860][ T1647] ? stack_trace_snprint+0xf0/0xf0 [ 83.342804][ T1647] ? __alloc_pages_bulk+0xe40/0xe40 [ 83.347837][ T1647] __alloc_pages+0x18c/0x8f0 [ 83.352265][ T1647] ? vfs_open+0x73/0x80 [ 83.356305][ T1647] ? prep_new_page+0x110/0x110 [ 83.360858][ T1647] ? entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 83.366761][ T1647] new_slab+0x9a/0x4e0 [ 83.370665][ T1647] ___slab_alloc+0x39e/0x830 [ 83.375090][ T1647] ? p9_client_prepare_req+0x2eb/0xb20 [ 83.380389][ T1647] ? p9_client_prepare_req+0x2eb/0xb20 [ 83.385771][ T1647] __slab_alloc+0x4a/0x90 [ 83.389934][ T1647] ? p9_client_prepare_req+0x2eb/0xb20 [ 83.395230][ T1647] kmem_cache_alloc+0x134/0x200 [ 83.399924][ T1647] p9_client_prepare_req+0x2eb/0xb20 [ 83.405036][ T1647] ? kmem_cache_alloc_trace+0x115/0x210 [ 83.410416][ T1647] ? p9_fid_create+0x53/0x280 [ 83.414931][ T1647] p9_client_rpc+0x159/0x13a0 [ 83.419443][ T1647] ? __kasan_check_write+0x14/0x20 [ 83.424391][ T1647] ? node_tag_clear+0x203/0x330 [ 83.429164][ T1647] ? p9_fid_create+0x280/0x280 [ 83.433766][ T1647] ? idr_alloc_u32+0x20b/0x320 [ 83.438450][ T1647] ? _raw_spin_lock_irq+0xa5/0x1b0 [ 83.443406][ T1647] ? debug_smp_processor_id+0x17/0x20 [ 83.448607][ T1647] ? __radix_tree_preload+0x351/0x3d0 [ 83.453819][ T1647] p9_client_walk+0x1fe/0x7b0 [ 83.458327][ T1647] ? p9_client_rpc+0x13a0/0x13a0 [ 83.463098][ T1647] ? v9fs_fid_lookup+0x118/0x160 [ 83.467875][ T1647] v9fs_file_open+0x408/0x6c0 [ 83.472481][ T1647] ? v9fs_fid_readpage+0x680/0x680 [ 83.477426][ T1647] do_dentry_open+0x81c/0xfd0 [ 83.481935][ T1647] vfs_open+0x73/0x80 [ 83.485752][ T1647] path_openat+0x26f0/0x2f40 [ 83.490183][ T1647] ? kmem_cache_free+0x116/0x2e0 [ 83.494954][ T1647] ? __kasan_slab_alloc+0xb1/0xe0 [ 83.499816][ T1647] ? kmem_cache_alloc+0xf5/0x200 [ 83.504616][ T1647] ? getname_flags+0xba/0x520 [ 83.509105][ T1647] ? __x64_sys_openat+0x243/0x290 [ 83.513962][ T1647] ? do_filp_open+0x460/0x460 [ 83.518478][ T1647] do_filp_open+0x21c/0x460 [ 83.522813][ T1647] ? vfs_tmpfile+0x2c0/0x2c0 [ 83.527262][ T1647] do_sys_openat2+0x13f/0x830 [ 83.531756][ T1647] ? wait_for_completion_killable_timeout+0x10/0x10 [ 83.538197][ T1647] ? __mutex_lock_slowpath+0x10/0x10 [ 83.543298][ T1647] ? do_sys_open+0x220/0x220 [ 83.547731][ T1647] ? __kasan_check_write+0x14/0x20 [ 83.552673][ T1647] ? ksys_write+0x260/0x2c0 [ 83.557029][ T1647] __x64_sys_openat+0x243/0x290 [ 83.561698][ T1647] ? __ia32_sys_open+0x270/0x270 [ 83.566472][ T1647] ? debug_smp_processor_id+0x17/0x20 [ 83.571680][ T1647] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 83.577582][ T1647] ? exit_to_user_mode_prepare+0x39/0xa0 [ 83.583051][ T1647] x64_sys_call+0x6bf/0x9a0 [ 83.587390][ T1647] do_syscall_64+0x3b/0xb0 [ 83.591641][ T1647] ? clear_bhb_loop+0x35/0x90 [ 83.596156][ T1647] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 83.601883][ T1647] RIP: 0033:0x7f880062ceb9 [ 83.606137][ T1647] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 83.625581][ T1647] RSP: 002b:00007f87ff2aa038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 