last executing test programs:

1m7.400610807s ago: executing program 1 (id=947):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000580)={'batadv_slave_0\x00', <r1=>0x0})
ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f00000002c0)={@mcast2, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @dev={0xfe, 0x80, '\x00', 0x25}, 0x5, 0x6, 0x0, 0x100, 0x4, 0x540000, r1})
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$sock_inet6_SIOCADDRT(r2, 0x890b, &(0x7f0000000800)={@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @private0, 0x0, 0x6, 0x0, 0x100, 0x6, 0x180107, r1})

1m6.625190396s ago: executing program 1 (id=950):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000100)=0x207, 0x4)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'xfrm0\x00', <r2=>0x0})
sendto$packet(r0, &(0x7f0000001640)="05031600d3fc14000000478803c3a6103b286c3ed81630c002b72b261ec5a9150394029b6177", 0x26, 0x8004, &(0x7f0000000140)={0x11, 0x3, r2, 0x1, 0x0, 0x6, @multicast}, 0x14)

1m6.471449817s ago: executing program 1 (id=952):
unshare(0x20000400)
r0 = epoll_create1(0x80000)
r1 = signalfd4(0xffffffffffffffff, &(0x7f0000000180)={[0x5]}, 0x8, 0x80000)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000000)={0x2000})
signalfd4(r1, &(0x7f0000000100)={[0xffffffffffffeffa]}, 0x8, 0x80000)

1m6.231026285s ago: executing program 1 (id=954):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x22)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x1214040, 0x0)
chroot(&(0x7f0000000100)='./file0\x00')
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f00000003c0)='./file0\x00', 0x0, 0x2a05004, 0x0)
pivot_root(&(0x7f0000000600)='./file0\x00', &(0x7f00000001c0)='./file0/../file0\x00')

1m5.936196132s ago: executing program 1 (id=955):
syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000280)='./file0\x00', 0x8000, &(0x7f0000000000)=ANY=[@ANYBLOB="6e6f6e756d7461696c2c6e66732c73686f72746e616d653d6c6f7765722c757466383d312c64656275672c696f636861727365743d757466382c73686f72746e616d653d6d697865642c757466383d312c004845160000000000"], 0x1, 0x2b2, &(0x7f0000000880)="$eJzs3NFLU28cx/Hvz6mbE91+EEFB9aVu6uag6w+oEQrRoDAn1UVwzLMaO21yzlgsIncT3fZ3SJfdBdU/4E100313EgTdeBGd8Jwd3XTa1M2t+X6BnO/xeT4+jzrlewSf9XtvnhZyrpEzyzIUUxkSqcmGSHKzqvuvfh3y61FpVJMr4z+/nrt7/8GtdCYzM6c6m56/mlLVyQsfnr14e/FTeXzh3eT7qKwlH67/SH1bO712Zv33/JO8q3lXi6WymrpYKpXNRdvSpbxbMFTv2JbpWpovupbTNJ6zS8vLVTWLSxPxZcdyXTWLVS1YVS2XtOxU1Xxs5otqGIZOxOVkG25jTnZ1bs5M7znsRTq6I3RetPl2rNUcx0nXWg9mV7u1LwAA0L/27/+DXn/v/j+zEFw73P+L0P93Sa3p7i/9PwaC46TNeP3ntxn9PwAAAAAAAAAAAAAAAAAAAAAA/4INz0t4npcIr+FbVERiIhLe93qf6I5Dfv+v9Wi76LCGf9yLidivK9lKNrgG4+mc5MUWS6YkIb/810NdUM/ezMxMqW+k/iE38yuVbMQ/m8DPh5Kt8uf/nw7yKh83c5V6fkTijeunJCGnWq+f2s6HxyGsVLKjcvlSQ96QhHx+JCWxZcl/XW/nX06r3rid2bH+mD8PAAAAAIBBYOiWZPPzb3D2o+FPiMnu8SB/gL8P7Hi+Hpaz7RxRCQAAAAAAjsytPi+Ytm05hyiiInKE+KAWEemLbeworotIH2zjuIqYiATv0cPEv2/F20p5bcwZFpGef1kOUPT6NxMAAACATttu+g8Q+vKqizsCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAODkafc8sHD+rqFwYJ94w3KRY/8EAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgD7yJwAA//+j7Rqj")
lsetxattr(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB='b[rgs4}%.'], 0x0, 0x0, 0x2)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)

1m4.644541553s ago: executing program 1 (id=959):
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x3, 0x20132, 0xffffffffffffffff, 0xb299b000)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00304, 0x17)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='smaps\x00')
preadv(r0, &(0x7f0000000340)=[{&(0x7f0000003200)=""/4096, 0x1000}], 0x1, 0x2c2, 0xca)

1m3.794396299s ago: executing program 32 (id=959):
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x3, 0x20132, 0xffffffffffffffff, 0xb299b000)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00304, 0x17)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='smaps\x00')
preadv(r0, &(0x7f0000000340)=[{&(0x7f0000003200)=""/4096, 0x1000}], 0x1, 0x2c2, 0xca)

4.734283735s ago: executing program 3 (id=1252):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x6, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="18020000f905ffff0000000000000000850000002c00000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x20}, 0x94)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r2=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000340)={r1, r2, 0x25, 0x0, @val=@iter={0x0}}, 0x20)
syz_emit_ethernet(0x10e80, &(0x7f00000000c0)=ANY=[], 0x0)

4.475823708s ago: executing program 0 (id=1255):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000380), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})
ioctl$TUNSETSNDBUF(r0, 0x400454d4, &(0x7f0000000100)=0xa)

4.411879674s ago: executing program 3 (id=1257):
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)={0x5c, 0x2, 0x6, 0x1, 0x0, 0x0, {0x2}, [@IPSET_ATTR_TYPENAME={0x12, 0x3, 'bitmap:ip,mac\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_DATA={0x18, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @empty=0x80ffffaf}}, @IPSET_ATTR_CADT_FLAGS={0x8, 0x6, 0x0}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}]}, 0x5c}}, 0x0)
socket$l2tp(0x2, 0x2, 0x73)
socket$nl_route(0x10, 0x3, 0x0)
r0 = syz_mount_image$btrfs(&(0x7f0000000200), &(0x7f0000005600)='./file0\x00', 0x2000000, &(0x7f0000000240), 0x0, 0x559e, &(0x7f000000ac40)="$eJzs3X9sVeX9B/BzWwoN+C39jhUYfxAgBoMkyJYtjqB4MQa24eKlgsKcCEQlBivYRDcYqUWSZcaghU4EF5GQaDJjscM/FMywy7CMZfzY5hZjs4JSaZZsAzVrHDG69N77XO49l9tembNOXy/SnvPcz3me+9yT88d9X/qcGwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAURUcSc9+d0f3i0ZE1X77/Hz+e+OjGn4zfvX/roVvu23T/gjMjbto5a1nf+mlN8zdsbDjS/PS+ObdGUSLdL5Htf9u136q/88bbvlsdBly+MLOtrS31lJmuJzON4QUP9vcr/FkRRVFVbIDK7PbV7E5FwQC53cbiAQf0Tuui6O7J8ya1dT01bklyYU/xS6df9VBPYKhkr6ue89dSMv27InZErp136SUKLtFM//gF96m8CADgY5mZSm9yb0ezb3Fz7eZ4PdZOxtotsXZ4h9CS37gYmXGHl5rnpHh9iOaZzESFESXnGatnz3+unYr3j7VjUeNjzLPw0GykqS41z7Wx+lDNEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCzZOzxo2tWtD2y575fdtQceff9OVc+8KWOw22LT4y8eunKHWum/HTWsr7105rmb9jYcKT56X1zbo2i2nS/RKZ74kTL5b9NjZ3fvXfcG427n6vpq8yOG7bD8g6OXg87s0ZH0cq8Sk8Y9q81UZQqLKSb0Y7iwl3pnW+HAgAAAJ8nX0n/rsi1M3GwqqCdSKfJRPpfkAmL77Quiu6ePG9SW9dT45YkF/Zc/HipEuMlLzherl17/ieRF4xD/I2Pd74eDm0sGmdg8RHjef7SMWPefmty/eSvT5v7xA3PjOru+r8nZ2xJ/bGu5oUrru+tf/a6ovxfO3D+D2dO/gcAAOA/If/HxxnYYPn/jqVTt7z+i2Grft3a8MTB+h1/bv3OMzsXneq54Ud9L09N3v7o1UX5f1LBUxbl/zDjkP8roovL/wAAAPBZ9t/O/8micQY2WP5vONM3+wcHX6vr+PucxXt+9dAVi8+e/tv8U7t3DV9zR8v6uoeuLMr/M8vL/8Pypx0e/F2Y8OrRUTSz/JMKAAAAFAj/737+o4WQ1zOfHMTz+rX/vKp5380ffPMbD97zpzff/s2xA7MnrdteN/PgyzfVf1j5ve3dRfk/WV7+r/p0Xi4AAABQhuePrpw773jPucfPvtB18vDu3pMznjyzrqnvdOslLatXbTr2WlH+T5WX/0cMzcsBAAAALuDeO59bsfnVl/oe2H/X2Ck9FVc1XpK4ZduOqU0TPuq8tPfy7VuL8v/y8vL/yOw2u/Ih06kz/BVC6+goqu7fWZspHIparskVAAAAgE9IyOlbP1ixbOzOsb3jj59+rObQG4dn/2Vt55yN13RXdW/uXNZ4WdH9AkJiL3X//3Cng7D+v+D+f0Xr//MKmbv+zXZjAAAAAL6Iitfzh9vjZ765oNT375e7/n9J3cQTiba33lv11XMHzo1ZsP/7129aV9/be8+El37/wz9M/6i6KP83l5f/K/O3n+T3/wEAAMBF+F/7/r+lReMMbLD7/zdV9DWsWrd3+uota7csTCw7UH3qwdV731+w5l9Tb36+qea6A0X5v6W8/B+2o/JfXkc4P5tGR9H4/p3s3QR/Hqa7OlZor8orZE58rMeNoUe20D4ir5C2Ntbja6OjaHL/TnOs8P+h0BIrnK3JFnbFCsdCIXs95Ap7YoWOcKVtq8lON154MRSyCyzawwqKUbklEbEe75Xq0V+4YI+u3JMDAAB8oYTwnM2yVYXNKB5l2xODHTBysAMqBjugcrADhsUOiB9Y6vFoeWEhPH575yMbNjVMSb7y8NzHfvbms40T9j1+WV3v5g9f2XbvxJ3TW6YW5f9d5eX/cCqGZzal1v9HYf1/9nsNc+v/l4dCbazQHgqp+B0DUuE5MmH34fActalsj7PjcwUAAAD4XAufC1QO8TwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/s3evcdJVd0JAj/d9INumqaNE9GMk3TUgGakaWwNw+AoaoxGRZpZddxkNBBoEGmE8FgFURtQZxziZ3ztrJnoCAoiu+qHGFeDwUhcxIw6iWLiA/Cxjq7r+h6VGM2E/XTfOkXVrS67EFDa+X7/6DpVv/O89eg69946FwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/xjuPfjlk4YunP0PHzace8nqqqmL/kfH6Mv+cNW3vvjUPy5b9G9h/i9GnLll3kEXHjd/wbR/6Vi++ogzQmjtKleWFC977oqvPtS613HP3jFw48wbb63fUpWpNxMP/Tr/lGfuXBxbfbF/CHeXhVCRDgypSwKVmft1sb5960LYI2wLZEu01SYl0g2HB2pCWBK2BbJVra4JoS4ncMqG+++7vDNxTU0IXwkhVKfbeKY6aaMmHRhUlQRq04HpFUngt1sT2cBPypMA7LD4Zsi+6Fe15mdo6L5ckddf5U7r2KcrPbw+MdFQPN/rR+3iTuWoSj/QukNPW0F17BIFb4+13m294N1WsJ2v8LTlfpHKfEPZui1UHcontk0aP6d9dnykPDQ19SlW0y56np9+e/6E7Un3mtdh7EDDTnkdXvrYiun9lo2+9OrNvxqz4ayaA3a0m0/lbNLc9K5WHTKvuV7zPEajfJ70grdfwbekRl+6Qghbzz17xtfnTDz7iD63PLnu1QcfrNty9pwFvzhz4nmLLj55w7/Pf6lg/t/w0fP/+HKOt+V5uWOrH9Ync/P4SF1MvFmfzM0BAACg1+gNe01Xnv/6X73+/bWtMxed/u23Dj73w71afz3i/gFVB7yxrqn1/I2ff6Vg/t9Y2vH/eMi/Lne0a0MY1ZVYNCCEvbseTwIrY3e+OyCEL3elWvMDR6UCa0PYpytxULaqVIm+sURjKvByfSYwKhVYHwOtqcDyGLgiFbg4BlalAhNiYG0qcHQMhCn54/hqfWYcJQdqYmBcshFXxbMQ3qmPraW21aZsVQAAADtJZnZYmX8351yHHc0Qp5eranrKEM/ALpqhOlVDegabnVYVraGipxrKe6ohO+6Ojx5+Qc1lPdVccBpGWX6GG9f85X2LXjzsC2P3mvj5xUMvmPKz8eGst++uerx5yYtv7XvEzesK5v/NHz3/r+6mI2UFx/9DGNv1N+Yuz0Tas/FxrXkZAAAAgB1w0R//xR61Lw85oGHT+2X3zl/7xKMrfrl5j1NOf3/c8a//8PCaxnsL5v+jSjv/P+4T6ZOTOTwSd0NMHRBCc34gqXZkYSA56t0vEwAAAIDeIHs8PnssfErmNjlFOz2fLszfup3544H/Ud3m//09/7P2jq3/+mLZBd89d0TNgKX/9GrHhBNOPvqW47/1zj4VB/yyvGD+31ra+f+1+bdJJ9bHXlw9IIS+OYEHYy87A10aY+D5I/MDmfGvjxtgcawqc2JCtqrFscS4GGhOBZYUK/FotsTe+YHMk5VtfFF2HFMyJXICAAAA8ImLuwPicfl4/n/LGSNO++vvzfrbha88eN7qCy75q+Ed80eedP/THzbMvXJp2PTmEQXz/3Hbd/5/1zy44PT+9n4hDK0IoU/6hwGP1CYLA8ZAXVkmcW9tUlefdFULa0MY2TmwdFUvZNb/r0ivMfh4TVJVDOy93y1vD+pMLKsJYWhu4IlvLz2sMzEnFcg2flpNCF/qHG268bv6Jo1Xphu/tm8IX8wJZKua0DeEzsaq0lX9r+rMdQzSVa2qDmHPnEC2quHVIcwNAPRW8X/pxNwHZ82dN3V8e3vbzF2YiDvxa8KkKe1tTROmt0+sLtKniak+561jtKBwTKVe+mZTZo2ixSsnV5aSzv5QsDm3rcyO/IIzBzP345ehyq5xHlKZd7clPeQD9y9sIuR8lSo25PJdPOTa3Eq2PYkF9cf8VaFf6DtnVtvMpvPGz549c1jyt9TshyR/43GmZFsNS2+r2u76VsLLo+hyWSkfd1sNyq1k6OxpM4bOmjtvyJRp4ye3TW47p+XQP2sZMXz410YM7RxUc/K3h5EO6q7m1Ei3Li1xWDtxpF+oyKnkk/jQkJCQ6G2J/f7L5odH77n+nOt/9tqPz+/3zdPu3fvImT889KqpD1Xve/ji24ccWDD/n/HR8//4qRM/+DPrMxQ7/t8QD/Mnj287zD8uBpaUevy/odjR/OyJAY2pQEcMdDjMDwAAwGdD3B0Z92bGndKbb1m/buOSlrk/aHin5dY17Utvuum+U39y58ATvjQ47LXhuhM+VzD/7yjt9/87af3/7NL1JxRb5v+gWKK52Pr/6WX+s+v/dxRb/z+9zH92/f8ln8L6/3OygdQmecf6/wAAwGfBJ7f+f4/L+6cvEFCQocfl/dMXCCjI0OMy/qVeIGC71/9f8+Bff6Wq35g7/qTlN/WXvPZ39xzWeuS6zTP/5Etb10+877qxt6wpmP9fUdr838L9AAAAsPv4z5ddU3H02Xff0bJu6sZxbw5+98m3lgzq80HF0Q+3j3xh4Bu3nlcw/19S2vz/k1//LxQ7/7+xWKC12MKA1v8DAACglyq2/t89Q1sa/zCm/x+eHvab5Q/ePPqnj/z898v3+/mJPyvfZ8Gxz8+8bFLB/H9VafP/eNpFeV7u2JsP65M17UJ6Tbs367M/GQAAAIDeoTw0NVWWmDdvYdSjPn6bT2eWAv2odK7vvXLt2ZtfmH7c46ev+7uaEwbvOWHaBasa/2b4gXd+ftQley7ddGrB/H9tafP/vN9lXPrYiun9lo2+9MOrN/9qzIazag7YdvwfAAAA2HVK3S8BAAAAAAAAAAAAAAB8+s7tWHzhI8uOfe+bt//F/kcseXXwbXcd+Lsh/V664qoHJq1648zJXy/4/X8Y21Wu2O//43X/4u8L/igvd2y15/X/MvdPOfH2uV1LFj5SH8L+uYGpC6fuETLX5h+cG7jvjIMGdiYWpkusefbolzoT30kHjh/yuS2dicNTgXFxkcR90oF4VcUt/VOBuLzi4+lA3B6r0oGqTOCy/sk4ytLb6pW6ZFuVpbfVxroQBuQEstvq7rqkjbL0AK9JBbID/F46EAd4ciZQnu7V7f2SXsVAXSx6Q7+kVwAA7Lbit8DKMGlKe1tz/Aofb79QkX8b5S1ZtqCw2rISm9+UWZps8crJlaWk+6S/i2671nhlqO4cwrCCr6u5Wcq6Rrlzaulh0/1RkSH3tNpbeZFyadu76aqKj6gmGVHThOntEyt7HHhLz1kOqegxy7CCyU5ulvKuTVpCLSX0pYQRlbhtSuhyvF8empr6pHL9eQw2hDw9vSJK/b1+7jp/xV4FuXluO/TKt758zE+f++CfP/9E/2+cVnP7rO+/e+KvX7//wEOOuG5C05otBfP/htLm/9W549qSuRhAR7yy3sgBIYwrcUQAAADw2XfbRbfecfr09a9MWlvx5GOPTS0fc3rl1vl3zp93ycZ7Fx9/2cErdjR+2Fm//f5vBu//b89e9dJPR+7zwA03/58nD3v8z3//8I8eeqduZZ+x7xXM/xtLm//HPViZQ8HJ3o618fr/iwaE0HVp/YYksDIO97sDQvhyV6o1lkguqH9CLNGcBFbGHSYHxRLjWvOr6hsDq1KBl+szgbWpwPoYyOyluCVkduVcWR/CYV2psfklZsQSDanAmBhoTAWaYqA5FegfA6NSgdf6ZwKtqcDDMRCm5G+rH/fPbCsAAIDtkZlnVebfDel53qqKnjKU9ZShtqcM5T1lqO4pQ7FRxPt3xAyVqZNXynIyVaZrrUnVUpAhXgx/u/tVkCE8mp8zXbCg6Xj+QfZ8g7L8DFf+4NlT1w+e/tDqzcd8beBt/zhkz4Obp9e9t+CGp3475pzrnv/TQQXz/+bS5v+1+bdJ6+vj/H/b9f+SwIOxe1fHU8cbY+D5I/MDmR0D6+Nkd3G2qtZMicykfXEsMSoGGlOBGTEwKhUYNzYTWDIwP5CZaWcbX5RtfEqmRE4AAAAAPnFxB0HcTRPn/zce9YOr3x8wccuyeTPvH9vyxMmjv3H1XT+6d/9ld767YvCAce99p2D+P6q0+X9sr19uYxfH3rzYP4S7y7b1JhsYUpcE4n6Muvjz+H3rQtgjZwdHtkRbbVKiKtVweKAm+YV6Vbqq1TXJGgPx/ikb7r/v8s7ENTUhfCVn70u2jWeqkzZq0oFBVUmgNh2YXpEE4p6fbOAn5UkAdlh2r2B8QWVOdclq6L5ckdffZ+WaoOnhFewD7SZfd7+52lWq0w9k9qlmbd/TVlAdu0TB22Otd1tvfLc1eLflfpHKfEPZui1UHcontk0aP6d9dnwk95esBXbR85z7K9VS0jvhddjx8Xvbs+p0B5pTHx/N3Zfr/nVYFqu79LEV0/stG33p1Zt/NWbDWTUHlNyNIuIPhX+05X9XPpWzeXe16pB5zfW6z5NWnye98d9Ao6cthHDZ9cfsu+TdX+/33A3Pnbqu7Maxr/7lrHs2Lf+bysNHrXv/yaGjLy+Y/7eWNv+vSN12+V3cmLMGhHBgzsZ9JG7+YwYkn4M5geRTcs/CQHLI/V/ri35yAgAAwM6W3d2R3V8wJXObnBCenicX5m/dzvxxf8WobvOX2u9j121cedLQN6474G8vOPGNv7/28Kceuv6ysnXL//vYD1avuXzxe08UzP/HffT8v2+qm47/O/7PLuL4f7d2913RfdMPdOzQruiC6tglHP/v1u7+bnP8v1uO/zv+3x3H/3vg+H+3dvenreBb0gxfujonwdff+fPfTbzpg7mN+x180lPPHDrxun+6quXuu0555b+de9601761uWD+P6O0+b/1/7pftC+7/t+4Yuv/zSi2/l+H9f8AAIBdqshCc+l5XsHqfQUZ0qv3FWTocYHAHpcYtP7fdq//t3Dkv1904Q+fb7n2nTvHXb5m07Fnvvr0utXPzFpx3Lnnv9V6112tBfP/jtLm//Hl0C+39d6y/l/j2CJVXREDMywMCAAAwO6o2A4CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPl2HnvbO+5d8/R/aBv1ixc1/f+v/+7/P1q594JvfuGn4L6f86RllazZcM+LMLfMOuvC4+Qum/UvH8tVHnBHClK5yZUnxsueu+OpDrXsd9+wdAzfOvPHW+i3VmXorM7d/nJc7tvphfQhLch6pi4k36zvvbAuccuLtcys6E4/Uh7B/bmDqwql7dCaW14cwODdw3xkHDexMLEyXWPPs0S91Jr6TDhw/5HNbOhOHZwJl6e5e1z/pblm6u5f3D2FATiDb3bP751eVbeO4TKA83caKuqSNGKiLRa+tS9qIgfZYYkrfEIZWhNAnXdU/VydV9UlXdU91UlWfdFUXVYcwMoRQka7quaqkqor0yB+tSqqKgb33u+XtQZ2JpVUhDM0NPPHtpYd1JmamAtnG/1NVCF/qfMmkG/9xZdJ4Zbrx/1oZwhdDCFXpEu9VJCWq0iVeqAhhz5zAto1YEcLcwGdD/PSZmPvgrLnzpo5vb2+buQsTVZm2asKkKe1tTROmt0+sTvWpmLKc9NYFH3/sm96eP6HzdvHKyZWlpCsy5Sq7unxIZd7dlt2997FftbmVbHs+CuqP+atCv9B3zqy2mU3njZ89e+aw5G+p2Q9J/vbJRJNtNay3bKtBuZUMnT1txtBZc+cNmTJt/OS2yW3ntBz6Zy0jhg//2oihnYNqTv7ujJEu/eRH+oWKnEo+ife/hIREb0uU5326Ne/un+MFX/S3dbQyVHd9QBdMK3KzlHWNcmcM+qiPOeKP8zWlxxENK5g4FGQ5pOcsLQWTiW1ZapIsXV/rCiaHuTWVd23SeL88NDX1KbYdGvLv5m7e13dg8z6d2XSlpgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+P/swIEAAAAAAJD/ayNUVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYQcOBAAAAACA/F8boaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgo7cCwAAAAAIMzfOoyeDQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4FAAA//8fSxmR")
ioctl$BTRFS_IOC_SUBVOL_GETFLAGS(r0, 0x80809440, &(0x7f0000000180))