83.633823][ T1647] RAX: ffffffffffffffda RBX: 00007f88007c8f80 RCX: 00007f880062ceb9 [ 83.641635][ T1647] RDX: 0000000000000400 RSI: 00000000200001c0 RDI: ffffffffffffff9c [ 83.649534][ T1647] RBP: 00007f87ff2aa090 R08: 0000000000000000 R09: 0000000000000000 [ 83.657345][ T1647] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 83.665276][ T1647] R13: 0000000000000000 R14: 00007f88007c8f80 R15: 00007fff268ee5f8 [ 83.673086][ T1647] [ 83.739420][ T764] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 83.859370][ T764] usb 3-1: device descriptor read/8, error -71 [ 83.945110][ T1662] tmpfs: Unknown parameter 'no' [ 83.969345][ T20] usb 1-1: new high-speed USB device number 10 using dummy_hcd [ 84.223203][ T1654] loop4: detected capacity change from 0 to 40427 [ 84.241102][ T309] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 84.278746][ T1658] loop2: detected capacity change from 0 to 40427 [ 84.309374][ T764] usb 3-1: device descriptor read/8, error -71 [ 84.330160][ T1658] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 84.337712][ T1654] F2FS-fs (loop4): invalid crc value [ 84.337882][ T1658] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 84.353767][ T1654] F2FS-fs (loop4): Found nat_bits in checkpoint [ 84.354440][ T1658] F2FS-fs (loop2): Found nat_bits in checkpoint [ 84.390125][ T1654] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 84.396150][ T1658] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 84.404360][ T1658] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 84.424021][ T1658] overlayfs: invalid origin (000000790000000000000000000000000000000000000000000000000000000000000000000000000000000000000000) [ 84.439461][ T764] usb usb3-port1: unable to enumerate USB device [ 84.447721][ T1006] F2FS-fs (loop2): invalid namelen(0), ino:0, run fsck to fix. [ 84.447783][ T1006] F2FS-fs (loop2): invalid namelen(0), ino:0, run fsck to fix. [ 84.455444][ T1006] F2FS-fs (loop2): invalid namelen(0), ino:0, run fsck to fix. [ 84.499362][ T309] usb 5-1: Using ep0 maxpacket: 16 [ 84.569418][ T20] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 84.571730][ T1674] loop2: detected capacity change from 0 to 128 [ 84.581594][ T20] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 84.596155][ T20] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 84.608878][ T20] usb 1-1: New USB device found, idVendor=046d, idProduct=c293, bcdDevice= 0.00 [ 84.617800][ T20] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 84.626172][ T20] usb 1-1: config 0 descriptor?? [ 84.631029][ T309] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 84.642168][ T309] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 84.651753][ T309] usb 5-1: New USB device found, idVendor=17ef, idProduct=6009, bcdDevice= 0.00 [ 84.660622][ T309] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 84.670068][ T309] usb 5-1: config 0 descriptor?? [ 84.733049][ T1676] FAULT_INJECTION: forcing a failure. [ 84.733049][ T1676] name failslab, interval 1, probability 0, space 0, times 0 [ 84.749037][ T1676] CPU: 