3.97877544s ago: executing program 0 (id=1262):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x10, 0x572, 0x8000, 0x9, "ff000d00009a468e0cd912098d00"})
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETA(r1, 0x5406, &(0x7f0000000200)={0xfffe, 0xb35e, 0x5, 0x7, 0x9, "6c060043046b1dcb"})
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000140)=0x6)

3.723157002s ago: executing program 0 (id=1264):
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb45, 0x100000000009, 0xa, 0x0, 0x3}, 0x0)
ioprio_set$pid(0x2, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800714, &(0x7f0000000500), 0xf7, 0x485, &(0x7f0000001040)="$eJzs3M9rHFUcAPDvTJL+bhNrrba2Gq1i8UfSpFV78KCi4EFB0EM9xiSttdtGmgi2BI0i9SgF7+JR8C/w5kXUgwheFTxKoWgQmnqKzK9mu9mkSZpkbfbzgc2+t/Nm3/vOzNt9My+zAbSt3uxPErEjIn6LiO4ie3OB3uJpZnpy+Pr05HASs7Nv/JXk5a5NTw5XRav1tpeZw2lE+mkSzyfz6x2/cPHMUK02er7M90+cfa9//MLFp06fHTo1emr03ODx48eODjz7zODTqxJnFte1/R+OHdj3yluXXxs+cfntH7/JmrX3YLG8Po5but4koCZ6s63292yucdmjy2j7nWBnXTrpbGFDWJaOiMh2V1fe/7ujI+Z2Xne8/ElLGwesqey7afPCi6dmgQ0siVa3AGiN6os+O/+tHus09PhfuPpCxKYyPTM9OTxzI/7OSMvXu9aw/t6IODH175fZI5Z7HQIAYAXysc2TzcZ/aezNn4u5jl3lHEpPRNwVEbsj4u6I2BMR90TkZe+NiPuKlWe7l1h/b0N+/vgnvdK0zaskG/89Vzf2m6mLv3zq6ShzO/P4u5KTp2ujR8ptcji6Nmf5gUXq+O6lXz9faFn9+C97ZPVXY8GyAVc6Gy7QjQxNDK3WRrj6ccT+zmbxJzdmArIjYF9E7F/eW++qEqcf//rAQoVuHf8iVmGeafariMeK/T8VDfFXksXnJ/u3RG30SH91VMz30y+XXl+o/tuKfxVk+3/bzcd/Q4nuf5JivrYrarXR8+PLr+PS758teE6z0uN/U/JmPmf98zvFax8MTUycH4jYlLya56tzuvz1wbl1q3xVPov/8KHm/X93uU4W//0RkR3EByPigYh4sGz7QxHxcEQcWiT+H1585N1F4k8iiZbu/5Gmn383jv+epH6+fgWJjjPff7vQjPnS9v+xmMo/awv5598tLLWBt7n5AAAA4I6QRsSOSNK+It27I9K0r6/4H/49sS2tjY1PPHFy7P1zI8U9Aj3RlVZXurrrrocOJFPlOxb5wfJacbX8aHnd+IuOrXm+b3isNtLi2KHdbb+5/0fV/zN/drS6dcCac78WtK/G/p+2qB3A+lvK979zAdiYmvT/ra1oB7D+nP9D+2rW/z9qyBv/w8Y0v///0eQn64CNyPgf2pf+D+1L/4e2dDv39a88Ud0ssPL32bLkO/zbJVH94sVa1rU15l6JtOUht1Ei6zHrW+ncb6gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADcyf4LAAD///ss5ts=")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000000), 0x208e24b)

3.722528908s ago: executing program 2 (id=1265):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000100)='./file1\x00', 0x8, &(0x7f00000000c0)={[{@lazytime}, {@errors_remount}]}, 0x2, 0x53a, &(0x7f0000000c80)="$eJzs3c9vI1cdAPDvOPHmR7NNCj0AArqUwoJW6yTeNqp6YXsBoaoSouLEYRsSN4pir6PYK5qwh+yReyVW4gT8B9w4IPXEgRs3kDj0Ug5IC6xADRIHoxlPEjexE7dJ7ST+fKTJzHszO9/34n3veV5kvwBG1o2I2I2IaxHxdkTM5vlJvsXd9pZe99HThyt7Tx+uJNFqvfXPJDuf5kXHv0k9k99zMiJ++L2InyTH4za2dzaWq9XKVp6eb9Y25xvbO7fXC3lOeWlxaeHVO6+Uz62uL9R+++S762/86Pe/+8qHf9r99s/SYs38/Hp2rrMeh4pnjpnk95npyBuPiDfOfOeLYzz//8Plk7a2z0XEi1n7n42x7NUEAK6yVms2WrOdaQDgqkuf/2ciKZTyuYCZKBRKpfYc3vMxXajWG81bs/UH91cjm8Oai2LhnfVqZSGfK5yLYpKmF7Pjw3T5Y+n3Knci4rmIeG9iKjtfWqlXV4f5xgcARtgzR8b//0y0x/9OZ/8rGABw4UwOuwAAwMB1jP9zwywHADA4nv8BYPR8gvHfpwMB4Irw/A8Ao8f4DwCj59Tx/9FgygEADMQP3nwz3Vp77e+/3v+m7turlcZGqfZgpbRS39osrdXra9VKaaXVOu1+1Xp9c/Hlg2Rje+derf7gfvPeem15rXKv4rsEAGD4nnvh/b+kg/7ua1PZFh1rORir4WorDLsAwNCMDbsAwND4PA+Mrj6e8U0DwBXXZYnetnyCIOl1wWOLv8JldfOL5v9hVJ1l/t/cAVxun27+/zvnXg5g8IzhMLparcSa/wAwYszxAz3//p/r+RUhj/u4+d1PXh4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4DGayLSmUsrXAd9OfhVIp4npEzEUxeWe9WlmIiGcj4s8TxYk0vTjsQgMAZ1T4e5Kv/3Vz9qWZo2evJf+dyPYR8dNfvvWLd5ebza3FNP9fB/nNx2n+VHOrfG0YFQAAOu2vu/nBYVY2fpfzfceD/EdPH67sb4Ms4pPXI2JyKou/l2/tM+Mxnu0noxgR0/9O8nRb+n5l7Bzi7z6KiC/s138y3u2IMJPNgbRXPj0aP419/dzjd/7+j8YvfKy+hexcui9mv4vPx5HCAad6//V2P5m3vbSJ5+2vEDeyfff2P5n1UGeX9n9pc9071v8VDvq/sWPxk6zN3zhIn1ySJy//4fvHMluz7XOPIr403i1+chA/6d7/Fl/qs44ffPmrL/Y61/pVxM2u9d9fkbqWdbPzzdrmfGN75/Z6bXmtsla5Xy4vLS4tvHrnlfJ8Nkfd/vnHbjH+8dqtZ3vFT+s/3SP+5Mn1j2/0Wf9f/+/tH3/thPjf+nr31//5E+KnY+I3+4y/PH235/LdafzVHvU/5fWPW33G//BvO6t9XgoADEBje2djuVqtbJ1ykL7XPO0aB/0fpM/2F6AY2UHsRpzXDbNJiYjoek36jvpiVPmzOkiGFv03533DYfdMwGftsNH3vuavgywQAAAAAAAAAAAAAABwTGN7Z2Oi+6e1zu1g2HUEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg6vp/AAAA//9W1cZQ")
setxattr$incfs_metadata(&(0x7f0000000f80)='./file0\x00', &(0x7f0000000fc0), 0x0, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000480)='.\x00', 0x10000, 0x0)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r0, 0x8004587d, &(0x7f0000000080)={@id={0x2, 0x0, @a}})
lremovexattr(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)=@known='user.incfs.metadata\x00')

3.494306928s ago: executing program 5 (id=1266):
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x4, 0xe, 0x0, 0x0}, 0x94)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
connect$inet(r0, &(0x7f0000000140)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xe}}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000000), 0x20000328)

2.806401025s ago: executing program 4 (id=1267):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000280)={0x0, 0x4, 0xba, 0x2, 0x3, 0x0, 0x0, 0x4, 0xfc, 0xfd, 0x0, 0x0, 0xff}, 0xe)
shutdown(r0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={<r1=>0x0, 0x1c, &(0x7f0000000140)=[@in6={0xa, 0x4e24, 0x9, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x13}}}]}, &(0x7f0000000240)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f0000000040)={r1, @in6={{0xa, 0x4e23, 0x1, @empty, 0x7}}}, &(0x7f0000000100)=0x84)

2.636454546s ago: executing program 5 (id=1268):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0xc0a41, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0x3, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast})
write$tun(r0, &(0x7f0000000400)={@val={0x8, 0x800}, @val={0x7, 0x0, 0x0, 0x300, 0x14}, @ipv4=@tcp={{0x6, 0x4, 0x0, 0x3c, 0x2c, 0x0, 0x0, 0x0, 0x2f, 0x0, @empty, @broadcast, {[@end]}}, {{0xa200, 0x22eb, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}, 0x3a)

2.60926401s ago: executing program 3 (id=1269):
mkdirat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0xc0)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000540)='./bus\x00', 0x8800, &(0x7f0000000280)={[{@errors_remount}, {@usrquota}, {@minixdf}, {@nombcache}]}, 0x1, 0x51a, &(0x7f0000000f00)="$eJzs3c9vI1cdAPCvnThxfnSTlh4AQbu0hQWt1km8bVT1AOWIUCVEjyBtQ+KNothxFDulCXtIz1yRqMSJHvkDOPfEgRsXBDcuywGJHxFog8TBaMaTrDdrb6xNYqfx5yON5r2ZWX+/L868t36O/QIYWTcj4iAiJiLig4iYy47nsi3ebW/JdY8OH6weHT5YzUWr9f4/c+n55Fh0/JvETPaYxYj44acRP8k9Hbext7+5Uq1WdrL6QrO2vdDY27+zUVtZr6xXtsrl5aXlxbfvvlW+sLa+WpvISl99+IeDb/0sSWs2O9LZjovUbnrhJE5iPCK+fxnBhmAsa8/EsBPhueQj4qWIeC29/+diLH02AYDrrNWai9ZcZx0AuO7y6RxYLl/K5gJmI58vldpzeC/HdL5abzRv36/vbq2158rmo5C/v1GtLGZzhfNRyCX1pbT8uF4+Vb8bES9GxC8mp9J6abVeXRvmf3wAYITNnBr//zPZHv8BgGuuOOwEAICB6zH+Hww6DwBgcLz+B4DRY/wHgNFTTL/DYWrYaQAAA+T1PwCMHuM/AIyUH7z3XrK1jrLvv177cG93s/7hnbVKY7NU210trdZ3tkvr9fp6+p09tbMer1qvby+9GbsfzX97u9FcaOzt36vVd7ea99Lv9b5XKaRX+WQBAAzTi69+9udcMiK/M5Vu0bGWQ2GomQGXLT/sBIChGetRBq4/q33B6DrHa3zTA3BNdFmi9wnF6PIBoVar1bq8lIBLdutL5v9hVHXM//srYBgx5vxhdJn/h9HVauX6XfM/+r0QALjazPEDPd7/fynb/yZ7c+DHa6ev+OQyswIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICr7Xj931K2Fvhs5POlUsQLETEfhdz9jWplMSJuRMSfJguTSX1pyDkDAOeV/1suW//r1twbs0+cemXmpDgRET/91fu//Gil2dz5Y8RE7l+Tx8ebn2THy4PPHgA42/E4ne47Xsg/OnywerwNMp+/fzciiu34R4cTcXQSfzzG030xChEx/e9cVm/LdcxdnMfBxxHxxW7tz8VsOgfSXvn0dPwk9gsDjZ9/In4+PdfeJz+LL1xALjBqPkv6n3e73X/5uJnuu9//xbSHOr+s/0seavUo7QMfxz/u/8Z69H83+43x5u++1y5NPX3u44gvj0ccxz7q6H+O4+d6xH+jz/h/+corr/U61/p1xK3oHr8z1kKztr3Q2Nu/s1FbWa+sV7bK5eWl5cW3775VXkjnqBd6jwb/eOf2jV7nkvZP94hfPKP9X++z/Z/+74Mffe0Z8b/5erf4+Xj5GfGTMfEbfcZfmf5tsde5JP5aj/af9fzf7jP+w7/uP7VsOAAwPI29/c2VarWy86zCjaOIs675XBaiv4t/n/2wrkTOI11InoUrkEbXwnc6jszEJcaa6HEz/vz19q/pZETnL3ar9VyxevUYFzHrBlwFJzd9RPx32MkAAAAAAAAAAAAAAABdDeLTUcNuIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANfX/wMAAP//jMfJaQ==")
mkdir(&(0x7f0000000100)='./bus\x00', 0xe8)
mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
mount$bind(0x0, &(0x7f0000000100)='.\x00', 0x0, 0x21, 0x0)

2.379872323s ago: executing program 4 (id=1270):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000500)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x9}]}, 0x24}}, 0x20000800)
sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000600)={0x7c, r1, 0x5, 0x4, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x47, 0xe, {{{}, {}, @device_b, @broadcast}, 0x1fffffffffffffe, @random=0x4, 0x0, @val={0x0, 0x6, @default_ibss_ssid}, @void, @void, @void, @void, @void, @void, @void, @val={0x3c, 0x4, {0x1, 0x7, 0x3c, 0x2}}, @void, @val={0x72, 0x6}, @val={0x71, 0x7, {0x1, 0x1, 0x0, 0x1, 0x1, 0xf0, 0x8}}, @void}}], @NL80211_ATTR_P2P_CTWINDOW={0x5, 0xa2, 0x9}, @NL80211_ATTR_BEACON_INTERVAL={0x8, 0xc, @random=0x7f}, @NL80211_ATTR_DTIM_PERIOD={0x8, 0xd, 0x4}]}, 0x7c}}, 0x40000)

2.18136263s ago: executing program 2 (id=1271):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000ec0)={'batadv0\x00', <r1=>0x0})
r2 = syz_genetlink_get_family_id$batadv(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_BLA_BACKBONE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000440)={0x1c, r2, 0x303, 0x4000, 0x25dfdbfe, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x8050}, 0x4000)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), r0)

2.119610737s ago: executing program 0 (id=1272):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @multicast})
write$tun(r0, &(0x7f0000000180)=ANY=[@ANYBLOB="000086dd0500560008005400000060ec970001983a00fc000018c6ba35000000000000000700ff020000000000000000000000000001000000000000000000000000000000000000000000000000860090780000000000000000000000000000ee3f000000002b036f8c006e75021d683910c3090b3188a7c747eb2278a273c1b80029442911892704", @ANYRES32], 0xfdef)

1.834575265s ago: executing program 4 (id=1273):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000005c0), 0xffffffffffffffff)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(r2, 0x8933, &(0x7f00000007c0)={'wpan0\x00', <r3=>0x0})
sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f0000000700)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000640)={0x2c, r1, 0xa11, 0x70bd28, 0x25dfdbfd, {}, [@NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r3}, @NL802154_ATTR_PAGE={0x5, 0x7, 0x13}]}, 0x2c}, 0x1, 0x0, 0x0, 0x80}, 0x40000)

1.784282012s ago: executing program 5 (id=1274):
syz_mount_image$nilfs2(&(0x7f0000000000), &(0x7f00000000c0)='./file2\x00', 0x3208c00, &(0x7f0000000340)=ANY=[], 0x1, 0xab6, &(0x7f0000000ec0)="$eJzs3U2MG1cBAOBn73qTTVLilIQuSWkTftry091ms4SfCJqqERJRU3GrVHGJ0rREpOEnlaBVJZJc6I1WVbhCEaciUQFCai8o6olLJRqJS0+FAweiIFXiAKWJ0drveccvdsfOZtf2+vukt88z79nvzezMeDwz770ATKxq8+/S0lwlhItvvHzkn/f8Y3Z5zoPtHPXm3+k0WQmh1oo650fvTrXia+89f6JbXAmLzb9pOjx6tf3erSGEc2FvuBTqYffFyy+9tfjIsfNHL+x7+9VDV9Zk4QEAYMJ869KhpV1/+8ueHe+/dtfhsKk9P52f1+P0ttA67z8cT/zT+X81dE5XCqFoJss3HUM1yzfVJV+xnFqWb7pH+TPZ59ba6Xs68m0qKX+qMK/bcsM4S9txPcyE+Y7panV+vvWbPDR/189U5s+cOv3k2SFVFLjl/n13CGGvMGhoNBo/aa7AEaiLINxsaGwf9hEIoCW/X3iDc/mVhdVpf9p0f+Vffaja/f1wC6z39q/88Sr/1+cdcbh1NurWlJYr7Ufb4nR+HyF/fmnQ/T99Xn4/otZnPXvdRxiX+wu96jm1zvW4Wb3qn28XG9XX4p2ytB6+nqUX95/8fzou/2Ogu/+s1/X/V2aHfq1zOexd3/Jua6/otSxnrT9/kFAb47pPYGgM5agDjIOV5+ZaGlFKz5/ry9M3laRvLkmfLUnfUpK+tSQdJtkfnvlZeLGy8js//00/6PWwdJ0tnfh+ZMD65NcjBy0/f+53UKstP3+eGEbZ68cfO/nlJx6/3Hr+v9Le/q/H7T39RKvHfetSzJCuF+bX1dvP/tc7y6n2yHd7Vp/bbsjfaJW4szNfZefK54TCceaGeswV3/WDG+rTzndn5+fXs3yzMWzO6pufn2zJ3pfOP9JxNa2v6Wx5a9lyzGT1SMeVHTHO6wE3I22P9VCpdnv+P22fc6FWefLU6ZMPxOm0nf55qrZpef7+4of+Zn3qDqzOyv7eff9P319zobP9z7b2/Fq1eFzYvjK/Ujwu1LP5i63J9m3yNP9AnE7fc9+Zmm3Onz/xvdNP3OqFhwl39tnnvnv89OmTP9wwLw6HVX7O7FislnTkHJX69PPig8ZIVMOLfl6UHTk26pODMDkWnnn6+wtnn33u/lNPH3/q5FMnzxw4ePDA4uLBrxxYWmie1y8Uz+6BjWTlS3/YNQEAAAAAAAAAAAD69aOjRy7/9c0vvdNq/7/S/i+1/09P/qb2/y9k7f/zdvKpVUBqB7ijS3pz3L3XO+sxk+WrxfDRrL47s3J2Ze/7WIzb4/jF9v+pvX3er2uqzx3Z/Lz/3pRvLpuf95cyk/VB0h4vMDbY/2ScvhDjXwUYosps99kx/tD+rX/7Qjt/6p9CvxTjKf3f0taQ+jFJ7b979euUjv871qGO3Hrr0Zxw2MsIdPevkR//s3Am3jvf1PDrGRqN4ddh9eHD17OwwUKjYRQPYDQMe/zPdN0zxWf+9M3NyyFlu/pQ5/Ey778UVmPUx59U/sYa/7M9/l1fx78uvat39PPc/+gK//3FlXcKxYbd/R5/8+VP/UDvLC+z6P1Yflr+e0N/5TdeycrPbwj16X9Z+Vv6LP+G5b+zrKTuIxl+EMtPq+2+T/VbfqvGlWpnPfLrxun+X37dOLmWLX/q23Pg5b/JgRqvx/JhkvUeZ7bfEWxHU7fxf6dHcPzfXvLnML4Yp9OBMD3nkH8jD1r/9HxF+h7YlX1+peT7bVzGKe5l0sf//WqMy/aHNP5v2h7rXaarhelal3U77tsKbDTvjvz9vzEL50agDoOGn45AHSYijMYY2MXQaDSG2pF3eeFb1qUek2rYvbgP++7zsMsf9vovk4//m5/D5+P/VrMfEPn4v/n78/F/8/R8fL08fUsspJLlS/Lxf/P0O7LPza9gz5Wkf7wkfXdJ+p6V9Nks/RvFevZ6/ydK0veVpN9Vkn53SfrtJelTJemfLkn/TEn6PSXp95Wkf7YkfaNrtkcp7FSTtvwwyfL2efZ/mBzp/k+v/X9nSTowvn7+2v6HH//9t+ut9v8z7d9r6T7e4Thdi7+dfxyn8/veoTC9nPZmnP57lj7q1ztgkuT9Z+Tf7/eWpAPjKz3nZf+GCVTp3mNPfr+tV79Vvc7zGS+fi/HnY/yFGN8f4/kYL8R4f4wX16l+rI2Hf/fHQy9WVn7vb8/S+32ePG8PlPcTdaDP+uTXBwZ9nj3vx29Qqy3/JpuDAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADE21+Xdpaa4SwsU3Xj7y2LFTC8tzHmznqDf/Themau33hfBAjKdi/Mv44tp7z58oxtdjXAmLoRIq7fnh0avtkraGEM6FveFSqIfdFy+/9NbiI8fOH72w7+1XD11ZuzUAAAAAG9//AwAA//+1ERnn")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file2\x00', 0x105142, 0x2c)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x100000b, 0x2013, r0, 0x0)
pwritev2(r0, &(0x7f0000000400)=[{&(0x7f0000000040)="9a7fca", 0x3}], 0x1, 0xcc, 0x10001, 0x4)

1.759998462s ago: executing program 2 (id=1275):
r0 = socket(0x2, 0x80805, 0x0)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000280)={0x0, 0x1c, &(0x7f0000000000)=[@in6={0xa, 0x0, 0x0, @private0={0xfc, 0x0, '\x00', 0x1}, 0x9}]}, &(0x7f00000002c0)=0x10)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r1, 0x84, 0x83, &(0x7f0000000000)=@assoc_value={<r2=>0x0}, &(0x7f0000000300)=0x8)
getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000240)={r2, 0xc}, &(0x7f0000000400)=0x8)

1.488155172s ago: executing program 4 (id=1276):
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'lo\x00', <r1=>0x0})
bind$packet(r0, &(0x7f0000000180)={0x11, 0x4, r1, 0x1, 0xf, 0x6, @local}, 0x14)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000040)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x5, 0xb68, 0x560b0000, &(0x7f0000000000)="259a53f271a76d2673004c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

1.423889827s ago: executing program 0 (id=1277):
bind$bt_hci(0xffffffffffffffff, 0x0, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x101042, 0x15)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x3000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x6)
r3 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r3, 0xc0285700, &(0x7f0000000100)={0xfffffff8, "07bbfeb30c52d28881875bac175ccb0d6c446593aa7eaba9a256d98e03ab46af"})
r4 = socket(0xa, 0x1, 0x0)
setsockopt$inet6_group_source_req(r4, 0x29, 0x2c, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000680)={{r5, <r6=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)='%-5lx  \x00'}, 0x20)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000540)={r6, r5}, 0x4)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x3, 0x10, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r5}}]}, &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000003c0)={r7, 0x0, 0xb, 0x0, &(0x7f0000000340)="c1dfb080cd21d308098e00", 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$kcm(0xa, 0x2, 0x0)

1.388865326s ago: executing program 3 (id=1278):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x167)
mount$afs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB='dyn,'])
chdir(&(0x7f0000000640)='./file0\x00')
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x2000c2, 0xe8)
mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0)

1.181636716s ago: executing program 5 (id=1279):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x5000aea5, &(0x7f0000000040))

495.440172ms ago: executing program 0 (id=1280):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000180)={0xffffffffffffffff, 0xe0, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000004, 0x0, 0x29, 0x10, &(0x7f0000002e00), &(0x7f00000001c0), 0x8, 0x7c, 0x8, 0x0, 0x0}}, 0x10)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x7, 0x6, &(0x7f0000000000)=ANY=[@ANYBLOB="05000000000000007111ae00000000008510000002000000850000000500000095000000000000009500a50500000000"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000340)={r0, 0xe8, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)

412.4086ms ago: executing program 2 (id=1281):
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'ghash-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000200)="ad56b6cc0400aeb995298992ea5400c2", 0x10)
close_range(r0, 0xffffffffffffffff, 0x0)

412.22338ms ago: executing program 3 (id=1282):
syz_mount_image$hfs(&(0x7f00000007c0), &(0x7f0000000000)='./file1\x00', 0x30008c0, &(0x7f0000000980)=ANY=[@ANYBLOB="66696c655f756d61736b3d30303030303030303030303030303030303030373737372c6469725f756d61736b3d30303030303030303030303030303030303030303030302c696f636861727365743d69736f383835392d362c636f6465706167653d63703835352c63726561746f723d4ddd71752c00eeabc72a9832436950c6116498dda8be60a94746ea68766f63d1d63944fbda2a9337439b37b6f2a694ba98f40070d09c3890bd28a2018f1adfe1e0a630020a9cac1a43800a70a9328ddb2a2f2e207da7cd3caf243b39eaff4966b7aa97cb6cc7d2cfc59e7a976de0a00d23c7ffaaa056cc4f8bc7b4c0f9a21db642b3e832e30a90ba1b9e7933b77c60f6a1b9ca9128f0a2d0e23373c9d15c79865bae97ddd82b98001b6aa9c5390e4deaf5f0ee492c6842b1c08486e479a889491459a257e9d4083634dac6cd58520f72e6c2f11bbd5b03655bb1863b16f3", @ANYBLOB="11f4579be01e435c584a33c63f8173f96bc4546035804d47be19163bd9e589bfdd0a9e6804495a4e4d83804e78ac5a72446295afd79de3fd6a02932a26ab4045133c371e56b0d48544db3c7db23a432f837b93f89b6f223cd1f6731d407ffdb1dd9467f5cd2d6c4e8b9d4f50d338ac91501a4bb780c4723929e22f55254546facc4f0284e644e6", @ANYRES8, @ANYRESHEX=0x0], 0x11, 0x314, &(0x7f0000000b80)="$eJzs3U1rE08cB/Dv7KZN+m/pf7UVwYNINWAvovUiXiIlL8KTqE0KxSWitviAYBVPIvbu3aNXX4N4UQTP9eRJPHiqBxmZh2SfN6lmd1P9fsCy2dmZ/e3OzlPALIjon7Xa3n11/ov6JwAXLvDsIuAAaAA1AEdwtLHV29zY9LudvIJcHK+bXAImp0gcs9brpmVtwOawPPWphrnwPiqGlPLS56qDoMrp1i/d6M4Tuieo29apExsVxZfl8f6zfJsBsF1EMBMlv6bEHvZwD/OlhUNERBNJmPHdseP8nJ2/Ow7QtIOJSpu48f937VUdQOFkbmpo/NerLClUvf+vk4L1nl7CqXSnv0pMK+t17PNU7PM0zNMTmV2KYatKHYszs77hd8+s3fQ7Dp6gZYUOW9R/O/bxtCLR1hNFL6WsTXMMSpvJPESkzyhn9TVMqWtYMfHfBRCJfyH3jAUQ78QHcUV4eInOYP5Xk0JVk64pL1ZTJv6z2SXqq/TUUbDdRqvVciKHHNInOWbPYA25ygbcrDNO2zIjXxB4w+LUuQ7HcpmrOzck10JqrhW9vQwnI9diJJe6mvUN/232qUohXojLYglf8Qbt0PzfUfE1kWyZoYc+aDWiaYYCfcdV64zWbEitaXsiPXJsfdp9aPYnm8vgLiYbrPUjv0+jfXiO67iA+Tv3H9xwfb97W21c89XjqjcGe27N2Q2/O/UUCCdNyga2gz11SC1xcH9QKjOw5bEWqPqPlCTVsHrf+3tUKxtW4KM/jUf1A4XeutkRrmJ/G/2uazwFtt+P50HqTxsiST+llCU2oh17Z+JJ1XRLVK6g0kc7PmWqQwebqlJh1n/BeqVmJnvqj5c6Tx/xiwBbolRz7MEKLsgrzYwcwH85K7i0YjNXcMk1V2LNqNdcJ08Dp0Y/o2fj/EuINj7iKr//JyIiIiIiIiIiIiIiIiIiIiIiIiI6aMr4zzBVXyMRERERERERERERERERERERERERERER0UG32oD53Wv03/+L0d7/G38Vi2t+Enws7//d6YHv/yUq3q8AAAD///B/c8c=")
mkdirat(0xffffffffffffff9c, &(0x7f00000001c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x61c28c7771d1cf6b)
mremap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x4000, 0x3, &(0x7f0000146000/0x4000)=nil)
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x115)
getdents64(r0, &(0x7f0000000f80)=""/4096, 0x1000)

359.061627ms ago: executing program 4 (id=1283):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x9)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000000)={0x77774002, 0x12000, 0x2})
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r1, 0x4010ae68, &(0x7f00000003c0)={0xb000, 0x0, 0xfffffffe})

336.846197ms ago: executing program 5 (id=1284):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x6, 0xe, &(0x7f00000008c0)=ANY=[@ANYBLOB="b7020000ff0d0000bfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000006f6400000000000045040400010000001704000001000a00b7040000ff0100006a0a00fe0000000085000000bd000000b70000000000000095000000000000009e17f199a68b06d83298a8cdc21ce784909b849d5550ad857d0454d8877a6db61d69f2ffcaa10350e11cb97c8adf1bc9a0c4eeceb9971e43405d621ffbc9ce000000d8ca56b50d0c010d631f6dde53a9a53608c10556e5734eb84049761451ce540c772e2d9f8004e26f7fcc059c062234d5595f6fbaa187b81d1106000000000fd60000fd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7e43c5cbd80450f859ce8122a79c3e40000b59b0fc46d6cec3c0802882add4e3179bd4a44f231b6d753a7be428ba953df4aece69311687f4122073a236c3a32efa04137d4524847d2638da3261c8162bb7c7824be6195a66d2e17e122040e1100000000928612a29fc691e4f1f7bd053abb885f39381f1759410b1059f05684261f332d606834669b49ec99320ca7712d7e79bd5bf5ed818ecc7640917f6a559a47db608fcf9f6c131b84e41c354c66838f72b9e12d36e996f316f0812ca83efb30c7f6c6d57c4a64590401eec22523dd712c680013e87f649a1ede7142ca9d5d8a8c9f9b440fe4331ad5532c74d9a31a5d737537f7a2caa30581253d14dd3e92af7dc836686365ae01bdec561c0402b67801267a8df97d2f85426a5963d4fa3e26cc05972c162f223f000000d999e80de00fcbcc02d0aed7bb8f7ba337d59c14f39dcd4aad4139ef6425a9367f1bd1467fc6b95a4df7669839771ce9d5788029901e5a79d8b9990ace8f74087f25ad50c46088000000008000"/686], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x3a, 0x10, &(0x7f0000000340), 0xd58495bc, 0x0, 0xffffffffffffffff, 0xffffffffffffff5b}, 0x42)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000400)={'syz_tun\x00', <r2=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000380)={r0, r2, 0x25, 0x0, @val=@tcx}, 0x1c)
syz_emit_ethernet(0x4a, &(0x7f00000001c0)={@local, @random="1553ff41cf11", @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "4dda00", 0x14, 0x6, 0x0, @private1={0xfc, 0x1, '\x00', 0x2}, @local, {[], {{0x0, 0x4001, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0)

196.401226ms ago: executing program 2 (id=1285):
r0 = syz_open_dev$dri(&(0x7f00000002c0), 0x0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000020180)={'#! ', './file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'}, 0x1000a)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1, 0x10012, r1, 0x0)
ioctl$DRM_IOCTL_GET_UNIQUE(r0, 0xc0106401, &(0x7f0000000340)={0x58, 0x0})

104.875313ms ago: executing program 5 (id=1286):
r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000240)={&(0x7f0000000200)=[<r1=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANE(r0, 0xc02064b6, &(0x7f00000001c0)={r1, <r2=>0x0, <r3=>0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_SETCRTC(r0, 0xc06864a2, &(0x7f0000000900)={0x0, 0x0, r2, r3, 0x3, 0x9, 0x1, 0xd, {0xb, 0x3, 0x5, 0x454, 0x8000, 0x8, 0xfffd, 0x8, 0x9, 0x6, 0xd, 0x9, 0x5, 0x0, "33ae1b1330d057b30bd155493c0000439c2cd5aefac05307e012000600"}})

45.474508ms ago: executing program 3 (id=1287):
r0 = syz_open_dev$admmidi(&(0x7f0000000140), 0x20, 0x0)
ioctl$SNDRV_RAWMIDI_IOCTL_PARAMS(r0, 0xc0305710, &(0x7f0000000040)={0x1, 0x7f, 0x1f, 0x0, 0x83})
read$midi(r0, 0x0, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000), 0x80383, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f00000000c0), 0x84000, 0x0)

241.462µs ago: executing program 4 (id=1288):
r0 = syz_open_dev$usbfs(&(0x7f0000000240), 0x8000000000b, 0x101301)
ioctl$USBDEVFS_IOCTL(r0, 0xc0105512, &(0x7f0000000200))
ioctl$USBDEVFS_RELEASE_PORT(r0, 0x80045519, &(0x7f0000000100)=0xffffffff)
ioctl$USBDEVFS_IOCTL(r0, 0x80045505, &(0x7f0000000040)=@usbdevfs_connect={0xffffffff})
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0xe, &(0x7f0000000880)=ANY=[@ANYBLOB], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x9, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x8, &(0x7f00000001c0)={0x8, 0x1000000}, 0x8, 0x10, &(0x7f0000000040), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x8000}, 0x94)

0s ago: executing program 2 (id=1289):
r0 = syz_open_dev$mouse(&(0x7f00000000c0), 0x0, 0x2042)
r1 = syz_io_uring_setup(0x1e22, &(0x7f00000004c0)={0x0, 0x86f7, 0x10100}, &(0x7f0000002000)=<r2=>0x0, &(0x7f00000001c0)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0xb, 0x0, 0x0, 0x22})
io_uring_enter(r1, 0x48eb, 0xfffffffc, 0x2, 0x0, 0x0)
writev(r0, &(0x7f0000000540)=[{&(0x7f00000005c0)="f3", 0x1}], 0x1)

kernel console output (not intermixed with test programs):