0 PID: 1676 Comm: syz.3.319 Not tainted 5.15.156-syzkaller-00821-g29d153aabd54 #0 [ 84.758759][ T1676] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 84.768650][ T1676] Call Trace: [ 84.771779][ T1676] [ 84.774555][ T1676] dump_stack_lvl+0x151/0x1c0 [ 84.779068][ T1676] ? io_uring_drop_tctx_refs+0x190/0x190 [ 84.780424][ T1679] loop1: detected capacity change from 0 to 1024 [ 84.784533][ T1676] ? x64_sys_call+0x87f/0x9a0 [ 84.784560][ T1676] dump_stack+0x15/0x20 [ 84.784577][ T1676] should_fail+0x3c6/0x510 [ 84.784593][ T1676] __should_failslab+0xa4/0xe0 [ 84.808168][ T1676] should_failslab+0x9/0x20 [ 84.812488][ T1676] slab_pre_alloc_hook+0x37/0xd0 [ 84.817260][ T1676] ? skb_ensure_writable+0x2d0/0x440 [ 84.822375][ T1676] __kmalloc_track_caller+0x6c/0x260 [ 84.827501][ T1676] ? skb_ensure_writable+0x2d0/0x440 [ 84.832614][ T1676] ? skb_ensure_writable+0x2d0/0x440 [ 84.837734][ T1676] pskb_expand_head+0x113/0x1240 [ 84.842512][ T1676] ? __kasan_check_write+0x14/0x20 [ 84.847466][ T1676] skb_ensure_writable+0x2d0/0x440 [ 84.852413][ T1676] bpf_clone_redirect+0x117/0x390 [ 84.857267][ T1676] bpf_prog_973cd02a7a0e8181+0x56/0x9e8 [ 84.862646][ T1676] ? perf_trace_swiotlb_bounced+0x260/0x630 [ 84.868400][ T1676] ? __stack_depot_save+0x34/0x470 [ 84.873322][ T1676] ? __kasan_slab_alloc+0xc3/0xe0 [ 84.878180][ T1676] ? __kasan_slab_alloc+0xb1/0xe0 [ 84.883041][ T1676] ? slab_post_alloc_hook+0x53/0x2c0 [ 84.888160][ T1676] ? kmem_cache_alloc+0xf5/0x200 [ 84.892935][ T1676] ? __build_skb+0x2a/0x300 [ 84.897285][ T1676] ? build_skb+0x25/0x1f0 [ 84.901443][ T1676] ? bpf_prog_test_run_skb+0x38e/0x1420 [ 84.906854][ T1676] ? bpf_prog_test_run+0x3b0/0x630 [ 84.911796][ T1676] ? __sys_bpf+0x525/0x760 [ 84.916024][ T1676] ? __x64_sys_bpf+0x7c/0x90 [ 84.920450][ T1676] ? x64_sys_call+0x87f/0x9a0 [ 84.924969][ T1676] ? do_syscall_64+0x3b/0xb0 [ 84.929392][ T1676] ? entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 84.935297][ T1676] ? __kasan_check_read+0x11/0x20 [ 84.940153][ T1676] ? bpf_test_timer_continue+0x140/0x460 [ 84.945621][ T1676] bpf_test_run+0x478/0xa10 [ 84.949961][ T1676] ? convert___skb_to_skb+0x570/0x570 [ 84.955255][ T1676] ? eth_type_trans+0x2c6/0x600 [ 84.959945][ T1676] ? eth_get_headlen+0x240/0x240 [ 84.964721][ T1676] ? convert___skb_to_skb+0x44/0x570 [ 84.969859][ T1676] bpf_prog_test_run_skb+0xb41/0x1420 [ 84.975077][ T1676] ? __kasan_check_write+0x14/0x20 [ 84.980120][ T1676] ? __bpf_prog_test_run_raw_tp+0x1d0/0x1d0 [ 84.985828][ T1676] ? __kasan_check_write+0x14/0x20 [ 84.990780][ T1676] ? fput_many+0x160/0x1b0 [ 84.995026][ T1676] ? __bpf_prog_test_run_raw_tp+0x1d0/0x1d0 [ 85.000754][ T1676] bpf_prog_test_run+0x3b0/0x630 [ 85.005529][ T1676] ? bpf_prog_query+0x220/0x220 [ 85.010214][ T1676] ? selinux_bpf+0xd2/0x100 [ 85.014560][ T1676] ? security_bpf+0x82/0xb0 [ 85.018893][ T1676] __sys_bpf+0x525/0x760 [ 85.023061][ T1676] ? fput_many+0x160/0x1b0 [ 85.027318][ T1676] ? bpf_link_show_fdinfo+0x2d0/0x2d0 [ 85.032523][ T1676] ? debug_smp_processor_id+0x17/0x20 [ 85.037815][ T1676] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 85.043723][ T1676] __x64_sys_bpf+0x7c/0x90 [ 85.047969][ T1676] x64_sys_call+0x87f/0x9a0 [ 85.052310][ T1676] do_syscall_64+0x3b/0xb0 [ 85.056563][ T1676] ? clear_bhb_loop+0x35/0x90 [ 85.061090][ T1676] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 85.066804][ T1676] RIP: 0033:0x7ff115696eb9 [ 85.071057][ T1676] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 85.090590][ T1676] RSP: 002b:00007ff114314038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 85.098834][ T1676] RAX: ffffffffffffffda RBX: 00007ff115832f80 RCX: 00007ff115696eb9 [ 85.106817][ T1676] RDX: 000000000000002c RSI: 0000000020000080 RDI: 000000000000000a [ 85.114748][ T1676] RBP: 00007ff114314090 R08: 0000000000000000 R09: 0000000000000000 [ 85.122563][ T1676] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 85.130378][ T1676] R13: 0000000000000000 R14: 00007ff115832f80 R15: 00007fff3df9d048 [ 85.138194][ T1676] [ 85.219034][ T1679] EXT4-fs (loop1): Ignoring removed orlov option [ 85.317002][ T1679] EXT4-fs (loop1): Ignoring removed bh option [ 85.449446][ T309] usbhid 5-1:0.0: can't add hid device: -71 [ 85.455400][ T309] usbhid: probe of 5-1:0.0 failed with error -71 [ 85.476733][ T309] usb 5-1: USB disconnect, device number 7 [ 85.485815][ T1686] loop4: detected capacity change from 0 to 256 [ 85.500079][ T1686] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 85.504081][ T1679] EXT4-fs (loop1): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,jqfmt=vfsv1,lazytime,max_dir_size_kb=0x00000000004007b1,orlov,grpquota,max_batch_time=0x0000000000000002,user_xattr,bh,mb_optimize_scan=0x0000000000000001,,errors=continue. Quota mode: writeback. [ 85.562146][ T20] usbhid 1-1:0.0: can't add hid device: -71 [ 85.578942][ T20] usbhid: probe of 1-1:0.0 failed with error -71 [ 85.589134][ T20] usb 1-1: USB disconnect, device number 10 [ 86.387860][ T1694] kvm: emulating exchange as write [ 86.469394][ T582] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 86.568044][ T1704] loop1: detected capacity change from 0 to 8192 [ 86.659909][ T1704] loop1: p1 p2 p3 [ 86.686968][ T1720] tmpfs: Unknown parameter 'no' [ 86.786179][ T582] usb 4-1: Using ep0 maxpacket: 32 [ 86.988018][ T30] kauditd_printk_skb: 75 callbacks suppressed [ 86.988031][ T30] audit: type=1326 audit(1725251695.270:1295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1723 comm="syz.1.330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fddc92e3eb9 code=0x7ffc0000 [ 87.001471][ T307] hid-generic 000D:0000:0000.0002: unknown main item tag 0x1 [ 87.017454][ T30] audit: type=1326 audit(1725251695.270:1296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1723 comm="syz.1.330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fddc92e3eb9 code=0x7ffc0000 [ 87.028016][ T307] hid-generic 000D:0000:0000.0002: hidraw0: HID v0.00 Device [syz1] on syz1 [ 87.047819][ T30] audit: type=1326 audit(1725251695.280:1297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1723 