 config 0 descriptor??
[  240.800079][ T8674] netlink: 68 bytes leftover after parsing attributes in process `syz.4.826'.
[  240.812404][ T8674] netlink: 48 bytes leftover after parsing attributes in process `syz.4.826'.
[  240.911609][ T5899] usbhid 1-1:0.0: can't add hid device: -71
[  240.917941][ T5899] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  240.937660][ T5899] usb 1-1: USB disconnect, device number 14
[  241.074592][ T8677] loop4: detected capacity change from 0 to 4096
[  241.097482][ T8677] ntfs3(loop4): Different NTFS sector size (2048) and media sector size (512).
[  241.200479][ T8669] loop2: detected capacity change from 0 to 32768
[  241.226522][ T8669] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.823 (8669)
[  241.280661][ T8669] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  241.291737][ T5844] Bluetooth: hci3: command 0x0401 tx timeout
[  241.299599][ T8669] BTRFS info (device loop2): using crc32c checksum algorithm
[  241.374735][ T8669] BTRFS info (device loop2): enabling ssd optimizations
[  241.406858][ T5956] usb 1-1: new full-speed USB device number 15 using dummy_hcd
[  241.419501][ T8669] BTRFS info (device loop2): turning on flush-on-commit
[  241.459215][ T8669] BTRFS info (device loop2): enabling free space tree
[  241.489532][ T8669] BTRFS info (device loop2): enabling auto defrag
[  241.524066][ T8669] BTRFS info (device loop2): use lzo compression, level 1
[  241.550085][ T8669] BTRFS info (device loop2): max_inline set to 4096
[  241.621828][ T5956] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  241.660914][ T5956] usb 1-1: New USB device found, idVendor=0e20, idProduct=0101, bcdDevice= 0.40
[  241.679791][ T5956] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  241.708881][ T5956] usb 1-1: config 0 descriptor??
[  241.741541][ T5956] input: USB Pegasus Device 0e20:0101 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/input/input16
[  241.874039][ T5846] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  242.004870][    C0] usb 1-1: unknown answer from device
[  242.010832][    C0] input input16: Pen battery low
[  242.365881][    C0] usb 1-1: pegasus_irq - nonzero urb status received: -71
[  242.373235][    C0] usb 1-1: pegasus_irq - nonzero urb status received: -71
[  242.380543][    C0] usb 1-1: pegasus_irq - nonzero urb status received: -71
[  242.387924][    C0] usb 1-1: pegasus_irq - nonzero urb status received: -71
[  242.395279][    C0] usb 1-1: pegasus_irq - nonzero urb status received: -71
[  242.402641][    C0] usb 1-1: pegasus_irq - nonzero urb status received: -71
[  242.410906][    C0] usb 1-1: pegasus_irq - nonzero urb status received: -71
[  242.419679][    C0] usb 1-1: pegasus_irq - nonzero urb status received: -71
[  242.427037][    C0] usb 1-1: pegasus_irq - nonzero urb status received: -71
[  242.435623][    C0] usb 1-1: pegasus_irq - nonzero urb status received: -71
[  242.435764][ T5197] usb 1-1: control msg error: -71
[  242.442937][    C0] usb 1-1: pegasus_irq - nonzero urb status received: -71
[  242.443124][    C0] usb 1-1: pegasus_irq - nonzero urb status received: -71
[  242.443307][    C0] usb 1-1: pegasus_irq - nonzero urb status received: -71
[  242.443489][    C0] usb 1-1: pegasus_irq - nonzero urb status received: -71
[  242.443669][    C0] usb 1-1: pegasus_irq - nonzero urb status received: -71
[  242.443857][    C0] usb 1-1: pegasus_irq - nonzero urb status received: -71
[  242.444051][    C0] usb 1-1: pegasus_irq - nonzero urb status received: -71
[  242.444246][    C0] usb 1-1: pegasus_irq - nonzero urb status received: -71
[  242.510398][    C0] usb 1-1: pegasus_irq - nonzero urb status received: -71
[  242.518543][    C0] usb 1-1: pegasus_irq - nonzero urb status received: -71
[  242.525842][    C0] usb 1-1: pegasus_irq - nonzero urb status received: -71
[  242.533131][    C0] usb 1-1: pegasus_irq - nonzero urb status received: -71
[  242.540408][    C0] usb 1-1: pegasus_irq - nonzero urb status received: -71
[  242.547687][    C0] usb 1-1: pegasus_irq - nonzero urb status received: -71
[  242.554949][    C0] usb 1-1: pegasus_irq - nonzero urb status received: -71
[  242.562240][    C0] usb 1-1: pegasus_irq - nonzero urb status received: -71
[  242.565528][    T0] NOHZ tick-stop error: local softirq work is pending, handler #42!!!
[  242.576618][    C0] usb 1-1: pegasus_irq - nonzero urb status received: -71
[  242.584740][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  242.593576][    C0] usb 1-1: pegasus_irq - nonzero urb status received: -71
[  242.600893][    C0] usb 1-1: pegasus_irq - nonzero urb status received: -71
[  242.608111][    T0] NOHZ tick-stop error: local softirq work is pending, handler #82!!!
[  242.616372][    C0] usb 1-1: pegasus_irq - nonzero urb status received: -71
[  242.623742][    C0] usb 1-1: pegasus_irq - nonzero urb status received: -71
[  242.631095][    C0] usb 1-1: pegasus_irq - nonzero urb status received: -71
[  242.638449][    C0] usb 1-1: pegasus_irq - nonzero urb status received: -71
[  242.645890][    C0] usb 1-1: pegasus_irq - nonzero urb status received: -71
[  242.653230][    C0] usb 1-1: pegasus_irq - nonzero urb status received: -71
[  242.660573][    C0] usb 1-1: pegasus_irq - nonzero urb status received: -71
[  242.676565][    C0] usb 1-1: pegasus_irq - nonzero urb status received: -71
[  242.684488][    C0] usb 1-1: pegasus_irq - nonzero urb status received: -71
[  242.691814][    C0] usb 1-1: pegasus_irq - nonzero urb status received: -71
[  242.699164][    C0] usb 1-1: pegasus_irq - nonzero urb status received: -71
[  242.706522][    C0] usb 1-1: pegasus_irq - nonzero urb status received: -71
[  242.713863][    C0] usb 1-1: pegasus_irq - nonzero urb status received: -71
[  242.721196][    C0] usb 1-1: pegasus_irq - nonzero urb status received: -71
[  242.728751][    C0] usb 1-1: pegasus_irq - nonzero urb status received: -71
[  242.736179][    C0] usb 1-1: pegasus_irq - nonzero urb status received: -71
[  242.743521][    C0] usb 1-1: pegasus_irq - nonzero urb status received: -71
[  242.750883][    C0] usb 1-1: pegasus_irq - nonzero urb status received: -71
[  242.758221][    C0] usb 1-1: pegasus_irq - nonzero urb status received: -71
[  242.765561][    C0] usb 1-1: pegasus_irq - nonzero urb status received: -71
[  242.774071][    C0] usb 1-1: pegasus_irq - nonzero urb status received: -71
[  242.781533][    C0] usb 1-1: pegasus_irq - nonzero urb status received: -71
[  242.789202][    C0] usb 1-1: pegasus_irq - nonzero urb status received: -71
[  242.796402][    C0] usb 1-1: pegasus_irq - usb_submit_urb failed with result -1
[  242.827579][    C1] usb 1-1: pegasus_irq - nonzero urb status received: -71
[  242.834902][ T5956] usb 1-1: USB disconnect, device number 15
[  242.834943][    C1] usb 1-1: pegasus_irq - nonzero urb status received: -71
[  242.847923][    C1] usb 1-1: pegasus_irq - usb_submit_urb failed with result -19
[  242.863516][ T5197] usb 1-1: control msg error: -71
[  243.101000][ T8682] loop3: detected capacity change from 0 to 32768
[  243.186360][ T5919] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[  243.199370][ T8682] XFS (loop3): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  243.238888][ T8714] loop4: detected capacity change from 0 to 4096
[  243.258847][ T8714] ntfs3(loop4): Different NTFS sector size (2048) and media sector size (512).
[  243.301723][ T8682] XFS (loop3): Ending clean mount
[  243.323981][ T8682] XFS (loop3): Quotacheck needed: Please wait.
[  243.338531][ T5919] usb 2-1: Using ep0 maxpacket: 32
[  243.357118][ T5919] usb 2-1: config 0 has an invalid interface number: 85 but max is 0
[  243.379339][ T5919] usb 2-1: config 0 has no interface number 0
[  243.386390][ T5919] usb 2-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  243.412493][ T5919] usb 2-1: config 0 interface 85 altsetting 7 endpoint 0x82 has invalid wMaxPacketSize 0
[  243.433769][ T5919] usb 2-1: config 0 interface 85 has no altsetting 0
[  243.448458][ T5919] usb 2-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[  243.458113][ T5919] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  243.473340][ T5919] usb 2-1: Product: syz
[  243.489737][ T5919] usb 2-1: Manufacturer: syz
[  243.503818][ T5919] usb 2-1: SerialNumber: syz
[  243.534872][ T5919] usb 2-1: config 0 descriptor??
[  243.777148][ T8682] XFS (loop3): Quotacheck: Done.
[  243.937249][ T5838] XFS (loop3): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  244.001699][ T5919] appletouch 2-1:0.85: Failed to request geyser raw mode
[  244.019876][ T8730] loop4: detected capacity change from 0 to 2048
[  244.023080][ T5919] appletouch 2-1:0.85: probe with driver appletouch failed with error -5
[  244.109435][ T5919] usb 2-1: USB disconnect, device number 14
[  244.234497][ T8730] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  244.302511][ T8722] loop0: detected capacity change from 0 to 40427
[  244.322621][ T8730] ext4 filesystem being mounted at /187/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  244.351592][ T8722] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  244.394542][ T8722] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  244.403720][ T8730] fs-verity (loop4, inode 13): fs-verity keyring is empty, rejecting signed file!
[  244.508663][ T5841] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  244.674753][ T8722] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  244.719255][ T8722] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  244.735702][ T8722] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  245.243061][ T8735] loop3: detected capacity change from 0 to 32768
[  245.430701][ T8742] loop1: detected capacity change from 0 to 32768
[  245.655806][ T5919] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  245.780375][ T8740] loop4: detected capacity change from 0 to 32768
[  245.828046][ T5919] usb 3-1: Using ep0 maxpacket: 32
[  245.852685][ T5919] usb 3-1: config 0 has an invalid interface number: 51 but max is 0
[  245.876159][ T5919] usb 3-1: config 0 has no interface number 0
[  245.887043][ T5919] usb 3-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  245.905520][ T5919] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  245.913692][ T5919] usb 3-1: Product: syz
[  245.919185][ T5919] usb 3-1: Manufacturer: syz
[  245.920721][ T8740] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  245.923923][ T5919] usb 3-1: SerialNumber: syz
[  245.942222][ T5919] usb 3-1: config 0 descriptor??
[  245.948239][ T8740] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  245.969890][ T5919] quatech2 3-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  246.116394][ T8756] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  246.172335][ T8740] gfs2: fsid=syz:syz.0: journal 0 mapped with 3 extents in 0ms
[  246.180806][ T5919] usb 3-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[  246.231580][ T5919] usb 3-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[  246.235471][ T5899] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  246.270697][ T5899] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  246.475628][  T809] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[  246.520580][ T5899] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 249ms
[  246.547817][ T5899] gfs2: fsid=syz:syz.0: jid=0: Done
[  246.567250][ T8740] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  246.635831][  T809] usb 4-1: Using ep0 maxpacket: 32
[  246.647181][    C1] usb 3-1: qt2_read_bulk_callback - non-zero urb status: -71
[  246.665897][ T5919] usb 3-1: USB disconnect, device number 14
[  246.678674][  T809] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x8C has invalid maxpacket 1536, setting to 1024
[  246.696011][  T809] usb 4-1: config 1 interface 0 altsetting 0 bulk endpoint 0x8C has invalid maxpacket 1024
[  246.708028][ T5919] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[  246.740019][  T809] usb 4-1: string descriptor 0 read error: -22
[  246.746784][ T5919] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[  246.764381][  T809] usb 4-1: New USB device found, idVendor=1430, idProduct=474b, bcdDevice= 0.40
[  246.782648][ T5919] quatech2 3-1:0.51: device disconnected
[  246.788552][  T809] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  246.811016][ T8759] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  246.832937][  T809] usb 4-1: Quirk or no altset; falling back to MIDI 1.0
[  246.860256][  T809] usb 4-1: MIDIStreaming interface descriptor not found
[  246.952990][ T8740] gfs2: fsid=syz:syz.0: found 1 quota changes
[  247.219575][  T809] usb 4-1: USB disconnect, device number 16
[  248.093292][ T8782] Bluetooth: hci3: Opcode 0x0401 failed: -4
[  248.133967][ T8786] loop1: detected capacity change from 0 to 1024
[  248.261838][ T8790] loop0: detected capacity change from 0 to 256
[  248.279851][ T8790] exfat: Deprecated parameter 'namecase'
[  248.318558][ T8786] hfsplus: b-tree write err: -5, ino 2
[  248.355615][ T8790] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x11bbdf60, utbl_chksum : 0xe619d30d)
[  248.390970][ T8786] hfsplus: b-tree write err: -5, ino 26
[  248.503442][   T13] hfsplus: b-tree write err: -5, ino 25
[  248.511367][   T13] hfsplus: b-tree write err: -5, ino 4
[  248.520159][   T13] hfsplus: b-tree write err: -5, ino 2
[  248.554601][   T13] hfsplus: b-tree write err: -5, ino 26
[  248.572522][   T13] hfsplus: b-tree write err: -5, ino 27
[  249.645571][ T5844] Bluetooth: hci3: command 0x0401 tx timeout
[  250.229128][ T8821] netlink: 8 bytes leftover after parsing attributes in process `syz.1.868'.
[  250.266704][ T8821] netlink: 20 bytes leftover after parsing attributes in process `syz.1.868'.
[  251.079261][ T8826] Bluetooth: hci3: Opcode 0x0401 failed: -4
[  251.252466][ T8797] loop0: detected capacity change from 0 to 32768
[  251.300627][ T8797] XFS (loop0): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  251.377305][ T8840] loop1: detected capacity change from 0 to 256
[  251.384760][ T8839] loop4: detected capacity change from 0 to 128
[  251.421862][ T8797] XFS (loop0): Ending clean mount
[  251.451923][ T8839] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256
[  251.482149][ T8797] XFS (loop0): Quotacheck needed: Please wait.
[  251.507604][ T8842] loop2: detected capacity change from 0 to 64
[  251.630528][   T30] audit: type=1800 audit(1774272975.204:19): pid=8843 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.871" name="file1" dev="loop4" ino=94 res=0 errno=0
[  251.759764][ T8842] hfs: request for non-existent node 1025 in B*Tree
[  251.828881][ T8839] UDF-fs: error (device loop4): udf_bitmap_new_block: bitmap for partition 0 corrupted (block 264 marked as free, partition length is 40)
[  251.846005][ T8842] hfs: request for non-existent node 1025 in B*Tree
[  251.855626][ T8797] XFS (loop0): Quotacheck: Done.
[  251.927327][ T5840] XFS (loop0): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  252.356403][ T8850] loop2: detected capacity change from 0 to 8192
[  252.646897][ T5844] Bluetooth: hci3: command 0x0401 tx timeout
[  252.674277][ T8847] loop1: detected capacity change from 0 to 32768
[  252.693639][ T8858] loop4: detected capacity change from 0 to 128
[  252.733039][ T8847] JBD2: Ignoring recovery information on journal
[  252.748769][ T8848] loop3: detected capacity change from 0 to 32768
[  252.804766][ T8848] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.875 (8848)
[  252.956846][ T8847] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  252.996827][ T8848] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  253.016407][ T8848] BTRFS info (device loop3): using sha256 checksum algorithm
[  253.226363][ T8848] BTRFS info (device loop3): rebuilding free space tree
[  253.372268][ T8848] BTRFS info (device loop3): disabling free space tree
[  253.377240][ T8888] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[  253.417093][ T8848] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  253.427909][ T8888] bond0: (slave ipvlan2): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  253.453266][ T5839] ocfs2: Unmounting device (7,1) on (node local)
[  253.454019][ T8848] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  253.541985][ T8848] BTRFS info (device loop3): enabling ssd optimizations
[  253.543369][ T8890] loop4: detected capacity change from 0 to 4096
[  253.559238][ T8848] BTRFS info (device loop3): turning on async discard
[  253.596531][ T8848] BTRFS info (device loop3): force clearing of disk cache
[  253.616713][ T8848] BTRFS info (device loop3): enabling auto defrag
[  253.631954][ T8848] BTRFS info (device loop3): max_inline set to 4096
[  253.675808][ T8891] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  254.096619][ T8900] loop1: detected capacity change from 0 to 256
[  254.156317][ T8900] exFAT-fs (loop1): failed to load upcase table (idx : 0x00012153, chksum : 0xc9bffc20, utbl_chksum : 0xe619d30d)
[  254.223119][ T5838] BTRFS info (device loop3): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  254.225800][ T8900] exFAT-fs (loop1): failed to test first cluster bit of root dir(5)
[  254.424564][   T30] audit: type=1800 audit(1774272977.994:20): pid=8900 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.887" name="file1" dev="loop1" ino=1048714 res=0 errno=0
[  255.099201][ T8895] XFS (loop2): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  255.230576][ T8895] XFS (loop2): Ending clean mount
[  255.620860][ T1316] ieee802154 phy0 wpan0: encryption failed: -22
[  255.627285][ T1316] ieee802154 phy1 wpan1: encryption failed: -22
[  255.635683][ T5846] XFS (loop2): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  255.693890][ T8938] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  256.906280][ T8936] NILFS error (device loop4): nilfs_dotdot: directory #12 missing '.'
[  256.983393][ T8936] Remounting filesystem read-only
[  257.189469][ T8960] set_capacity_and_notify: 3 callbacks suppressed
[  257.189489][ T8960] loop3: detected capacity change from 0 to 4096
[  257.299835][ T8960] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  257.525964][ T5899] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  257.697332][ T5899] usb 5-1: Using ep0 maxpacket: 8
[  257.723862][ T5838] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  257.730913][ T5899] usb 5-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c
[  257.771693][ T5899] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  257.799034][ T5899] usb 5-1: Product: syz
[  257.813525][ T5899] usb 5-1: Manufacturer: syz
[  257.830906][ T5899] usb 5-1: SerialNumber: syz
[  257.855205][ T5899] usb 5-1: config 0 descriptor??
[  257.896051][ T5899] gspca_main: se401-2.14.0 probing 047d:5003
[  258.152702][ T8973] loop2: detected capacity change from 0 to 8192
[  258.291822][ T5899] gspca_se401: ExtraFeatures: 7
[  258.392351][ T8980] netlink: 4 bytes leftover after parsing attributes in process `syz.1.913'.
[  258.506879][ T5899] input: se401 as /devices/platform/dummy_hcd.4/usb5/5-1/input/input18
[  258.595147][ T5899] usb 5-1: USB disconnect, device number 18
[  258.691748][ T8983] loop3: detected capacity change from 0 to 4096
[  258.861086][ T8993] loop2: detected capacity change from 0 to 512
[  258.902054][ T8993] EXT4-fs: Ignoring removed mblk_io_submit option
[  259.024525][ T8993] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  259.137233][ T8993] ext4 filesystem being mounted at /163/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  259.188819][  T809] kernel read not supported for file /dsp1 (pid: 809 comm: kworker/1:2)
[  259.291657][ T8993] EXT4-fs (loop2): shut down requested (1)
[  259.430449][ T5846] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  259.599077][ T9008] loop1: detected capacity change from 0 to 128
[  259.696831][ T8992] loop0: detected capacity change from 0 to 32768
[  259.820755][   T30] audit: type=1800 audit(1774272983.394:21): pid=8992 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.919" name="file1" dev="loop0" ino=7 res=0 errno=0
[  260.606483][   T30] audit: type=1804 audit(1774272984.174:22): pid=8992 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.919" name="/newroot/190/file0/file0" dev="loop0" ino=7 res=1 errno=0
[  260.893083][ T9021] loop4: detected capacity change from 0 to 256
[  260.905922][ T1224] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[  260.915754][  T809] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[  261.075796][  T809] usb 2-1: Using ep0 maxpacket: 32
[  261.095533][ T1224] usb 3-1: Using ep0 maxpacket: 16
[  261.109470][  T809] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  261.119604][ T1224] usb 3-1: config 0 has no interfaces?
[  261.121393][ T9025] loop4: detected capacity change from 0 to 128
[  261.137351][ T1224] usb 3-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  261.142522][  T809] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  261.156738][ T1224] usb 3-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  261.172535][  T809] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2d51, bcdDevice= 0.00
[  261.184057][  T809] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  261.185772][ T1224] usb 3-1: Manufacturer: syz
[  261.201458][ T9025] FAT-fs (loop4): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[  261.214658][  T809] usb 2-1: config 0 descriptor??
[  261.240893][ T1224] usb 3-1: config 0 descriptor??
[  261.444197][ T9029] loop0: detected capacity change from 0 to 256
[  261.564904][ T1224] usb 3-1: USB disconnect, device number 15
[  261.697556][  T809] koneplus 0003:1E7D:2D51.0011: hidraw0: USB HID v0.00 Device [HID 1e7d:2d51] on usb-dummy_hcd.1-1/input0
[  261.743406][ T9035] input: syz1 as /devices/virtual/input/input19
[  261.854902][ T9043] Freezing with imperfect legacy cgroup freezer. See cgroup.freeze of cgroup v2
[  261.978352][ T9049] loop4: detected capacity change from 0 to 8
[  262.136045][ T5919] usb 2-1: USB disconnect, device number 15
[  262.144689][ T9054] EXT4-fs: Ignoring removed i_version option
[  262.262427][ T9054] EXT4-fs (loop0): 1 truncate cleaned up
[  262.291289][ T9054] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  262.373623][ T5840] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  263.373792][ T9058] set_capacity_and_notify: 1 callbacks suppressed
[  263.373812][ T9058] loop4: detected capacity change from 0 to 32768
[  263.401701][ T9058] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.942 (9058)
[  263.537506][ T9058] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  263.570050][ T9058] BTRFS info (device loop4): using sha256 checksum algorithm
[  264.661281][ T9087] loop0: detected capacity change from 0 to 131072
[  264.677045][ T9058] BTRFS info (device loop4): enabling ssd optimizations
[  264.679353][ T9087] F2FS-fs (loop0): invalid crc value
[  264.707238][ T9058] BTRFS info (device loop4): turning on async discard
[  264.714355][ T9058] BTRFS info (device loop4): enabling free space tree
[  264.771906][ T9075] loop3: detected capacity change from 0 to 32768