comm="syz.1.330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fddc92e3eb9 code=0x7ffc0000 [ 87.081025][ T30] audit: type=1326 audit(1725251695.280:1298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1723 comm="syz.1.330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fddc92e3eb9 code=0x7ffc0000 [ 87.104393][ T582] usb 4-1: New USB device found, idVendor=1557, idProduct=8150, bcdDevice=29.ed [ 87.104974][ T30] audit: type=1326 audit(1725251695.280:1299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1723 comm="syz.1.330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fddc92e3eb9 code=0x7ffc0000 [ 87.113338][ T582] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 87.136808][ T30] audit: type=1326 audit(1725251695.280:1300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1723 comm="syz.1.330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fddc92e3eb9 code=0x7ffc0000 [ 87.144596][ T582] usb 4-1: Product: syz [ 87.171975][ T582] usb 4-1: Manufacturer: syz [ 87.176417][ T582] usb 4-1: SerialNumber: syz [ 87.184876][ T582] usb 4-1: config 0 descriptor?? [ 87.191654][ T30] audit: type=1326 audit(1725251695.280:1301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1723 comm="syz.1.330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fddc92e3eb9 code=0x7ffc0000 [ 87.219383][ T30] audit: type=1326 audit(1725251695.280:1302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1723 comm="syz.1.330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fddc92e3eb9 code=0x7ffc0000 [ 87.242981][ T30] audit: type=1326 audit(1725251695.280:1303): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1723 comm="syz.1.330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=140 compat=0 ip=0x7fddc92e3eb9 code=0x7ffc0000 [ 87.266502][ T30] audit: type=1326 audit(1725251695.280:1304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1723 comm="syz.1.330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fddc92e3eb9 code=0x7ffc0000 [ 87.604824][ T1746] loop4: detected capacity change from 0 to 512 [ 87.707639][ T1746] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 87.722777][ T1746] EXT4-fs (loop4): 1 truncate cleaned up [ 87.728292][ T1746] EXT4-fs (loop4): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000001,resuid=0x000000000000ee01,debug_want_extra_isize=0x0000000000000068,lazytime,nombcache,noload,,errors=continue. Quota mode: none. [ 88.209382][ T582] (unnamed net_device) (uninitialized): Assigned a random MAC address: ae:c7:1d:ec:2a:79 [ 88.221407][ T582] rtl8150 4-1:0.0: eth1: rtl8150 is detected [ 88.231960][ T582] usb 4-1: USB disconnect, device number 8 [ 88.484843][ T1769] syz.2.341[1769] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 88.484916][ T1769] syz.2.341[1769] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 88.577535][ T1769] syz.2.341[1769] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 88.599077][ T1769] syz.2.341[1769] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 88.623744][ T1771] FAULT_INJECTION: forcing a failure. [ 88.623744][ T1771] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 