[  264.792291][ T9087] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  264.803863][ T9087] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4
[  264.962133][ T9075] JBD2: Ignoring recovery information on journal
[  265.102072][ T5841] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  265.164349][ T9075] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  265.267936][ T9109] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  266.126582][ T5838] ocfs2: Unmounting device (7,3) on (node local)
[  266.523750][ T1105] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  266.687393][ T9121] team0: No ports can be present during mode change
[  266.922633][   T51] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  266.942508][   T51] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  266.951677][   T51] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  266.968913][   T51] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  266.976998][   T51] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  267.096283][ T1105] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  267.470494][ T9116] loop4: detected capacity change from 0 to 32768
[  267.522702][ T9116] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  267.552195][ T1105] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  267.563681][ T9131] loop3: detected capacity change from 0 to 32768
[  267.587947][ T9116] XFS (loop4): Ending clean mount
[  267.596777][ T9123] loop0: detected capacity change from 0 to 32768
[  267.730367][ T5841] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  267.757857][ T1105] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  267.772635][ T9123] JBD2: Ignoring recovery information on journal
[  267.953299][ T9123] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  268.454443][ T9126] chnl_net:caif_netlink_parms(): no params data found
[  268.478314][ T5840] ocfs2: Unmounting device (7,0) on (node local)
[  268.838982][ T9133] loop2: detected capacity change from 0 to 40427
[  268.868240][ T9133] F2FS-fs (loop2): Wrong SIT boundary, start(1536) end(1) blocks(1024)
[  268.905797][ T9133] F2FS-fs (loop2): Can't find valid F2FS filesystem in 2th superblock
[  268.934233][ T9133] F2FS-fs (loop2): invalid crc value
[  269.048043][   T51] Bluetooth: hci1: command tx timeout
[  269.217004][ T9126] bridge0: port 1(bridge_slave_0) entered blocking state
[  269.244601][ T9126] bridge0: port 1(bridge_slave_0) entered disabled state
[  269.272166][ T9126] bridge_slave_0: entered allmulticast mode
[  269.275327][ T9133] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  269.301897][ T9126] bridge_slave_0: entered promiscuous mode
[  269.321030][ T9133] F2FS-fs (loop2): Try to recover 2th superblock, ret: 0
[  269.324197][ T9126] bridge0: port 2(bridge_slave_1) entered blocking state
[  269.347805][ T9133] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  269.351752][ T9126] bridge0: port 2(bridge_slave_1) entered disabled state
[  269.374037][ T9126] bridge_slave_1: entered allmulticast mode
[  269.393637][ T9126] bridge_slave_1: entered promiscuous mode
[  269.488092][ T9149] loop4: detected capacity change from 0 to 32768
[  269.529511][ T5846] syz-executor: attempt to access beyond end of device
[  269.529511][ T5846] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  269.577877][ T5846] CPU: 1 UID: 0 PID: 5846 Comm: syz-executor Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  269.577909][ T5846] Tainted: [L]=SOFTLOCKUP
[  269.577916][ T5846] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  269.577941][ T5846] Call Trace:
[  269.577949][ T5846]  <TASK>
[  269.577958][ T5846]  dump_stack_lvl+0xe8/0x150
[  269.577994][ T5846]  f2fs_handle_critical_error+0x37c/0x540
[  269.578027][ T5846]  f2fs_write_end_io+0x1274/0x1740
[  269.578073][ T5846]  __submit_merged_bio+0x256/0x6a0
[  269.578103][ T5846]  __submit_merged_write_cond+0x3c9/0x4e0
[  269.578135][ T5846]  ? __pfx___submit_merged_write_cond+0x10/0x10
[  269.578182][ T5846]  f2fs_write_data_pages+0x287e/0x34f0
[  269.578208][ T5846]  ? __lock_acquire+0x6b5/0x2cf0
[  269.578269][ T5846]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  269.578309][ T5846]  ? __pfx_css_rstat_updated+0x10/0x10
[  269.578366][ T5846]  ? mod_memcg_lruvec_state+0x208/0x220
[  269.578394][ T5846]  ? lru_gen_update_size+0x7c7/0xd10
[  269.578428][ T5846]  ? __lock_acquire+0x6b5/0x2cf0
[  269.578481][ T5846]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  269.578511][ T5846]  do_writepages+0x32e/0x550
[  269.578544][ T5846]  ? do_raw_spin_unlock+0xf5/0x210
[  269.578571][ T5846]  filemap_fdatawrite+0x1e9/0x2f0
[  269.578596][ T5846]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  269.578664][ T5846]  ? do_raw_spin_unlock+0xf5/0x210
[  269.578691][ T5846]  f2fs_sync_dirty_inodes+0x30e/0x830
[  269.578726][ T5846]  f2fs_write_checkpoint+0x9df/0x26a0
[  269.578778][ T5846]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  269.578839][ T5846]  ? kfree+0x1c5/0x640
[  269.578865][ T5846]  ? f2fs_stop_gc_thread+0x7f/0xb0
[  269.578894][ T5846]  kill_f2fs_super+0x314/0x720
[  269.578919][ T5846]  ? __pfx_kill_f2fs_super+0x10/0x10
[  269.578951][ T5846]  ? lockdep_hardirqs_on+0x7a/0x110
[  269.578990][ T5846]  deactivate_locked_super+0xbc/0x130
[  269.579021][ T5846]  cleanup_mnt+0x437/0x4d0
[  269.579041][ T5846]  ? _raw_spin_unlock_irq+0x23/0x50
[  269.579074][ T5846]  task_work_run+0x1d9/0x270
[  269.579101][ T5846]  ? __pfx_task_work_run+0x10/0x10
[  269.579136][ T5846]  exit_to_user_mode_loop+0xed/0x480
[  269.579162][ T5846]  ? rcu_is_watching+0x15/0xb0
[  269.579186][ T5846]  do_syscall_64+0x32d/0xf80
[  269.579210][ T5846]  ? trace_irq_disable+0x3b/0x140
[  269.579232][ T5846]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  269.579251][ T5846]  ? clear_bhb_loop+0x40/0x90
[  269.579275][ T5846]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  269.579295][ T5846] RIP: 0033:0x7f252119d9d7
[  269.579314][ T5846] Code: a2 c7 05 1c fd 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8
[  269.579331][ T5846] RSP: 002b:00007ffc2372b368 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  269.579352][ T5846] RAX: 0000000000000000 RBX: 00007f2521232050 RCX: 00007f252119d9d7
[  269.579366][ T5846] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffc2372b420
[  269.579378][ T5846] RBP: 00007ffc2372b420 R08: 00007ffc2372c420 R09: 00000000ffffffff
[  269.579392][ T5846] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffc2372c4b0
[  269.579405][ T5846] R13: 00007f2521232050 R14: 0000000000041c8c R15: 00007ffc2372c4f0
[  269.579437][ T5846]  </TASK>
[  269.582761][ T5846] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  269.713830][ T9149] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  269.767354][ T9126] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  269.876474][ T9149] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  269.904088][ T9126] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  270.074557][ T9163] loop0: detected capacity change from 0 to 32768
[  270.108862][ T9163] XFS (loop0): Mounting V5 Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[  270.244781][ T9163] XFS (loop0): Ending clean mount
[  270.277124][ T9149] gfs2: fsid=syz:syz.0: journal 0 mapped with 1 extents in 1ms
[  270.299227][ T5919] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  270.302514][ T1105] bridge_slave_1: left allmulticast mode
[  270.306162][ T5919] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  270.312108][ T1105] bridge_slave_1: left promiscuous mode
[  270.337416][ T1105] bridge0: port 2(bridge_slave_1) entered disabled state
[  270.387997][ T1105] bridge_slave_0: left allmulticast mode
[  270.397909][ T1105] bridge_slave_0: left promiscuous mode
[  270.404866][ T1105] bridge0: port 1(bridge_slave_0) entered disabled state
[  270.453580][ T5919] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 147ms
[  270.464517][ T5919] gfs2: fsid=syz:syz.0: jid=0: Done
[  270.470658][ T9149] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  270.578422][ T5840] XFS (loop0): Unmounting Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[  271.154397][   T51] Bluetooth: hci1: command tx timeout
[  271.206958][ T9180] slcan: can't register candev
[  271.237803][ T6002] usb 4-1: new high-speed USB device number 17 using dummy_hcd
[  271.368545][ T1105] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  271.397663][ T6002] usb 4-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  271.413865][ T1105] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  271.435808][ T6002] usb 4-1: config 0 interface 0 has no altsetting 0
[  271.457476][ T6002] usb 4-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  271.472326][ T1105] bond0 (unregistering): Released all slaves
[  271.475932][ T6002] usb 4-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  271.512679][ T6002] usb 4-1: Product: syz
[  271.523541][ T6002] usb 4-1: Manufacturer: syz
[  271.535504][ T6002] usb 4-1: SerialNumber: syz
[  271.560575][ T6002] usb 4-1: config 0 descriptor??
[  271.592704][ T6002] usb 4-1: selecting invalid altsetting 0
[  271.604698][ T9126] team0: Port device team_slave_0 added
[  271.690531][ T9126] team0: Port device team_slave_1 added
[  271.916872][ T6002] usb 4-1: USB disconnect, device number 17
[  272.148650][ T9191] loop0: detected capacity change from 0 to 40427
[  272.172227][ T9191] F2FS-fs (loop0): build fault injection rate: 771
[  272.203035][ T9191] F2FS-fs (loop0): invalid crc value
[  272.399098][ T9126] batman_adv: batadv0: Adding interface: batadv_slave_0
[  272.412980][ T9126] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  272.444240][ T9191] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  272.463200][ T9191] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  272.495783][ T9126] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  272.548243][ T9126] batman_adv: batadv0: Adding interface: batadv_slave_1
[  272.563142][ T9126] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  272.603262][ T9195] loop4: detected capacity change from 0 to 32768
[  272.638036][ T5840] syz-executor: attempt to access beyond end of device
[  272.638036][ T5840] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  272.652001][ T9126] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  272.675906][ T5840] CPU: 0 UID: 0 PID: 5840 Comm: syz-executor Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  272.675939][ T5840] Tainted: [L]=SOFTLOCKUP
[  272.675946][ T5840] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  272.675957][ T5840] Call Trace:
[  272.675964][ T5840]  <TASK>
[  272.675972][ T5840]  dump_stack_lvl+0xe8/0x150
[  272.676006][ T5840]  f2fs_handle_critical_error+0x37c/0x540
[  272.676039][ T5840]  f2fs_write_end_io+0x1274/0x1740
[  272.676081][ T5840]  __submit_merged_bio+0x256/0x6a0
[  272.676114][ T5840]  __submit_merged_write_cond+0x3c9/0x4e0
[  272.676148][ T5840]  ? __pfx___submit_merged_write_cond+0x10/0x10
[  272.676200][ T5840]  f2fs_write_data_pages+0x287e/0x34f0
[  272.676228][ T5840]  ? __lock_acquire+0x6b5/0x2cf0
[  272.676290][ T5840]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  272.676331][ T5840]  ? __pfx_css_rstat_updated+0x10/0x10
[  272.676356][ T5840]  ? is_bpf_text_address+0x26/0x2b0
[  272.676414][ T5840]  ? __lock_acquire+0x6b5/0x2cf0
[  272.676458][ T5840]  ? __lock_acquire+0x6b5/0x2cf0
[  272.676495][ T5840]  ? do_raw_spin_lock+0x12b/0x2f0
[  272.676535][ T5840]  ? do_raw_spin_unlock+0xf5/0x210
[  272.676559][ T5840]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  272.676587][ T5840]  do_writepages+0x32e/0x550
[  272.676620][ T5840]  ? do_raw_spin_unlock+0xf5/0x210
[  272.676649][ T5840]  filemap_fdatawrite+0x1e9/0x2f0
[  272.676677][ T5840]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  272.676744][ T5840]  ? do_raw_spin_unlock+0xf5/0x210
[  272.676770][ T5840]  f2fs_sync_dirty_inodes+0x30e/0x830
[  272.676805][ T5840]  f2fs_write_checkpoint+0x9df/0x26a0
[  272.676865][ T5840]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  272.676929][ T5840]  ? kfree+0x1c5/0x640
[  272.676954][ T5840]  ? f2fs_stop_gc_thread+0x7f/0xb0
[  272.676986][ T5840]  kill_f2fs_super+0x314/0x720
[  272.677012][ T5840]  ? __pfx_kill_f2fs_super+0x10/0x10
[  272.677045][ T5840]  ? lockdep_hardirqs_on+0x7a/0x110
[  272.677086][ T5840]  deactivate_locked_super+0xbc/0x130
[  272.677117][ T5840]  cleanup_mnt+0x437/0x4d0
[  272.677136][ T5840]  ? _raw_spin_unlock_irq+0x23/0x50
[  272.677162][ T5840]  task_work_run+0x1d9/0x270
[  272.677190][ T5840]  ? __pfx_task_work_run+0x10/0x10
[  272.677226][ T5840]  exit_to_user_mode_loop+0xed/0x480
[  272.677248][ T5840]  ? rcu_is_watching+0x15/0xb0
[  272.677271][ T5840]  do_syscall_64+0x32d/0xf80
[  272.677294][ T5840]  ? trace_irq_disable+0x3b/0x140
[  272.677316][ T5840]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  272.677335][ T5840]  ? clear_bhb_loop+0x40/0x90
[  272.677357][ T5840]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  272.677375][ T5840] RIP: 0033:0x7f270439d9d7
[  272.677394][ T5840] Code: a2 c7 05 1c fd 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8
[  272.677410][ T5840] RSP: 002b:00007fffba11b168 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  272.677431][ T5840] RAX: 0000000000000000 RBX: 00007f2704432050 RCX: 00007f270439d9d7
[  272.677444][ T5840] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fffba11b220
[  272.677456][ T5840] RBP: 00007fffba11b220 R08: 00007fffba11c220 R09: 00000000ffffffff
[  272.677470][ T5840] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fffba11c2b0
[  272.677482][ T5840] R13: 00007f2704432050 R14: 00000000000428bd R15: 00007fffba11c2f0
[  272.677515][ T5840]  </TASK>
[  272.678836][ T5840] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  273.054915][ T9216] loop2: detected capacity change from 0 to 128
[  273.121186][ T9195] XFS (loop4): Mounting V5 Filesystem ed37bf6e-74ea-4e01-afba-5fee274b0f3a
[  273.205528][   T51] Bluetooth: hci1: command tx timeout
[  273.251670][ T9195] XFS (loop4): Ending clean mount
[  273.450471][ T9216] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; going on - but anything won't be destroyed because it's read-only
[  273.523828][ T9216] hpfs: filesystem error: improperly stopped
[  273.555738][ T5841] XFS (loop4): Unmounting Filesystem ed37bf6e-74ea-4e01-afba-5fee274b0f3a
[  273.578523][ T9216] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  273.605468][ T9216] hpfs: Proceeding, but your filesystem could be corrupted if you delete files or directories
[  273.620410][ T9126] hsr_slave_0: entered promiscuous mode
[  273.632744][ T9216] hpfs: You really don't want any checks? You are crazy...
[  273.649094][ T9216] hpfs: hpfs_map_sector(): read error
[  273.654935][ T9216] hpfs: code page support is disabled
[  273.660715][ T9216] hpfs: hpfs_map_4sectors(): unaligned read
[  273.666845][ T9216] hpfs: hpfs_map_4sectors(): unaligned read
[  273.681548][ T9126] hsr_slave_1: entered promiscuous mode
[  273.687208][ T9216] hpfs: filesystem error: unable to find root dir
[  273.754274][ T9126] debugfs: 'hsr0' already exists in 'hsr'
[  273.805529][ T9126] Cannot create hsr debugfs directory
[  273.838755][ T9216] hpfs: hpfs_map_4sectors(): unaligned read
[  274.205271][ T1105] hsr_slave_0: left promiscuous mode
[  274.246092][ T1105] hsr_slave_1: left promiscuous mode
[  274.263176][ T1105] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  274.301067][ T1105] batman_adv: batadv0: Removing interface: batadv_slave_0
[  274.340937][ T1105] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  274.383850][ T1105] batman_adv: batadv0: Removing interface: batadv_slave_1
[  274.527153][ T1105] veth1_macvtap: left promiscuous mode
[  274.536789][ T1105] veth0_macvtap: left promiscuous mode
[  274.546833][ T1105] veth1_vlan: left promiscuous mode
[  274.570637][ T5898] usb 4-1: new low-speed USB device number 18 using dummy_hcd
[  274.579200][ T1105] veth0_vlan: left promiscuous mode
[  274.606279][ T9240] loop4: detected capacity change from 0 to 256
[  274.689097][ T9240] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x25fbf2c1, utbl_chksum : 0xe619d30d)
[  274.759690][ T5898] usb 4-1: config 0 has an invalid interface number: 1 but max is 0
[  274.800964][ T5898] usb 4-1: config 0 has no interface number 0
[  274.829445][ T5898] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  274.893300][ T5898] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8
[  274.920753][ T5898] usb 4-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  274.967660][ T5898] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  275.001292][ T5898] usb 4-1: config 0 descriptor??
[  275.035877][ T9233] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  275.071865][ T5898] iowarrior 4-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  275.280103][ T1224] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[  275.287803][   T51] Bluetooth: hci1: command tx timeout
[  275.330049][  T809] usb 4-1: USB disconnect, device number 18
[  275.336408][    C1] iowarrior 4-1:0.1: iowarrior_callback - usb_submit_urb failed with result -19
[  275.476395][ T1224] usb 3-1: Using ep0 maxpacket: 16
[  275.496354][ T1224] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  275.533162][ T1224] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  275.580756][ T1224] usb 3-1: New USB device found, idVendor=056a, idProduct=0084, bcdDevice= 0.00
[  275.615512][ T1224] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  275.661655][ T1224] usb 3-1: config 0 descriptor??
[  275.800008][ T1105] team0 (unregistering): Port device team_slave_1 removed
[  275.892367][ T1105] team0 (unregistering): Port device team_slave_0 removed
[  276.294229][ T9270] loop0: detected capacity change from 0 to 32768
[  276.313702][ T1224] wacom 0003:056A:0084.0012: unbalanced delimiter at end of report description
[  276.326379][ T1224] wacom 0003:056A:0084.0012: parse failed
[  276.332261][ T1224] wacom 0003:056A:0084.0012: probe with driver wacom failed with error -22
[  276.345748][ T1224] usb 3-1: USB disconnect, device number 16
[  276.361059][ T9270] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  276.369325][ T9270] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  276.519725][ T9270] gfs2: fsid=syz:syz.0: journal 0 mapped with 3 extents in 0ms
[  276.534276][ T5898] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  276.550038][ T5898] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  276.748419][ T5898] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 198ms
[  276.775154][ T5898] gfs2: fsid=syz:syz.0: jid=0: Done
[  276.794194][ T9270] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  277.227407][ T9270] gfs2: fsid=syz:syz.0: found 1 quota changes
[  277.940289][ T9300] loop4: detected capacity change from 0 to 4096
[  278.064958][ T9126] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  278.148385][ T9126] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  278.221110][ T9126] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  278.265073][ T9126] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  278.852670][ T9126] 8021q: adding VLAN 0 to HW filter on device bond0
[  278.961410][ T9126] 8021q: adding VLAN 0 to HW filter on device team0
[  279.009601][ T1115] bridge0: port 1(bridge_slave_0) entered blocking state
[  279.016834][ T1115] bridge0: port 1(bridge_slave_0) entered forwarding state
[  279.075626][ T1105] bridge0: port 2(bridge_slave_1) entered blocking state
[  279.082846][ T1105] bridge0: port 2(bridge_slave_1) entered forwarding state
[  279.138643][ T9302] loop3: detected capacity change from 0 to 32768
[  279.198531][ T9302] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  279.240628][ T9302] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  279.533640][ T9343] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1014'.
[  279.573500][ T9302] gfs2: fsid=syz:syz.0: journal 0 mapped with 3 extents in 0ms
[  279.603873][ T5898] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  279.623547][ T9324] loop0: detected capacity change from 0 to 40427
[  279.626723][ T5898] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  279.670165][ T9324] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  279.739940][ T9324] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  279.778383][ T9329] loop4: detected capacity change from 0 to 32768
[  279.801135][ T9329] btrfs: Deprecated parameter 'usebackuproot'
[  279.808655][ T9324] F2FS-fs (loop0): invalid crc value
[  279.841902][ T9329] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  279.883246][ T9329] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.1012 (9329)
[  279.974242][ T5898] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 347ms
[  279.999372][ T9329] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  280.013367][ T5898] gfs2: fsid=syz:syz.0: jid=0: Done
[  280.038734][ T9302] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  280.053970][ T9329] BTRFS info (device loop4): using crc32c checksum algorithm
[  280.064504][ T9126] 8021q: adding VLAN 0 to HW filter on device batadv0
[  280.110000][ T9324] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  280.192090][  T681] BTRFS warning (device loop4): checksum verify failed on logical 5337088 mirror 1 wanted 0xe63dbdda found 0xc926492d level 0
[  280.209157][ T9324] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  280.219073][ T9329] BTRFS error (device loop4): failed to load root extent
[  280.255072][ T9324] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  280.267818][ T9329] BTRFS warning (device loop4): try to load backup roots slot 1
[  280.317130][ T1105] BTRFS warning (device loop4): checksum verify failed on logical 5324800 mirror 1 wanted 0x9f73850b found 0x80379423 level 0
[  280.358557][ T9329] BTRFS warning (device loop4): couldn't read tree root
[  280.375595][ T9329] BTRFS warning (device loop4): try to load backup roots slot 2
[  280.393957][   T58] BTRFS error (device loop4): level verify failed on logical 5255168 mirror 1 wanted 0 found 1
[  280.419262][ T9378] loop2: detected capacity change from 0 to 256
[  280.441901][ T9329] BTRFS warning (device loop4): couldn't read tree root
[  280.468373][ T9329] BTRFS warning (device loop4): try to load backup roots slot 3
[  280.507091][ T9378] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1016'.
[  280.552274][ T9329] BTRFS info (device loop4): rebuilding free space tree
[  280.795140][ T9302] gfs2: fsid=syz:syz.0: found 1 quota changes
[  280.814754][ T9329] BTRFS info (device loop4): checking UUID tree
[  280.853456][ T9329] BTRFS info (device loop4): enabling ssd optimizations
[  280.869188][ T9329] BTRFS info (device loop4): turning on sync discard
[  280.882954][ T9329] BTRFS info (device loop4): enabling free space tree
[  280.918405][ T9329] BTRFS info (device loop4): force clearing of disk cache
[  280.952040][ T9329] BTRFS info (device loop4): enabling auto defrag
[  280.962287][ T9329] BTRFS info (device loop4): trying to use backup root at mount time
[  280.974297][ T9329] BTRFS info (device loop4): use zstd compression, level 3
[  281.076795][ T6002] usb 3-1: new high-speed USB device number 17 using dummy_hcd
[  281.167566][ T5841] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  281.239760][ T9126] veth0_vlan: entered promiscuous mode
[  281.265840][ T9126] veth1_vlan: entered promiscuous mode
[  281.277527][ T6002] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  281.299513][ T6002] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  281.323656][ T6002] usb 3-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  281.347121][ T6002] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  281.399345][ T9126] veth0_macvtap: entered promiscuous mode
[  281.436811][ T6002] usb 3-1: config 0 descriptor??
[  281.484974][ T9126] veth1_macvtap: entered promiscuous mode
[  281.652275][ T9126] batman_adv: batadv0: Interface activated: batadv_slave_0
[  281.722684][ T9126] batman_adv: batadv0: Interface activated: batadv_slave_1
[  281.817303][ T3507] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  281.859822][ T3507] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  281.917867][ T6002] keytouch 0003:0926:3333.0013: fixing up Keytouch IEC report descriptor
[  281.941225][ T3507] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  281.993734][ T6002] input: HID 0926:3333 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:0926:3333.0013/input/input20
[  281.994537][ T9405] loop3: detected capacity change from 0 to 2048
[  282.013709][ T3507] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  282.159168][ T9405] UDF-fs: error (device loop3): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  282.252501][ T9405] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  282.381269][   T30] audit: type=1800 audit(1774273005.944:23): pid=9405 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1019" name="file0" dev="loop3" ino=1368 res=0 errno=0
[  282.467007][ T5956] usb 1-1: new high-speed USB device number 16 using dummy_hcd
[  282.544248][ T6002] keytouch 0003:0926:3333.0013: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.2-1/input0
[  282.629496][ T6002] usb 3-1: USB disconnect, device number 17
[  282.632547][   T58] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  282.657624][ T9416] loop4: detected capacity change from 0 to 1024
[  282.665607][ T5956] usb 1-1: Using ep0 maxpacket: 16
[  282.667115][   T58] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  282.677484][ T5956] usb 1-1: New USB device found, idVendor=0471, idProduct=0327, bcdDevice=61.a4
[  282.689038][ T9416] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  282.715820][ T5956] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  282.772467][ T9416] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  282.800362][ T5956] usb 1-1: config 0 descriptor??
[  282.848609][ T5956] gspca_main: sonixj-2.14.0 probing 0471:0327
[  282.864604][ T9419] fido_id[9419]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/3-1/report_descriptor': No such file or directory
[  282.924433][ T9416] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  283.101041][ T5841] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  283.212123][ T9429] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  283.220979][ T1115] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  283.248582][ T1115] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  283.619128][ T9442] loop5: detected capacity change from 0 to 128
[  283.662436][ T9442] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  283.779600][ T9442] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  283.887667][ T6002] usb 1-1: USB disconnect, device number 16
[  283.929646][ T1115] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  284.294227][ T9438] loop3: detected capacity change from 0 to 32768
[  284.312932][ T9440] loop2: detected capacity change from 0 to 32768
[  284.366597][ T9438] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  284.464160][ T9438] XFS (loop3): Ending clean mount
[  284.559012][ T9438] XFS (loop3): Quotacheck needed: Please wait.
[  285.361843][ T9467] Bluetooth: hci3: Opcode 0x0401 failed: -4
[  285.402296][ T9451] loop5: detected capacity change from 0 to 32768
[  285.413254][ T9438] XFS (loop3): Quotacheck: Done.
[  285.438094][ T9451] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.1033 (9451)
[  285.468312][   T30] audit: type=1800 audit(1774273009.034:24): pid=9438 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1029" name="file1" dev="loop3" ino=4422 res=0 errno=0
[  285.567615][ T9451] BTRFS info (device loop5): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  285.597946][ T6002] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[  285.620889][ T9451] BTRFS info (device loop5): using crc32c checksum algorithm
[  285.770287][ T9451] BTRFS info (device loop5): enabling ssd optimizations
[  285.788102][ T6002] usb 5-1: Using ep0 maxpacket: 8
[  285.812334][ T6002] usb 5-1: config 0 has an invalid interface number: 55 but max is 0
[  285.828146][ T9451] BTRFS info (device loop5): turning on flush-on-commit
[  285.852221][ T6002] usb 5-1: config 0 has no interface number 0
[  285.865613][ T9451] BTRFS info (device loop5): enabling free space tree
[  285.873106][ T6002] usb 5-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  285.881794][ T9451] BTRFS info (device loop5): enabling auto defrag
[  285.898829][ T5838] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  285.899332][ T9451] BTRFS info (device loop5): use lzo compression, level 1
[  285.914820][ T6002] usb 5-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  285.916466][ T5956] usb 1-1: new full-speed USB device number 17 using dummy_hcd
[  285.935050][ T6002] usb 5-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  285.946385][ T6002] usb 5-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  285.957981][ T9451] BTRFS info (device loop5): max_inline set to 4096
[  285.961115][ T6002] usb 5-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  285.975611][ T6002] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  286.074480][ T6002] usb 5-1: config 0 descriptor??
[  286.135789][ T5956] usb 1-1: unable to get BOS descriptor or descriptor too short
[  286.160826][ T5956] usb 1-1: not running at top speed; connect to a high speed hub
[  286.166895][ T6002] ldusb 5-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  286.203239][ T5956] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  286.227797][ T5956] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  286.283238][ T5956] usb 1-1: string descriptor 0 read error: -22
[  286.293714][ T5956] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  286.303198][ T5956] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  286.361030][ T5956] usb 1-1: 0:2 : does not exist
[  286.419311][ T6002] usb 5-1: USB disconnect, device number 19
[  286.425310][    C1] ldusb 5-1:0.55: usb_submit_urb failed (-19)
[  286.460427][ T6002] ldusb 5-1:0.55: LD USB Device #0 now disconnected
[  286.570819][ T9126] BTRFS info (device loop5): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  286.886794][   T51] Bluetooth: hci3: command 0x0401 tx timeout
[  287.161341][ T9506] loop2: detected capacity change from 0 to 32768
[  287.172089][ T9512] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1045'.
[  287.188084][ T9506] (syz.2.1043,9506,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  287.228614][ T9506] (syz.2.1043,9506,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  287.295271][ T9506] JBD2: Ignoring recovery information on journal
[  287.409879][ T5956] usb 1-1: 5:0: failed to get current value for ch 0 (-22)
[  287.441540][ T5956] usb 1-1: 5:0: cannot get min/max values for control 3 (id 5)
[  287.442339][ T9506] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  287.464167][ T9520] loop5: detected capacity change from 0 to 128
[  287.469753][ T5956] usb 1-1: 5:0: failed to get current value for ch 1 (-22)
[  287.521516][ T9520] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=256, location=256
[  287.556663][ T9520] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  287.600617][ T5956] usb 1-1: 5:0: cannot get min/max values for control 3 (id 5)
[  287.606056][ T6002] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  287.698579][ T5956] usb 1-1: USB disconnect, device number 17
[  287.781933][ T6002] usb 5-1: Using ep0 maxpacket: 32
[  287.823369][ T6002] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  287.835992][ T6002] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  287.855573][ T6002] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  287.877931][ T6002] usb 5-1: New USB device found, idVendor=0458, idProduct=5011, bcdDevice= 0.00
[  287.891282][ T5846] ocfs2: Unmounting device (7,2) on (node local)
[  287.897948][ T6002] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  287.911140][ T6002] usb 5-1: config 0 descriptor??
[  288.116603][ T9528] syzkaller1: entered promiscuous mode
[  288.154606][ T9528] syzkaller1: entered allmulticast mode
[  288.239179][ T9522] loop3: detected capacity change from 0 to 32768
[  288.258927][ T9522] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.1049 (9522)
[  288.305583][ T9522] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  288.323558][ T9522] BTRFS info (device loop3): using crc32c checksum algorithm
[  288.449981][ T6002] hid (null): unknown global tag 0xe
[  288.504097][ T6002] input: HID 0458:5011 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:0458:5011.0014/input/input21
[  288.528465][ T9522] BTRFS info (device loop3): enabling ssd optimizations
[  288.538234][ T9522] BTRFS info (device loop3): turning on async discard
[  288.546170][ T9522] BTRFS info (device loop3): enabling free space tree
[  288.789116][ T6002] input: HID 0458:5011 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:0458:5011.0014/input/input22
[  288.902725][ T9526] loop5: detected capacity change from 0 to 32768
[  288.973881][ T9526] BTRFS info: device /dev/loop5 (7:5) using temp-fsid 944def8a-0e50-4b3b-8216-9d0e56113dfd
[  288.978540][ T5838] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  289.030656][ T9526] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.1052 (9526)
[  289.206934][ T6002] kye 0003:0458:5011.0014: input,hiddev0,hidraw0: USB HID v0.00 Mouse [HID 0458:5011] on usb-dummy_hcd.4-1/input0
[  289.311593][ T9526] BTRFS info (device loop5): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  289.375349][ T9526] BTRFS info (device loop5): using crc32c checksum algorithm
[  289.591279][ T9574] loop0: detected capacity change from 0 to 2048
[  289.594237][ T3507] BTRFS warning (device loop5): checksum verify failed on logical 5332992 mirror 1 wanted 0x0a5e5d25 found 0xcee3a718 level 0
[  289.656855][ T9526] BTRFS warning (device loop5): couldn't read tree root
[  289.692112][ T9574] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  289.711202][ T9526] BTRFS warning (device loop5): try to load backup roots slot 1
[  289.750145][ T3507] BTRFS warning (device loop5): checksum verify failed on logical 5324800 mirror 1 wanted 0x9f73850b found 0xe06dfc66 level 0
[  289.832876][ T9526] BTRFS warning (device loop5): couldn't read tree root
[  289.868745][ T9526] BTRFS warning (device loop5): try to load backup roots slot 2
[  289.899068][  T681] BTRFS error (device loop5): level verify failed on logical 5255168 mirror 1 wanted 0 found 1
[  289.921502][ T5919] usb 5-1: reset high-speed USB device number 20 using dummy_hcd
[  289.959561][ T9526] BTRFS warning (device loop5): couldn't read tree root
[  289.979859][ T9526] BTRFS warning (device loop5): try to load backup roots slot 3
[  290.036867][ T9526] BTRFS info (device loop5): checking UUID tree
[  290.068473][ T9526] BTRFS info (device loop5): setting nodatasum
[  290.100758][ T9526] BTRFS info (device loop5): enabling ssd optimizations
[  290.119896][ T5919] usb 5-1: device descriptor read/64, error -32
[  290.132467][ T9526] BTRFS info (device loop5): turning on flush-on-commit
[  290.156734][ T9526] BTRFS info (device loop5): turning on async discard
[  290.187020][ T9526] BTRFS info (device loop5): enabling free space tree
[  290.242208][ T9526] BTRFS info (device loop5): trying to use backup root at mount time
[  290.271490][ T9526] BTRFS info (device loop5): max_inline set to 0
[  290.444386][ T9587] loop0: detected capacity change from 0 to 256
[  290.480077][ T9587] exfat: Deprecated parameter 'namecase'
[  290.517146][ T9587] exfat: Deprecated parameter 'namecase'
[  290.551766][ T9587] exfat: Deprecated parameter 'utf8'
[  290.623979][ T9587] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xbe66f6fd, utbl_chksum : 0xe619d30d)
[  290.868726][ T9126] BTRFS info (device loop5): last unmount of filesystem 944def8a-0e50-4b3b-8216-9d0e56113dfd
[  290.917411][ T9565] loop3: detected capacity change from 0 to 32768
[  290.975537][ T9599] loop2: detected capacity change from 0 to 1024
[  291.039823][ T6002] usb 5-1: USB disconnect, device number 20
[  291.044076][ T9565] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  291.072669][ T9565] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  291.132587][ T9565] gfs2: fsid=syz:syz.0: journal 0 mapped with 5 extents in 0ms
[  291.213035][  T809] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  291.230068][  T809] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  291.443045][  T809] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 212ms
[  291.453792][  T809] gfs2: fsid=syz:syz.0: jid=0: Done
[  291.493639][ T9565] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  291.702346][ T9565] gfs2: fsid=syz:syz.0: found 1 quota changes
[  291.866722][ T5838] gfs2: fsid=syz:syz.0: fatal: filesystem consistency error - inode = 11 2339, function = gfs2_dinode_in, file = fs/gfs2/glops.c, line = 402
[  291.940364][ T5838] gfs2: fsid=syz:syz.0: G:  s:EX n:2/923 f:aqonN t:EX d:EX/0 a:0 v:0 r:2 m:20 p:1
[  291.991546][ T5838] gfs2: fsid=syz:syz.0:  H: s:EX f:H e:0 p:5838 [syz-executor] gfs2_quota_sync+0x370/0x470
[  292.002261][ T9412] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  292.062097][ T5838] gfs2: fsid=syz:syz.0:  I: n:11/2339 t:0 f:0x00 d:0x00000000 s:0 p:0
[  292.112313][ T5838] CPU: 0 UID: 0 PID: 5838 Comm: syz-executor Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  292.112347][ T5838] Tainted: [L]=SOFTLOCKUP
[  292.112354][ T5838] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  292.112365][ T5838] Call Trace:
[  292.112373][ T5838]  <TASK>
[  292.112382][ T5838]  dump_stack_lvl+0xe8/0x150
[  292.112423][ T5838]  gfs2_withdraw+0xc3/0x1b0
[  292.112450][ T5838]  inode_go_instantiate+0xdd8/0x1220
[  292.112475][ T5838]  ? preempt_schedule_common+0x82/0xd0
[  292.112505][ T5838]  ? __pfx_inode_go_instantiate+0x10/0x10
[  292.112538][ T5838]  gfs2_instantiate+0x168/0x220
[  292.112565][ T5838]  gfs2_glock_wait+0x1d4/0x2a0
[  292.112597][ T5838]  do_sync+0x49a/0xcb0
[  292.112623][ T5838]  ? _raw_spin_unlock+0x28/0x50
[  292.112646][ T5838]  ? gfs2_quota_sync+0x370/0x470
[  292.112683][ T5838]  ? __pfx_do_sync+0x10/0x10
[  292.112724][ T5838]  ? gfs2_quota_sync+0x370/0x470
[  292.112756][ T5838]  ? do_raw_spin_unlock+0xf5/0x210
[  292.112784][ T5838]  gfs2_quota_sync+0x370/0x470
[  292.112823][ T5838]  gfs2_sync_fs+0x4c/0xb0
[  292.112850][ T5838]  sync_filesystem+0xee/0x230
[  292.112877][ T5838]  generic_shutdown_super+0x77/0x2d0
[  292.112925][ T5838]  kill_block_super+0x44/0x90
[  292.112947][ T5838]  deactivate_locked_super+0xbc/0x130
[  292.112976][ T5838]  cleanup_mnt+0x437/0x4d0
[  292.113001][ T5838]  ? _raw_spin_unlock_irq+0x23/0x50
[  292.113027][ T5838]  task_work_run+0x1d9/0x270
[  292.113055][ T5838]  ? __pfx_task_work_run+0x10/0x10
[  292.113095][ T5838]  exit_to_user_mode_loop+0xed/0x480
[  292.113122][ T5838]  ? rcu_is_watching+0x15/0xb0
[  292.113147][ T5838]  do_syscall_64+0x32d/0xf80
[  292.113172][ T5838]  ? trace_irq_disable+0x3b/0x140
[  292.113195][ T5838]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  292.113214][ T5838]  ? clear_bhb_loop+0x40/0x90
[  292.113242][ T5838]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  292.113261][ T5838] RIP: 0033:0x7effddd9d9d7
[  292.113281][ T5838] Code: a2 c7 05 1c fd 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8
[  292.113297][ T5838] RSP: 002b:00007ffcfdc5d1b8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  292.113318][ T5838] RAX: 0000000000000000 RBX: 00007effdde32050 RCX: 00007effddd9d9d7
[  292.113332][ T5838] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffcfdc5d270
[  292.113344][ T5838] RBP: 00007ffcfdc5d270 R08: 00007ffcfdc5e270 R09: 00000000ffffffff
[  292.113358][ T5838] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffcfdc5e300
[  292.113370][ T5838] R13: 00007effdde32050 R14: 00000000000473c3 R15: 00007ffcfdc5e340
[  292.113408][ T5838]  </TASK>
[  292.115063][ T5838] gfs2: fsid=syz:syz.0: about to withdraw this file system
[  292.408754][ T9622] loop2: detected capacity change from 0 to 2048
[  292.515399][ T9624] loop4: detected capacity change from 0 to 128
[  292.580861][ T9412] usb 6-1: unable to get BOS descriptor or descriptor too short
[  292.591102][ T9622] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  292.600625][ T9412] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  292.633995][ T9412] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x4 has invalid wMaxPacketSize 0
[  292.700157][ T9412] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  292.759897][   T30] audit: type=1804 audit(1774273016.264:25): pid=9622 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.1070" name="/newroot/200/file1/file1" dev="loop2" ino=1415 res=1 errno=0
[  292.813683][ T9412] usb 6-1: New USB device found, idVendor=04e6, idProduct=5591, bcdDevice=94.39
[  292.852906][ T9412] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  292.916902][ T9412] usb 6-1: Product: syz
[  292.942786][ T9412] usb 6-1: Manufacturer: syz
[  292.960036][ T9412] usb 6-1: SerialNumber: syz
[  293.021574][ T9412] usb 6-1: config 0 descriptor??
[  293.070059][ T9412] pn533_usb 6-1:0.0: NFC: Could not find bulk-in or bulk-out endpoint
[  293.214921][ T9629] syzkaller1: entered promiscuous mode
[  293.240778][ T9629] syzkaller1: entered allmulticast mode
[  293.311904][ T9412] usb 6-1: USB disconnect, device number 2
[  293.587480][ T9617] loop0: detected capacity change from 0 to 262144
[  293.602408][ T9617] F2FS-fs (loop0): invalid crc value
[  293.707454][ T9617] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  293.775763][ T9617] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4
[  293.875587][ T9644] loop3: detected capacity change from 0 to 256
[  293.900068][ T9642] netdevsim netdevsim2 netdevsim0: entered promiscuous mode
[  293.939889][ T9644] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  293.994960][ T9644] exFAT-fs (loop3): valid_size(150994954) is greater than size(10)
[  294.011337][   T30] audit: type=1800 audit(1774273017.584:26): pid=9644 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1069" name="file1" dev="loop3" ino=1048733 res=0 errno=0
[  294.012204][ T9648] loop5: detected capacity change from 0 to 2048
[  294.045609][ T9642] netdevsim netdevsim2 netdevsim0: left promiscuous mode
[  294.066666][ T6002] usb 5-1: new full-speed USB device number 21 using dummy_hcd
[  294.135501][ T9648] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  294.241849][ T6002] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  294.310297][ T6002] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 2
[  294.363124][ T6002] usb 5-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  294.404265][ T6002] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  294.448008][ T6002] usb 5-1: config 0 descriptor??
[  294.479798][ T6002] dvb-usb: found a 'Artec T1 USB2.0' in warm state.
[  294.515808][ T6002] dvb-usb: bulk message failed: -22 (3/0)
[  294.576041][ T6002] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  294.614257][ T6002] dvbdev: DVB: registering new adapter (Artec T1 USB2.0)
[  294.642698][ T6002] usb 5-1: media controller created
[  294.672771][ T6002] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  294.738229][ T6002] dvb-usb: bulk message failed: -22 (6/0)
[  294.823896][ T6002] dvb-usb: no frontend was attached by 'Artec T1 USB2.0'
[  294.867400][ T6002] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.4/usb5/5-1/input/input23
[  294.909102][ T6002] dvb-usb: schedule remote query interval to 150 msecs.
[  294.916645][ T6002] dvb-usb: Artec T1 USB2.0 successfully initialized and connected.
[  294.926906][ T6002] usb 5-1: USB disconnect, device number 21
[  295.000691][ T6002] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected.
[  295.316562][ T9683] netlink: 'syz.3.1085': attribute type 10 has an invalid length.
[  295.451962][ T9683] veth1_vlan: entered allmulticast mode
[  295.464982][ T9683] team0: Device veth1_vlan failed to register rx_handler
[  296.727410][ T9708] loop4: detected capacity change from 0 to 4096
[  297.046729][ T9721] netlink: 68 bytes leftover after parsing attributes in process `syz.2.1095'.
[  297.190074][ T9693] loop5: detected capacity change from 0 to 32768
[  297.272278][ T9693] XFS (loop5): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  297.484955][ T9693] XFS (loop5): Ending clean mount
[  297.694039][ T9750] loop3: detected capacity change from 0 to 1024
[  297.750451][ T9750] EXT4-fs (loop3): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  297.783077][ T9693] XFS (loop5): WARNING: Reset corrupted AGFL on AG 0. 1 blocks leaked. Please unmount and run xfs_repair.
[  297.821440][ T9750] ext4 filesystem being mounted at /207/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  297.939026][ T9750] EXT4-fs error (device loop3): ext4_map_blocks:821: inode #15: comm syz.3.1099: lblock 0 mapped to illegal pblock 0 (length 1)
[  297.989280][ T9693] XFS (loop5): Corruption warning: Metadata has LSN (1:1536) ahead of current LSN (1:80). Please unmount and run xfs_repair (>= v4.3) to resolve.
[  298.024814][ T9693] XFS (loop5): Metadata CRC error detected at xfs_allocbt_read_verify+0x42/0xe0, xfs_cntbt block 0x8 
[  298.063579][ T9693] XFS (loop5): Unmount and run xfs_repair
[  298.091417][ T9693] XFS (loop5): First 128 bytes of corrupted metadata buffer:
[  298.117117][ T9693] 00000000: 41 42 33 43 00 00 00 03 ff ff ff ff ff ff ff ff  AB3C............
[  298.150326][ T5838] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  298.162356][ T9693] 00000010: 00 00 00 00 00 00 00 08 00 00 00 01 00 00 06 00  ................
[  298.196163][ T9693] 00000020: 00 00 00 00 00 00 42 cb 9f 91 9c b7 20 0a 10 1d  ......B..... ...
[  298.209132][ T9693] 00000030: 00 00 00 00 83 85 41 d8 00 00 00 07 00 00 00 01  ......A.........
[  298.235857][ T9693] 00000040: 00 00 0b fe 00 00 00 02 00 00 0c 20 00 00 13 e0  ........... ....
[  298.255508][ T9693] 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  298.276024][ T9767] loop4: detected capacity change from 0 to 512
[  298.303272][ T9765] netlink: 'syz.0.1077': attribute type 11 has an invalid length.