88.649408][ T1771] CPU: 1 PID: 1771 Comm: syz.4.342 Not tainted 5.15.156-syzkaller-00821-g29d153aabd54 #0 [ 88.659039][ T1771] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 88.668936][ T1771] Call Trace: [ 88.672054][ T1771] [ 88.674830][ T1771] dump_stack_lvl+0x151/0x1c0 [ 88.679344][ T1771] ? io_uring_drop_tctx_refs+0x190/0x190 [ 88.684814][ T1771] ? _raw_spin_lock_irq+0xa5/0x1b0 [ 88.689760][ T1771] ? _raw_spin_lock_irqsave+0x210/0x210 [ 88.695144][ T1771] ? copy_fpstate_to_sigframe+0x853/0x9a0 [ 88.700700][ T1771] dump_stack+0x15/0x20 [ 88.704688][ T1771] should_fail+0x3c6/0x510 [ 88.708941][ T1771] should_fail_usercopy+0x1a/0x20 [ 88.713804][ T1771] fpu__restore_sig+0x164/0xf40 [ 88.718491][ T1771] ? dequeue_signal+0x205/0x520 [ 88.723184][ T1771] ? copy_fpstate_to_sigframe+0x9a0/0x9a0 [ 88.728731][ T1771] ? memcpy+0x56/0x70 [ 88.732548][ T1771] ? __kasan_check_write+0x14/0x20 [ 88.737495][ T1771] ? _copy_from_user+0x96/0xd0 [ 88.742097][ T1771] restore_sigcontext+0x638/0x710 [ 88.746958][ T1771] ? fpu__clear_user_states+0x187/0x210 [ 88.752338][ T1771] ? __do_compat_sys_x32_rt_sigreturn+0x1e0/0x1e0 [ 88.758683][ T1771] ? _raw_spin_lock_irq+0xa5/0x1b0 [ 88.763627][ T1771] __do_sys_rt_sigreturn+0x153/0x1e0 [ 88.768743][ T1771] ? x32_copy_siginfo_to_user+0x270/0x270 [ 88.774295][ T1771] ? debug_smp_processor_id+0x17/0x20 [ 88.779524][ T1771] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 88.785497][ T1771] ? exit_to_user_mode_prepare+0x39/0xa0 [ 88.790962][ T1771] x64_sys_call+0x91/0x9a0 [ 88.795317][ T1771] do_syscall_64+0x3b/0xb0 [ 88.799551][ T1771] ? clear_bhb_loop+0x35/0x90 [ 88.804065][ T1771] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 88.809800][ T1771] RIP: 0033:0x7f880062ceb7 [ 88.814050][ T1771] Code: ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 <0f> 05 48 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 [ 88.833490][ T1771] RSP: 002b:00007f87ff2aa038 EFLAGS: 00000246 [ 88.839392][ T1771] RAX: 0000000000000127 RBX: 00007f88007c8f80 RCX: 00007f880062ceb9 [ 88.847204][ T1771] RDX: 0000000000000001 RSI: 0000000020000600 RDI: 0000000000000004 [ 88.855100][ T1771] RBP: 00007f87ff2aa090 R08: 0000000000000000 R09: 0000000000000000 [ 88.862911][ T1771] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 88.870910][ T1771] R13: 0000000000000000 R14: 00007f88007c8f80 R15: 00007fff268ee5f8 [ 88.878721][ T1771] [ 89.054174][ T1799] tmpfs: Unknown parameter 'no' [ 89.781611][ T1813] loop2: detected capacity change from 0 to 512 [ 89.881459][ T1813] EXT4-fs error (device loop2): ext4_find_inline_data_nolock:164: inode #12: comm syz.2.349: inline data xattr refers to an external xattr inode [ 89.896262][ T1813] EXT4-fs error (device loop2): ext4_orphan_get:1402: comm syz.2.349: couldn't read orphan inode 12 (err -117) [ 89.908360][ T1813] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 90.272912][ T1776] loop0: detected capacity change from 0 to 131072 [ 90.280090][ T1822] syz.3.352[1822] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 