[  298.316004][ T9693] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  298.340562][ T9767] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  298.371694][ T9693] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  298.433204][ T9693] XFS (loop5): metadata I/O error in "xfs_btree_read_buf_block+0x2b0/0x490" at daddr 0x8 len 4 error 74
[  298.541591][ T9693] XFS (loop5): Metadata I/O Error (0x1) detected at xfs_trans_read_buf_map+0x518/0x8f0 (fs/xfs/xfs_trans_buf.c:311).  Shutting down filesystem.
[  298.621621][ T9693] XFS (loop5): Please unmount the filesystem and rectify the problem(s)
[  298.648956][ T9745] loop2: detected capacity change from 0 to 40427
[  298.699125][ T9745] F2FS-fs (loop2): invalid crc value
[  298.725589][   T51] Bluetooth: hci0: command 0x0c1a tx timeout
[  298.731418][ T5841] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  298.844495][ T9126] XFS (loop5): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  299.041506][ T9745] F2FS-fs (loop2): access invalid blkaddr:0
[  299.071269][ T9745] CPU: 0 UID: 0 PID: 9745 Comm: syz.2.1101 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  299.071303][ T9745] Tainted: [L]=SOFTLOCKUP
[  299.071312][ T9745] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  299.071323][ T9745] Call Trace:
[  299.071330][ T9745]  <TASK>
[  299.071339][ T9745]  dump_stack_lvl+0xe8/0x150
[  299.071375][ T9745]  __f2fs_is_valid_blkaddr+0xe52/0x14f0
[  299.071412][ T9745]  sanity_check_extent_cache+0x1a3/0x620
[  299.071448][ T9745]  f2fs_iget+0x3f8a/0x5dc0
[  299.071501][ T9745]  f2fs_fill_super+0x4e78/0x7740
[  299.071568][ T9745]  get_tree_bdev_flags+0x431/0x4f0
[  299.071592][ T9745]  ? __pfx_f2fs_fill_super+0x10/0x10
[  299.071611][ T9745]  ? __pfx_get_tree_bdev_flags+0x10/0x10
[  299.071645][ T9745]  vfs_get_tree+0x92/0x2a0
[  299.071668][ T9745]  do_new_mount+0x341/0xd30
[  299.071693][ T9745]  ? apparmor_capable+0x126/0x170
[  299.071721][ T9745]  ? __pfx_do_new_mount+0x10/0x10
[  299.071747][ T9745]  ? ns_capable+0x89/0xe0
[  299.071777][ T9745]  ? user_path_at+0xd4/0x160
[  299.071817][ T9745]  __se_sys_mount+0x31d/0x420
[  299.071851][ T9745]  ? __pfx___se_sys_mount+0x10/0x10
[  299.071883][ T9745]  ? __x64_sys_mount+0x20/0xc0
[  299.071911][ T9745]  do_syscall_64+0x14d/0xf80
[  299.071936][ T9745]  ? trace_irq_disable+0x3b/0x140
[  299.071959][ T9745]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  299.071980][ T9745]  ? clear_bhb_loop+0x40/0x90
[  299.072005][ T9745]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  299.072025][ T9745] RIP: 0033:0x7f252119da0a
[  299.072046][ T9745] Code: 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  299.072063][ T9745] RSP: 002b:00007f25220e1e58 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  299.072086][ T9745] RAX: ffffffffffffffda RBX: 00007f25220e1ee0 RCX: 00007f252119da0a
[  299.072101][ T9745] RDX: 0000200000000140 RSI: 0000200000000040 RDI: 00007f25220e1ea0
[  299.072116][ T9745] RBP: 0000200000000140 R08: 00007f25220e1ee0 R09: 0000000000000000
[  299.072131][ T9745] R10: 0000000000000000 R11: 0000000000000246 R12: 0000200000000040
[  299.072144][ T9745] R13: 00007f25220e1ea0 R14: 0000000000005525 R15: 0000200000000100
[  299.072176][ T9745]  </TASK>
[  299.294334][ T9745] F2FS-fs (loop2): sanity_check_extent_cache: inode (ino=3) extent info [0, 0, 24244] is incorrect, run fsck to fix
[  299.308181][ T9745] F2FS-fs (loop2): Failed to read root inode
[  299.525008][ T9789] loop3: detected capacity change from 0 to 32768
[  299.563945][ T9789] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  299.890041][ T9789] XFS (loop3): Ending clean mount
[  300.028848][ T5838] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  300.038711][ T9817] loop4: detected capacity change from 0 to 4096
[  300.257841][ T9820] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  300.388984][ T9798] loop0: detected capacity change from 0 to 32768
[  300.459864][ T9798] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.1112 (9798)
[  300.513277][   T30] audit: type=1800 audit(1774273024.074:27): pid=9817 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1114" name="file2" dev="loop4" ino=16 res=0 errno=0
[  300.600014][ T9798] BTRFS info (device loop0): first mount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0
[  300.638384][ T9798] BTRFS info (device loop0): using crc32c checksum algorithm
[  300.667774][ T9798] BTRFS warning (device loop0): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  300.757524][ T9827] loop2: detected capacity change from 0 to 1024
[  300.802283][ T9827] EXT4-fs: Ignoring removed orlov option
[  300.808743][ T5844] Bluetooth: hci0: command 0x0c1a tx timeout
[  300.820239][ T9827] EXT4-fs: Ignoring removed bh option
[  300.902252][ T9827] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  300.950602][ T9798] BTRFS info (device loop0): rebuilding free space tree
[  301.067981][ T9813] loop5: detected capacity change from 0 to 40427
[  301.102054][ T9798] BTRFS info (device loop0): disabling free space tree
[  301.111724][ T9798] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  301.124348][ T9813] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12
[  301.133037][ T9813] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[  301.143490][ T9798] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  301.171357][ T5846] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  301.183180][ T9813] F2FS-fs (loop5): invalid crc_offset: 33558524
[  301.194344][ T9798] BTRFS info (device loop0): enabling ssd optimizations
[  301.204205][ T9798] BTRFS info (device loop0): turning on async discard
[  301.223536][ T9798] BTRFS info (device loop0): enabling disk space caching
[  301.267110][ T9798] BTRFS info (device loop0): force clearing of disk cache
[  301.274424][ T9798] BTRFS info (device loop0): use zstd compression, level 3
[  301.481903][ T9813] F2FS-fs (loop5): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  301.516602][ T9813] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0
[  301.536243][ T9813] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  301.671728][ T5840] BTRFS info (device loop0): last unmount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0
[  301.874194][ T9833] set_capacity_and_notify: 1 callbacks suppressed
[  301.874214][ T9833] loop4: detected capacity change from 0 to 32768
[  301.934029][ T9126] syz-executor: attempt to access beyond end of device
[  301.934029][ T9126] loop5: rw=2049, sector=40960, nr_sectors = 8 limit=40427
[  301.982473][ T9126] CPU: 0 UID: 0 PID: 9126 Comm: syz-executor Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  301.982518][ T9126] Tainted: [L]=SOFTLOCKUP
[  301.982525][ T9126] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  301.982536][ T9126] Call Trace:
[  301.982544][ T9126]  <TASK>
[  301.982552][ T9126]  dump_stack_lvl+0xe8/0x150
[  301.982582][ T9126]  f2fs_handle_critical_error+0x37c/0x540
[  301.982609][ T9126]  f2fs_write_end_io+0x1274/0x1740
[  301.982640][ T9126]  __submit_merged_bio+0x256/0x6a0
[  301.982665][ T9126]  f2fs_submit_merged_write+0x284/0x390
[  301.982688][ T9126]  ? __pfx_f2fs_submit_merged_write+0x10/0x10
[  301.982720][ T9126]  f2fs_sync_node_pages+0x14bf/0x1680
[  301.982753][ T9126]  ? __pfx_f2fs_sync_node_pages+0x10/0x10
[  301.982804][ T9126]  f2fs_write_checkpoint+0xeb8/0x26a0
[  301.982819][ T9126]  ? __lock_acquire+0x6b5/0x2cf0
[  301.982864][ T9126]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  301.982919][ T9126]  kill_f2fs_super+0x314/0x720
[  301.982939][ T9126]  ? __pfx_kill_f2fs_super+0x10/0x10
[  301.982963][ T9126]  ? lockdep_hardirqs_on+0x7a/0x110
[  301.982993][ T9126]  deactivate_locked_super+0xbc/0x130
[  301.983018][ T9126]  cleanup_mnt+0x437/0x4d0
[  301.983033][ T9126]  ? _raw_spin_unlock_irq+0x23/0x50
[  301.983053][ T9126]  task_work_run+0x1d9/0x270
[  301.983074][ T9126]  ? __pfx_task_work_run+0x10/0x10
[  301.983101][ T9126]  exit_to_user_mode_loop+0xed/0x480
[  301.983120][ T9126]  ? rcu_is_watching+0x15/0xb0
[  301.983139][ T9126]  do_syscall_64+0x32d/0xf80
[  301.983158][ T9126]  ? trace_irq_disable+0x3b/0x140
[  301.983175][ T9126]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  301.983190][ T9126]  ? clear_bhb_loop+0x40/0x90
[  301.983208][ T9126]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  301.983222][ T9126] RIP: 0033:0x7fd94819d9d7
[  301.983239][ T9126] Code: a2 c7 05 1c fd 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8
[  301.983251][ T9126] RSP: 002b:00007ffe32002a08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  301.983268][ T9126] RAX: 0000000000000000 RBX: 00007fd948232050 RCX: 00007fd94819d9d7
[  301.983278][ T9126] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe32002ac0
[  301.983288][ T9126] RBP: 00007ffe32002ac0 R08: 00007ffe32003ac0 R09: 00000000ffffffff
[  301.983298][ T9126] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffe32003b50
[  301.983307][ T9126] R13: 00007fd948232050 R14: 0000000000049aa2 R15: 00007ffe32003b90
[  301.983332][ T9126]  </TASK>
[  301.983339][ T9126] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  301.999208][ T9833] XFS (loop4): Mounting V5 Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[  302.386373][ T9833] XFS (loop4): Ending clean mount
[  302.718281][ T9859] loop2: detected capacity change from 0 to 32768
[  302.864851][ T9859] XFS (loop2): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  302.910647][ T5841] XFS (loop4): Unmounting Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[  302.939347][ T9882] loop3: detected capacity change from 0 to 4096
[  302.946884][ T9882] ntfs3: Unknown parameter 'io'
[  303.491784][ T9859] XFS (loop2): Ending clean mount
[  303.544520][ T9895] Bluetooth: hci3: Opcode 0x0401 failed: -4
[  304.032827][ T5846] XFS (loop2): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  304.304293][ T9914] netlink: 'syz.0.1132': attribute type 11 has an invalid length.
[  304.337086][ T5919] usb 4-1: new high-speed USB device number 19 using dummy_hcd
[  304.355518][ T9914] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1132'.
[  304.525879][ T5919] usb 4-1: Using ep0 maxpacket: 32
[  304.540570][ T5919] usb 4-1: config 0 has no interfaces?
[  304.560776][ T5919] usb 4-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  304.587387][ T5919] usb 4-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  304.611401][ T5919] usb 4-1: Product: syz
[  304.628187][ T5919] usb 4-1: Manufacturer: syz
[  304.639978][ T5919] usb 4-1: SerialNumber: syz
[  304.645950][ T9922] loop2: detected capacity change from 0 to 1024
[  304.663017][ T5919] usb 4-1: config 0 descriptor??
[  304.745746][ T9925] syzkaller1: entered promiscuous mode
[  304.776929][ T9925] syzkaller1: entered allmulticast mode
[  304.898648][ T9922] hfsplus: bad catalog file entry
[  304.908600][ T9906] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  304.929479][ T9906] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  304.976891][ T9906] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  305.019792][ T9906] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  305.060018][ T6002] usb 4-1: USB disconnect, device number 19
[  305.094072][  T681] hfsplus: b-tree write err: -5, ino 3
[  305.108679][  T681] hfsplus: bad catalog file entry
[  305.126232][   T51] Bluetooth: hci3: command 0x0401 tx timeout
[  305.570917][ T9940] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  305.587008][ T6002] usb 4-1: new high-speed USB device number 20 using dummy_hcd
[  305.699904][ T9929] loop4: detected capacity change from 0 to 131072
[  305.787729][ T9929] F2FS-fs (loop4): invalid crc value
[  305.802273][ T9948] loop0: detected capacity change from 0 to 512
[  305.872583][ T9929] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  306.305222][ T9929] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4
[  306.378175][ T6002] usb 4-1: config index 0 descriptor too short (expected 36, got 27)
[  306.411466][ T6002] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  306.513247][   T30] audit: type=1800 audit(1774273030.084:29): pid=9929 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1137" name="file1" dev="loop4" ino=7 res=0 errno=0
[  306.549551][ T6002] usb 4-1: New USB device found, idVendor=0403, idProduct=6010, bcdDevice= 0.40
[  306.597843][ T9957] loop2: detected capacity change from 0 to 64
[  306.600368][ T6002] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  306.622666][   T30] audit: type=1804 audit(1774273030.074:28): pid=9954 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.1143" name="/newroot/236/file0/bus" dev="loop0" ino=1048734 res=1 errno=0
[  306.672253][ T6002] usb 4-1: config 0 descriptor??
[  306.673809][ T9957] MINIX-fs: mounting file system with errors, running fsck is recommended
[  306.711259][ T6002] ftdi_sio 4-1:0.0: FTDI USB Serial Device converter detected
[  306.762729][ T6002] usb 4-1: Detected SIO
[  306.804377][ T6002] usb 4-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  306.907663][ T9961] loop0: detected capacity change from 0 to 2048
[  306.959947][ T9961] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  306.965380][ T6002] usb 4-1: USB disconnect, device number 20
[  306.979276][ T9961] ext4 filesystem being mounted at /237/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  307.172475][ T6002] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  307.242600][ T5840] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  307.260798][ T6002] ftdi_sio 4-1:0.0: device disconnected
[  308.482525][ T9979] loop2: detected capacity change from 0 to 512
[  308.517947][ T9979] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem
[  308.592723][ T9979] EXT4-fs error (device loop2): ext4_validate_block_bitmap:432: comm syz.2.1151: bg 0: block 104: invalid block bitmap
[  308.670581][ T9979] loop2: lost filesystem error report for type 5 error -117
[  308.671027][ T9979] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6685: Corrupt filesystem
[  308.678427][    C1] EXT4-fs (loop2): error count since last fsck: 1
[  308.678451][    C1] EXT4-fs (loop2): initial error at time 1774273032: ext4_validate_block_bitmap:432
[  308.678479][    C1] EXT4-fs (loop2): last error at time 1774273032: ext4_validate_block_bitmap:432
[  308.714732][ T6002] usb 1-1: new high-speed USB device number 18 using dummy_hcd
[  308.758443][ T9979] loop2: lost filesystem error report for type 5 error -117
[  308.761720][ T9979] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.1151: invalid indirect mapped block 1 (level 1)
[  308.805779][ T9979] loop2: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117
[  308.809702][ T9979] EXT4-fs (loop2): 1 truncate cleaned up
[  308.867298][ T9979] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  308.936548][ T6002] usb 1-1: Using ep0 maxpacket: 8
[  308.945391][ T5843] kernel read not supported for file /audio (pid: 5843 comm: kworker/1:3)
[  308.967464][ T6002] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  308.985547][ T6002] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  309.005511][ T6002] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  309.025851][ T6002] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  309.068989][ T6002] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  309.112233][ T6002] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  309.380138][ T6002] usb 1-1: GET_CAPABILITIES returned 0
[  309.401425][ T6002] usbtmc 1-1:16.0: can't read capabilities
[  309.472313][ T9983] loop5: detected capacity change from 0 to 40427
[  309.500410][ T9983] F2FS-fs: heap/no_heap options were deprecated
[  309.624855][ T6002] usb 1-1: USB disconnect, device number 18
[  309.896397][ T9993] loop4: detected capacity change from 0 to 131072
[  309.936869][ T9993] F2FS-fs (loop4): Test dummy encryption mode enabled
[  309.937468][ T9983] F2FS-fs (loop5): build fault injection rate: 19
[  309.951448][ T9993] F2FS-fs (loop4): invalid crc value
[  309.963274][ T9983] F2FS-fs (loop5): build fault injection type: 0x3bfe8c
[  310.037677][ T9993] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  310.046401][ T5846] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  310.051410][ T9983] F2FS-fs (loop5): invalid crc value
[  310.061782][ T9993] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  310.156199][ T9983] F2FS-fs (loop5): inject page alloc in f2fs_grab_cache_folio of f2fs_build_free_nids+0x9d8/0x1810
[  310.199523][ T9995] loop3: detected capacity change from 0 to 32768
[  310.379924][ T9995] read_mapping_page failed!
[  310.396655][ T9995] ERROR: (device loop3): txCommit: 
[  310.396655][ T9995] 
[  310.433392][ T9983] F2FS-fs (loop5): inject slab alloc in f2fs_kmem_cache_alloc of read_node_folio+0x221/0x410
[  310.667743][ T9983] F2FS-fs (loop5): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  310.728362][T10009] loop3: detected capacity change from 0 to 512
[  310.730551][ T9983] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  310.884453][T10009] EXT4-fs: Ignoring removed oldalloc option
[  311.264579][ T9983] F2FS-fs (loop5): inject page alloc in f2fs_grab_cache_folio of f2fs_get_dnode_of_data+0x911/0x2060
[  311.273910][T10009] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  311.296189][T10012] F2FS-fs (loop5): inject slab alloc in f2fs_kmem_cache_alloc of f2fs_new_node_folio+0x3ad/0xd80
[  311.324054][T10009] EXT4-fs error (device loop3): ext4_orphan_get:1391: inode #15: comm syz.3.1164: iget: bad i_size value: 38620345925642
[  311.345966][   T30] audit: type=1800 audit(1774273034.894:30): pid=10012 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1154" name="file1" dev="loop5" ino=14 res=0 errno=0
[  311.475780][ T9126] syz-executor: attempt to access beyond end of device
[  311.475780][ T9126] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  311.480245][T10009] loop3: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117
[  311.491951][T10009] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.1164: couldn't read orphan inode 15 (err -117)
[  311.501154][    C0] EXT4-fs (loop3): error count since last fsck: 1
[  311.501183][    C0] EXT4-fs (loop3): initial error at time 1774273035: ext4_orphan_get:1391: inode 15
[  311.501219][    C0] EXT4-fs (loop3): last error at time 1774273035: ext4_orphan_get:1391: inode 15
[  311.541683][T10009] loop3: lost filesystem error report for type 5 error -117
[  311.543670][T10009] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  311.553108][ T9126] CPU: 1 UID: 0 PID: 9126 Comm: syz-executor Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  311.553138][ T9126] Tainted: [L]=SOFTLOCKUP
[  311.553146][ T9126] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  311.553156][ T9126] Call Trace:
[  311.553164][ T9126]  <TASK>
[  311.553172][ T9126]  dump_stack_lvl+0xe8/0x150
[  311.553207][ T9126]  f2fs_handle_critical_error+0x37c/0x540
[  311.553241][ T9126]  f2fs_write_end_io+0x1274/0x1740
[  311.553283][ T9126]  __submit_merged_bio+0x256/0x6a0
[  311.553317][ T9126]  __submit_merged_write_cond+0x3c9/0x4e0
[  311.553352][ T9126]  ? __pfx___submit_merged_write_cond+0x10/0x10
[  311.553403][ T9126]  f2fs_write_data_pages+0x287e/0x34f0
[  311.553471][ T9126]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  311.553514][ T9126]  ? __pfx_css_rstat_updated+0x10/0x10
[  311.553578][ T9126]  ? __lock_acquire+0x6b5/0x2cf0
[  311.553623][ T9126]  ? __lock_acquire+0x6b5/0x2cf0
[  311.553660][ T9126]  ? do_raw_spin_lock+0x12b/0x2f0
[  311.553696][ T9126]  ? do_raw_spin_unlock+0xf5/0x210
[  311.553720][ T9126]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  311.553752][ T9126]  do_writepages+0x32e/0x550
[  311.553787][ T9126]  ? do_raw_spin_unlock+0xf5/0x210
[  311.553816][ T9126]  filemap_fdatawrite+0x1e9/0x2f0
[  311.553844][ T9126]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  311.553917][ T9126]  ? do_raw_spin_unlock+0xf5/0x210
[  311.553946][ T9126]  f2fs_sync_dirty_inodes+0x30e/0x830
[  311.553983][ T9126]  f2fs_write_checkpoint+0x9df/0x26a0
[  311.554002][ T9126]  ? __lock_acquire+0x6b5/0x2cf0
[  311.554063][ T9126]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  311.554146][ T9126]  kill_f2fs_super+0x314/0x720
[  311.554173][ T9126]  ? __pfx_kill_f2fs_super+0x10/0x10
[  311.554207][ T9126]  ? lockdep_hardirqs_on+0x7a/0x110
[  311.554248][ T9126]  deactivate_locked_super+0xbc/0x130
[  311.554279][ T9126]  cleanup_mnt+0x437/0x4d0
[  311.554298][ T9126]  ? _raw_spin_unlock_irq+0x23/0x50
[  311.554326][ T9126]  task_work_run+0x1d9/0x270
[  311.554354][ T9126]  ? __pfx_task_work_run+0x10/0x10
[  311.554392][ T9126]  exit_to_user_mode_loop+0xed/0x480
[  311.554417][ T9126]  ? rcu_is_watching+0x15/0xb0
[  311.554441][ T9126]  do_syscall_64+0x32d/0xf80
[  311.554466][ T9126]  ? trace_irq_disable+0x3b/0x140
[  311.554488][ T9126]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  311.554508][ T9126]  ? clear_bhb_loop+0x40/0x90
[  311.554532][ T9126]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  311.554552][ T9126] RIP: 0033:0x7fd94819d9d7
[  311.554571][ T9126] Code: a2 c7 05 1c fd 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8
[  311.554587][ T9126] RSP: 002b:00007ffe32002a08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  311.554608][ T9126] RAX: 0000000000000000 RBX: 00007fd948232050 RCX: 00007fd94819d9d7
[  311.554621][ T9126] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe32002ac0
[  311.554633][ T9126] RBP: 00007ffe32002ac0 R08: 00007ffe32003ac0 R09: 00000000ffffffff
[  311.554646][ T9126] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffe32003b50
[  311.554659][ T9126] R13: 00007fd948232050 R14: 000000000004bf8e R15: 00007ffe32003b90
[  311.554693][ T9126]  </TASK>
[  311.635560][ T9126] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  311.974731][ T5838] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  312.148436][T10004] loop0: detected capacity change from 0 to 40427
[  312.177458][T10004] F2FS-fs (loop0): invalid crc value
[  312.378399][T10004] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  312.407386][T10004] F2FS-fs (loop0): Start checkpoint disabled!
[  312.424903][T10004] F2FS-fs (loop0): f2fs_disable_checkpoint() finish, err:0
[  312.448701][T10004] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[  312.682442][  T681] kworker/u8:7: attempt to access beyond end of device
[  312.682442][  T681] loop0: rw=2049, sector=40960, nr_sectors = 24 limit=40427
[  312.712137][T10034] loop4: detected capacity change from 0 to 128
[  312.724336][  T681] CPU: 0 UID: 0 PID: 681 Comm: kworker/u8:7 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  312.724368][  T681] Tainted: [L]=SOFTLOCKUP
[  312.724375][  T681] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  312.724387][  T681] Workqueue: writeback wb_workfn (flush-7:0)
[  312.724417][  T681] Call Trace:
[  312.724423][  T681]  <TASK>
[  312.724432][  T681]  dump_stack_lvl+0xe8/0x150
[  312.724463][  T681]  f2fs_handle_critical_error+0x37c/0x540
[  312.724496][  T681]  f2fs_write_end_io+0x1274/0x1740