90.280153][ T1822] syz.3.352[1822] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 90.292070][ T1822] syz.3.352[1822] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 90.303628][ T1822] general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN [ 90.326358][ T1822] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007] [ 90.334600][ T1822] CPU: 1 PID: 1822 Comm: syz.3.352 Not tainted 5.15.156-syzkaller-00821-g29d153aabd54 #0 [ 90.344236][ T1822] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 90.354141][ T1822] RIP: 0010:bpf_check+0x9514/0x12bf0 [ 90.359247][ T1822] Code: 24 70 80 3c 08 00 74 08 4c 89 ef e8 76 b6 30 00 49 8b 75 00 89 df 41 ff d6 48 89 c3 48 c1 e8 03 48 b9 00 00 00 00 00 fc ff df <80> 3c 08 00 74 08 48 89 df e8 4e b6 30 00 48 8b 1b 48 85 db 0f 84 [ 90.378782][ T1822] RSP: 0018:ffffc90000bf74e0 EFLAGS: 00010246 [ 90.384680][ T1822] RAX: 0000000000000000 RBX: 0000000000000000 RCX: dffffc0000000000 [ 90.392491][ T1822] RDX: ffffc90006ddc000 RSI: 000000000000303c RDI: 000000000000303d [ 90.400389][ T1822] RBP: ffffc90000bf7bb0 R08: ffffffff817c338d R09: 0000000000000003 [ 90.408201][ T1822] R10: fffff5200017ed68 R11: dffffc0000000001 R12: 1ffff92000015c13 [ 90.416013][ T1822] R13: ffff888126df8008 R14: ffffffff817bedb0 R15: ffffc900000ae09c [ 90.423910][ T1822] FS: 00007ff1143146c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 [ 90.432678][ T1822] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 90.439109][ T1822] CR2: 0000000020002800 CR3: 0000000119a20000 CR4: 00000000003506a0 [ 90.447088][ T1822] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 90.454894][ T1822] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 90.462710][ T1822] Call Trace: [ 90.465843][ T1822] [ 90.468700][ T1822] ? __die_body+0x62/0xb0 [ 90.472864][ T1822] ? die_addr+0x9f/0xd0 [ 90.476857][ T1822] ? exc_general_protection+0x311/0x4b0 [ 90.482243][ T1822] ? asm_exc_general_protection+0x27/0x30 [ 90.487877][ T1822] ? tracing_prog_func_proto+0x300/0x300 [ 90.493356][ T1822] ? bpf_tracing_func_proto+0x15d/0x4a0 [ 90.498728][ T1822] ? bpf_check+0x9514/0x12bf0 [ 90.503268][ T1822] ? bpf_get_btf_vmlinux+0x60/0x60 [ 90.508192][ T1822] ? arch_stack_walk+0xf3/0x140 [ 90.512879][ T1822] ? stack_trace_save+0x113/0x1c0 [ 90.517748][ T1822] ? stack_trace_snprint+0xf0/0xf0 [ 90.522686][ T1822] ? ____kasan_kmalloc+0xed/0x110 [ 90.527544][ T1822] ? ____kasan_kmalloc+0xdb/0x110 [ 90.532491][ T1822] ? __kasan_kmalloc+0x9/0x10 [ 90.537005][ T1822] ? kmem_cache_alloc_trace+0x115/0x210 [ 90.542383][ T1822] ? selinux_bpf_prog_alloc+0x51/0x140 [ 90.547678][ T1822] ? security_bpf_prog_alloc+0x62/0x90 [ 90.552974][ T1822] ? bpf_prog_load+0x9ee/0x1b50 [ 90.557671][ T1822] ? __sys_bpf+0x4bc/0x760 [ 90.561913][ T1822] ? __x64_sys_bpf+0x7c/0x90 [ 90.566340][ T1822] ? x64_sys_call+0x87f/0x9a0 [ 90.570857][ T1822] ? do_syscall_64+0x3b/0xb0 [ 90.575279][ T1822] ? entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 90.581191][ T1822] ? __kasan_kmalloc+0x9/0x10 [ 90.585696][ T1822] ? memset+0x35/0x40 [ 90.589514][ T1822] ? bpf_obj_name_cpy+0x196/0x1e0 [ 90.594375][ T1822] bpf_prog_load+0x12ac/0x1b50 [ 90.598977][ T1822] ? map_freeze+0x370/0x370 [ 90.603324][ T1822] ? selinux_bpf+0xcb/0x100 [ 90.607654][ T1822] ? security_bpf+0x82/0xb0 [ 90.611995][ T1822] __sys_bpf+0x4bc/0x760 [ 90.616089][ T1822] ? bpf_link_show_fdinfo+0x2d0/0x2d0 [ 90.621291][ T1822] ? __kasan_check_read+0x11/0x20 [ 90.626253][ T1822] __x64_sys_bpf+0x7c/0x90 [ 90.630480][ T1822] x64_sys_call+0x87f/0x9a0 [ 90.634820][ T1822] do_syscall_64+0x3b/0xb0 [ 90.639081][ T1822] ? clear_bhb_loop+0x35/0x90 [ 90.643596][ T1822] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 90.649315][ T1822] RIP: 0033:0x7ff115696eb9 [ 90.653569][ T1822] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 90.673011][ T1822] RSP: 002b:00007ff114314038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 90.681260][ T1822] RAX: ffffffffffffffda RBX: 00007ff115832f80 RCX: 00007ff115696eb9 [ 90.689065][ T1822] RDX: 0000000000000090 RSI: 00000000200000c0 RDI: 0000000000000005 [ 90.696877][ T1822] RBP: 00007ff11570493e R08: 0000000000000000 R09: 0000000000000000 [ 90.704699][ T1822] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 90.712507][ T1822] R13: 0000000000000000 R14: 00007ff115832f80 R15: 00007fff3df9d048 [ 90.720327][ T1822] [ 90.723175][ T1822] Modules linked in: [ 90.737399][ T1822] ---[ end trace e7800a152536f89f ]--- [ 90.747999][ T1822] RIP: 0010:bpf_check+0x9514/0x12bf0 [ 90.753274][ T1822] Code: 24 70 80 3c 08 00 74 08 4c 89 ef e8 76 b6 30 00 49 8b 75 00 89 df 41 ff d6 48 89 c3 48 c1 e8 03 48 b9 00 00 00 00 00 fc ff df <80> 3c 08 00 74 08 48 89 df e8 4e b6 30 00 48 8b 1b 48 85 db 0f 84 [ 90.779781][ T1776] F2FS-fs (loop0): QUOTA feature is enabled, so ignore qf_name [ 90.789761][ T1822] RSP: 0018:ffffc90000bf74e0 EFLAGS: 00010246 [ 90.796006][ T1822] RAX: 0000000000000000 RBX: 0000000000000000 RCX: dffffc0000000000 [ 90.804643][ T1776] F2FS-fs (loop0): invalid crc value [ 90.806902][ T1822] RDX: ffffc90006ddc000 RSI: 000000000000303c RDI: 000000000000303d [ 90.811806][ T1776] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (15359802341028777995, 275811881701387) [ 90.817610][ T1822] RBP: ffffc90000bf7bb0 R08: ffffffff817c338d R09: 0000000000000003 [ 90.837185][ T1822] R10: fffff5200017ed68 R11: dffffc0000000001 R12: 1ffff92000015c13 [ 90.845219][ T1822] R13: ffff888126df8008 R14: ffffffff817bedb0 R15: ffffc900000ae09c [ 90.845880][ T1776] F2FS-fs (loop0): Mounted with checkpoint version = 753bd00b [ 90.853023][ T1822] FS: 00007ff1143146c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 [ 90.869334][ T1822] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 90.875866][ T1822] CR2: 000000110c290c76 CR3: 0000000119a20000 CR4: 00000000003506a0 [ 90.883973][ T1822] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 90.892189][ T1822] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 90.900445][ T1822] Kernel panic - not syncing: Fatal exception [ 90.906509][ T1822] Kernel Offset: disabled [ 90.910641][ T1822] Rebooting in 86400 seconds..