[  312.724539][  T681]  __submit_merged_bio+0x256/0x6a0
[  312.724573][  T681]  f2fs_submit_merged_write+0x284/0x390
[  312.724605][  T681]  ? __pfx_f2fs_submit_merged_write+0x10/0x10
[  312.724649][  T681]  f2fs_sync_node_pages+0x14bf/0x1680
[  312.724695][  T681]  ? __pfx_f2fs_sync_node_pages+0x10/0x10
[  312.724718][  T681]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  312.724742][  T681]  ? __percpu_counter_sum+0x1c2/0x1e0
[  312.724808][  T681]  ? blk_start_plug+0x51/0x1b0
[  312.724833][  T681]  f2fs_write_node_pages+0x312/0x700
[  312.724857][  T681]  ? unwind_next_frame+0xa6/0x2550
[  312.724883][  T681]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[  312.724921][  T681]  ? __lock_acquire+0x6b5/0x2cf0
[  312.724948][  T681]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[  312.724975][  T681]  do_writepages+0x32e/0x550
[  312.725015][  T681]  ? reacquire_held_locks+0x104/0x190
[  312.725035][  T681]  ? writeback_sb_inodes+0x463/0x19d0
[  312.725067][  T681]  __writeback_single_inode+0x133/0x10e0
[  312.725094][  T681]  ? do_raw_spin_unlock+0xf5/0x210
[  312.725121][  T681]  writeback_sb_inodes+0x979/0x19d0
[  312.725143][  T681]  ? __lock_acquire+0x6b5/0x2cf0
[  312.725173][  T681]  ? __lock_acquire+0x6b5/0x2cf0
[  312.725217][  T681]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  312.725239][  T681]  ? do_raw_spin_lock+0x12b/0x2f0
[  312.725298][  T681]  ? rcu_is_watching+0x15/0xb0
[  312.725325][  T681]  wb_writeback+0x445/0xb00
[  312.725353][  T681]  ? queue_io+0x201/0x470
[  312.725382][  T681]  ? __pfx_wb_writeback+0x10/0x10
[  312.725405][  T681]  ? do_raw_spin_lock+0x12b/0x2f0
[  312.725442][  T681]  wb_workfn+0x3f8/0xf10
[  312.725459][  T681]  ? __lock_acquire+0x6b5/0x2cf0
[  312.725484][  T681]  ? look_up_lock_class+0x57/0x110
[  312.725529][  T681]  ? __pfx_wb_workfn+0x10/0x10
[  312.725555][  T681]  ? do_raw_spin_lock+0x12b/0x2f0
[  312.725576][  T681]  ? lock_acquire+0x106/0x350
[  312.725605][  T681]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  312.725631][  T681]  ? process_one_work+0x8b7/0x1710
[  312.725662][  T681]  ? process_one_work+0x8b7/0x1710
[  312.725703][  T681]  ? process_one_work+0x8b7/0x1710
[  312.725729][  T681]  process_one_work+0x9a3/0x1710
[  312.725775][  T681]  ? __pfx_process_one_work+0x10/0x10
[  312.725798][  T681]  ? do_raw_spin_lock+0x12b/0x2f0
[  312.725840][  T681]  worker_thread+0xba8/0x11e0
[  312.725870][  T681]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  312.725895][  T681]  ? __kthread_parkme+0x7a/0x1f0
[  312.725916][  T681]  ? __kthread_parkme+0x19c/0x1f0
[  312.725943][  T681]  kthread+0x388/0x470
[  312.725966][  T681]  ? __pfx_worker_thread+0x10/0x10
[  312.725990][  T681]  ? __pfx_kthread+0x10/0x10
[  312.726014][  T681]  ret_from_fork+0x51e/0xb90
[  312.726046][  T681]  ? __pfx_ret_from_fork+0x10/0x10
[  312.726071][  T681]  ? __switch_to+0xc7d/0x1420
[  312.726101][  T681]  ? __pfx_kthread+0x10/0x10
[  312.726126][  T681]  ret_from_fork_asm+0x1a/0x30
[  312.726165][  T681]  </TASK>
[  313.091138][  T681] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  313.098386][  T681] CPU: 0 UID: 0 PID: 681 Comm: kworker/u8:7 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  313.098418][  T681] Tainted: [L]=SOFTLOCKUP
[  313.098425][  T681] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  313.098437][  T681] Workqueue: writeback wb_workfn (flush-7:0)
[  313.098469][  T681] Call Trace:
[  313.098476][  T681]  <TASK>
[  313.098485][  T681]  dump_stack_lvl+0xe8/0x150
[  313.098518][  T681]  f2fs_handle_critical_error+0x37c/0x540
[  313.098562][  T681]  f2fs_write_end_io+0x1274/0x1740
[  313.098601][  T681]  __submit_merged_bio+0x256/0x6a0
[  313.098634][  T681]  f2fs_submit_merged_write+0x284/0x390
[  313.098662][  T681]  ? __pfx_f2fs_submit_merged_write+0x10/0x10
[  313.098703][  T681]  f2fs_sync_node_pages+0x14bf/0x1680
[  313.098745][  T681]  ? __pfx_f2fs_sync_node_pages+0x10/0x10
[  313.098766][  T681]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  313.098789][  T681]  ? __percpu_counter_sum+0x1c2/0x1e0
[  313.098848][  T681]  ? blk_start_plug+0x51/0x1b0
[  313.098873][  T681]  f2fs_write_node_pages+0x312/0x700
[  313.098896][  T681]  ? unwind_next_frame+0xa6/0x2550
[  313.098921][  T681]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[  313.098957][  T681]  ? __lock_acquire+0x6b5/0x2cf0
[  313.098984][  T681]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[  313.099005][  T681]  do_writepages+0x32e/0x550
[  313.099032][  T681]  ? reacquire_held_locks+0x104/0x190
[  313.099050][  T681]  ? writeback_sb_inodes+0x463/0x19d0
[  313.099078][  T681]  __writeback_single_inode+0x133/0x10e0
[  313.099098][  T681]  ? do_raw_spin_unlock+0xf5/0x210
[  313.099120][  T681]  writeback_sb_inodes+0x979/0x19d0
[  313.099137][  T681]  ? __lock_acquire+0x6b5/0x2cf0
[  313.099162][  T681]  ? __lock_acquire+0x6b5/0x2cf0
[  313.099201][  T681]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  313.099219][  T681]  ? do_raw_spin_lock+0x12b/0x2f0
[  313.099273][  T681]  ? rcu_is_watching+0x15/0xb0
[  313.099298][  T681]  wb_writeback+0x445/0xb00
[  313.099321][  T681]  ? queue_io+0x201/0x470
[  313.099348][  T681]  ? __pfx_wb_writeback+0x10/0x10
[  313.099367][  T681]  ? do_raw_spin_lock+0x12b/0x2f0
[  313.099400][  T681]  wb_workfn+0x3f8/0xf10
[  313.099415][  T681]  ? __lock_acquire+0x6b5/0x2cf0
[  313.099435][  T681]  ? look_up_lock_class+0x57/0x110
[  313.099471][  T681]  ? __pfx_wb_workfn+0x10/0x10
[  313.099491][  T681]  ? do_raw_spin_lock+0x12b/0x2f0
[  313.099508][  T681]  ? lock_acquire+0x106/0x350
[  313.099543][  T681]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  313.099564][  T681]  ? process_one_work+0x8b7/0x1710
[  313.099588][  T681]  ? process_one_work+0x8b7/0x1710
[  313.099621][  T681]  ? process_one_work+0x8b7/0x1710
[  313.099646][  T681]  process_one_work+0x9a3/0x1710
[  313.099696][  T681]  ? __pfx_process_one_work+0x10/0x10
[  313.099720][  T681]  ? do_raw_spin_lock+0x12b/0x2f0
[  313.099753][  T681]  worker_thread+0xba8/0x11e0
[  313.099776][  T681]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  313.099795][  T681]  ? __kthread_parkme+0x7a/0x1f0
[  313.099811][  T681]  ? __kthread_parkme+0x19c/0x1f0
[  313.099831][  T681]  kthread+0x388/0x470
[  313.099849][  T681]  ? __pfx_worker_thread+0x10/0x10
[  313.099861][  T681]  ? __pfx_kthread+0x10/0x10
[  313.099879][  T681]  ret_from_fork+0x51e/0xb90
[  313.099903][  T681]  ? __pfx_ret_from_fork+0x10/0x10
[  313.099921][  T681]  ? __switch_to+0xc7d/0x1420
[  313.099944][  T681]  ? __pfx_kthread+0x10/0x10
[  313.099962][  T681]  ret_from_fork_asm+0x1a/0x30
[  313.099996][  T681]  </TASK>
[  313.100093][  T681] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  313.448674][  T681] CPU: 0 UID: 0 PID: 681 Comm: kworker/u8:7 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  313.448707][  T681] Tainted: [L]=SOFTLOCKUP
[  313.448714][  T681] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  313.448724][  T681] Workqueue: writeback wb_workfn (flush-7:0)
[  313.448753][  T681] Call Trace:
[  313.448760][  T681]  <TASK>
[  313.448769][  T681]  dump_stack_lvl+0xe8/0x150
[  313.448798][  T681]  f2fs_handle_critical_error+0x37c/0x540
[  313.448830][  T681]  f2fs_write_end_io+0x1274/0x1740
[  313.448866][  T681]  __submit_merged_bio+0x256/0x6a0
[  313.448896][  T681]  f2fs_submit_merged_write+0x284/0x390
[  313.448925][  T681]  ? __pfx_f2fs_submit_merged_write+0x10/0x10
[  313.448963][  T681]  f2fs_sync_node_pages+0x14bf/0x1680
[  313.449002][  T681]  ? __pfx_f2fs_sync_node_pages+0x10/0x10
[  313.449023][  T681]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  313.449046][  T681]  ? __percpu_counter_sum+0x1c2/0x1e0
[  313.449104][  T681]  ? blk_start_plug+0x51/0x1b0
[  313.449128][  T681]  f2fs_write_node_pages+0x312/0x700
[  313.449151][  T681]  ? unwind_next_frame+0xa6/0x2550
[  313.449178][  T681]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[  313.449213][  T681]  ? __lock_acquire+0x6b5/0x2cf0
[  313.449240][  T681]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[  313.449266][  T681]  do_writepages+0x32e/0x550
[  313.449295][  T681]  ? reacquire_held_locks+0x104/0x190
[  313.449315][  T681]  ? writeback_sb_inodes+0x463/0x19d0
[  313.449345][  T681]  __writeback_single_inode+0x133/0x10e0
[  313.449370][  T681]  ? do_raw_spin_unlock+0xf5/0x210
[  313.449383][T10034] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a84ec018, mo2=0002]
[  313.449397][  T681]  writeback_sb_inodes+0x979/0x19d0
[  313.449420][  T681]  ? __lock_acquire+0x6b5/0x2cf0
[  313.449445][  T681]  ? __lock_acquire+0x6b5/0x2cf0
[  313.449488][  T681]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  313.449526][  T681]  ? do_raw_spin_lock+0x12b/0x2f0
[  313.449585][  T681]  ? rcu_is_watching+0x15/0xb0
[  313.449617][  T681]  wb_writeback+0x445/0xb00
[  313.449646][  T681]  ? queue_io+0x201/0x470
[  313.449677][  T681]  ? __pfx_wb_writeback+0x10/0x10
[  313.449699][  T681]  ? do_raw_spin_lock+0x12b/0x2f0
[  313.449737][  T681]  wb_workfn+0x3f8/0xf10
[  313.449755][  T681]  ? __lock_acquire+0x6b5/0x2cf0
[  313.449780][  T681]  ? look_up_lock_class+0x57/0x110
[  313.449821][  T681]  ? __pfx_wb_workfn+0x10/0x10
[  313.449845][  T681]  ? do_raw_spin_lock+0x12b/0x2f0
[  313.449866][  T681]  ? lock_acquire+0x106/0x350
[  313.449893][  T681]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  313.449919][  T681]  ? process_one_work+0x8b7/0x1710
[  313.449948][  T681]  ? process_one_work+0x8b7/0x1710
[  313.449985][  T681]  ? process_one_work+0x8b7/0x1710
[  313.450011][  T681]  process_one_work+0x9a3/0x1710
[  313.450058][  T681]  ? __pfx_process_one_work+0x10/0x10
[  313.450082][  T681]  ? do_raw_spin_lock+0x12b/0x2f0
[  313.450121][  T681]  worker_thread+0xba8/0x11e0
[  313.450148][  T681]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  313.450173][  T681]  ? __kthread_parkme+0x7a/0x1f0
[  313.450192][  T681]  ? __kthread_parkme+0x19c/0x1f0
[  313.450217][  T681]  kthread+0x388/0x470
[  313.450240][  T681]  ? __pfx_worker_thread+0x10/0x10
[  313.450257][  T681]  ? __pfx_kthread+0x10/0x10
[  313.450280][  T681]  ret_from_fork+0x51e/0xb90
[  313.450309][  T681]  ? __pfx_ret_from_fork+0x10/0x10
[  313.450334][  T681]  ? __switch_to+0xc7d/0x1420
[  313.450362][  T681]  ? __pfx_kthread+0x10/0x10
[  313.450385][  T681]  ret_from_fork_asm+0x1a/0x30
[  313.450420][  T681]  </TASK>
[  313.450440][  T681] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  313.472826][T10034] System zones: 1-3, 19-19, 35-36
[  313.854535][T10034] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback.
[  313.896882][T10034] ext4 filesystem being mounted at /259/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  313.915114][T10052] bond1: option mode: invalid value (8)
[  313.941755][T10052] bond1 (unregistering): Released all slaves
[  313.988064][T10034] EXT4-fs warning (device loop4): verify_group_input:156: Last group not full
[  314.030534][ T5841] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  314.220909][T10048] loop2: detected capacity change from 0 to 32768
[  314.329872][T10048] XFS (loop2): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  314.454211][T10075] loop3: detected capacity change from 0 to 512
[  314.455211][T10048] XFS (loop2): Ending clean mount
[  314.531149][T10075] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  314.571931][T10048] XFS (loop2): Quotacheck needed: Please wait.
[  314.621444][T10075] ext4 filesystem being mounted at /225/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  314.912388][T10073] loop4: detected capacity change from 0 to 32768
[  314.932020][T10073] btrfs: Deprecated parameter 'usebackuproot'
[  314.965266][T10048] XFS (loop2): Quotacheck: Done.
[  314.966874][T10073] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  315.014138][T10073] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.1182 (10073)
[  315.040728][ T5838] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  315.160329][T10073] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  315.215006][T10073] BTRFS info (device loop4): using crc32c checksum algorithm
[  315.225838][T10073] BTRFS warning (device loop4): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  315.268828][ T5846] XFS (loop2): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  315.353046][T10092] loop3: detected capacity change from 0 to 4096
[  315.551809][T10073] BTRFS info (device loop4): rebuilding free space tree
[  315.641183][T10092] ntfs3(loop3): Mark volume as dirty due to NTFS errors
[  315.787120][T10073] BTRFS info (device loop4): disabling free space tree
[  315.806527][T10092] ntfs3(loop3): ino=1a, mi_enum_attr
[  315.839285][T10073] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  315.839425][T10092] ntfs3(loop3): ino=1a, mi_enum_attr
[  315.877664][T10073] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  315.936587][T10092] ntfs3(loop3): Failed to initialize $Extend/$Reparse.
[  315.983997][T10073] BTRFS info (device loop4): enabling ssd optimizations
[  316.022964][T10073] BTRFS info (device loop4): turning on flush-on-commit
[  316.055249][T10073] BTRFS info (device loop4): enabling disk space caching
[  316.069160][   T30] audit: type=1800 audit(1774273039.644:31): pid=10092 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1185" name="file1" dev="loop3" ino=30 res=0 errno=0
[  316.093100][T10092] ntfs3(loop3): ino=1e, "file1" attr_set_size_ex
[  316.095862][T10073] BTRFS info (device loop4): force clearing of disk cache
[  316.149661][T10091] ntfs3(loop3): ino=1e, "file1" attr_set_size_ex
[  316.156150][T10073] BTRFS info (device loop4): trying to use backup root at mount time
[  316.205570][T10073] BTRFS info (device loop4): force zlib compression, level 3
[  316.622848][T10105] loop5: detected capacity change from 0 to 32768
[  316.649508][ T5841] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  316.649831][T10105] xfs: Deprecated parameter 'noikeep'
[  316.698176][T10105] XFS: noikeep mount option is deprecated.
[  316.790023][T10105] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  317.074349][T10105] XFS (loop5): Ending clean mount
[  317.076340][ T1316] ieee802154 phy0 wpan0: encryption failed: -22
[  317.086341][ T1316] ieee802154 phy1 wpan1: encryption failed: -22
[  317.163762][T10105] XFS (loop5): Quotacheck needed: Please wait.
[  317.380641][T10105] XFS (loop5): Quotacheck: Done.
[  317.575101][T10119] loop2: detected capacity change from 0 to 32768
[  317.588176][T10119] xfs: Deprecated parameter 'attr2'
[  317.600763][T10119] XFS: attr2 mount option is deprecated.
[  317.662291][T10119] XFS (loop2): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  317.729744][T10119] XFS (loop2): Ending clean mount
[  317.788025][T10119] XFS (loop2): Quotacheck needed: Please wait.
[  317.971817][T10119] XFS (loop2): Quotacheck: Done.
[  318.056727][ T9126] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  318.097767][ T5956] usb 4-1: new high-speed USB device number 21 using dummy_hcd
[  318.295927][ T5956] usb 4-1: Using ep0 maxpacket: 16
[  318.305573][ T5846] XFS (loop2): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  318.307367][ T5956] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0xD has an invalid bInterval 0, changing to 7
[  318.332402][ T5956] usb 4-1: New USB device found, idVendor=4752, idProduct=0011, bcdDevice=32.4f
[  318.360987][ T5956] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  318.370746][ T5956] usb 4-1: Product: syz
[  318.380056][ T5956] usb 4-1: Manufacturer: syz
[  318.398954][ T5956] usb 4-1: SerialNumber: syz
[  318.410010][ T5956] usb 4-1: config 0 descriptor??
[  318.437203][ T5956] hub 4-1:0.0: bad descriptor, ignoring hub
[  318.445912][ T5956] hub 4-1:0.0: probe with driver hub failed with error -5
[  318.473531][ T5956] usb 4-1: Quirk or no altset; falling back to MIDI 1.0
[  318.746051][T10163] netlink: 'syz.0.1203': attribute type 1 has an invalid length.
[  318.932368][ T5956] usb 4-1: USB disconnect, device number 21
[  319.423422][T10178] input: syz1 as /devices/virtual/input/input24
[  319.594805][T10164] loop5: detected capacity change from 0 to 32768
[  319.668508][T10164] XFS (loop5): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  319.749843][T10195] loop4: detected capacity change from 0 to 128
[  319.845103][T10195] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  319.895391][T10164] XFS (loop5): Ending clean mount
[  319.962407][T10174] loop2: detected capacity change from 0 to 32768
[  319.983661][T10195] ext4 filesystem being mounted at /269/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  320.070574][T10174] XFS (loop2): Mounting V5 Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[  320.087587][   T30] audit: type=1800 audit(1774273043.654:32): pid=10164 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1200" name="bus" dev="loop5" ino=6153 res=0 errno=0
[  320.136776][T10212] loop0: detected capacity change from 0 to 256
[  320.220641][T10174] XFS (loop2): Ending clean mount
[  320.232034][T10212] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x32e3664b, utbl_chksum : 0xe619d30d)
[  320.280003][ T9126] XFS (loop5): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  320.314527][T10204] loop3: detected capacity change from 0 to 32768
[  320.366943][T10204] JBD2: Ignoring recovery information on journal
[  320.449113][ T5841] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  320.553109][T10204] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  320.557837][ T5846] XFS (loop2): Unmounting Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[  320.867848][T10221] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1220'.
[  320.984816][T10223] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1222'.
[  321.051799][ T5838] ocfs2: Unmounting device (7,3) on (node local)
[  321.236889][T10229] loop5: detected capacity change from 0 to 64
[  321.347815][T10233] loop0: detected capacity change from 0 to 128
[  321.376782][T10233] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  321.408278][T10233] ext4 filesystem being mounted at /252/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  321.469415][ T5956] usb 5-1: new full-speed USB device number 22 using dummy_hcd
[  321.566362][T10237] loop3: detected capacity change from 0 to 4096
[  321.632354][T10237] ntfs3(loop3): ino=3, ntfs_set_state failed, -22.
[  321.652043][ T5956] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  321.655563][T10237] ntfs3(loop3): Failed to initialize $Extend/$ObjId.
[  321.678865][ T5956] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  321.700901][ T5840] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  321.718995][ T5956] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  321.740214][ T5956] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  321.782383][ T5956] usb 5-1: Product: syz
[  321.790947][ T5956] usb 5-1: Manufacturer: syz
[  321.796029][ T5956] usb 5-1: SerialNumber: syz
[  321.843874][ T5956] usb 5-1: 0:2 : does not exist
[  321.924937][   T58] ntfs3(loop3): ino=3, ntfs3_write_inode failed, -22.
[  321.954894][ T5838] ntfs3(loop3): ino=3, ntfs_set_state failed, -22.
[  321.967406][ T5838] ntfs3(loop3): Mark volume as dirty due to NTFS errors
[  321.984599][ T5838] ntfs3(loop3): ino=3, ntfs_set_state failed, -22.
[  321.995090][   T58] ntfs3(loop3): ino=3, ntfs3_write_inode failed, -22.
[  322.028605][ T5956] usb 5-1: 5:0: failed to get current value for ch 0 (-22)
[  322.037118][T10247] loop2: detected capacity change from 0 to 128
[  322.234811][T10254] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  322.308273][ T5956] usb 5-1: USB disconnect, device number 22
[  322.360310][T10257] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  322.373233][T10258] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  322.406668][T10258] ext4 filesystem being mounted at /234/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  322.507791][ T5846] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  322.601361][ T5861] udevd[5861]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  322.695837][ T5919] usb 4-1: new high-speed USB device number 22 using dummy_hcd
[  323.000139][ T5919] usb 4-1: New USB device found, idVendor=04fc, idProduct=504a, bcdDevice=43.02
[  323.113527][ T5919] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  323.198410][T10267] kernel read not supported for file / 
œ7³ÏüâW)ës“§Ç!Q�öì¥fsõl{T‡rÒ)r§ÖOš˜õ2:"ôÀT+ÍŸv|�Õ²DvcŽ“ØÖ Å6Òxãc: (pid: 10267 comm: syz.5.1239)
[  323.224367][ T5919] usb 4-1: Product: syz
[  323.249818][ T5919] usb 4-1: Manufacturer: syz
[  323.279855][ T5919] usb 4-1: SerialNumber: syz
[  323.300318][   T30] audit: type=1800 audit(1774273046.874:33): pid=10267 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.1239" name=20019C1437B3CFFCC3A25729EB7393A7C721518FF6ECA56673F56C7B548772D22972A7D6084F9A98F5323A22F412C0542BCD9F767C8DD5B24476638E93D8D6A0C536D278E3633A dev="mqueue" ino=36966 res=0 errno=0
[  323.305042][ T5919] usb 4-1: config 0 descriptor??
[  323.494378][ T5919] gspca_main: sunplus-2.14.0 probing 04fc:504a
[  323.630930][T10280] netlink: 'syz.5.1243': attribute type 10 has an invalid length.
[  323.692060][T10281] netlink: 'syz.5.1243': attribute type 10 has an invalid length.
[  323.721283][T10280] team0: Port device dummy0 added
[  323.874376][T10281] team0: Port device dummy0 removed
[  323.926256][T10285] set_capacity_and_notify: 3 callbacks suppressed
[  323.926277][T10285] loop4: detected capacity change from 0 to 4096
[  323.987276][T10273] loop2: detected capacity change from 0 to 32768
[  323.992765][T10281] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  324.013421][T10285] ntfs3(loop4): Failed to initialize $Extend/$ObjId.
[  324.035884][T10273] XFS (loop2): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  324.120407][T10273] XFS (loop2): Ending clean mount
[  324.409614][T10301] loop4: detected capacity change from 0 to 128
[  324.476997][ T5846] XFS (loop2): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  324.508546][ T5919] gspca_sunplus: reg_w_riv err -71
[  324.529865][ T5919] sunplus 4-1:0.0: probe with driver sunplus failed with error -71
[  324.603559][ T5919] usb 4-1: USB disconnect, device number 22
[  324.642002][T10304] team_slave_0: entered promiscuous mode
[  324.650488][T10304] team_slave_1: entered promiscuous mode
[  324.685336][T10304] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  325.469298][T10305] 8021q: adding VLAN 0 to HW filter on device macvlan3
[  325.755163][T10316] loop2: detected capacity change from 0 to 512
[  325.794788][T10318] netlink: 36 bytes leftover after parsing attributes in process `syz.5.1254'.
[  325.861275][T10316] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  325.864833][T10318] xt_CT: You must specify a L4 protocol and not use inversions on it
[  325.908160][T10326] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1256'.
[  325.915329][T10316] ext4 filesystem being mounted at /236/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  326.031833][   T30] audit: type=1804 audit(1774273049.594:34): pid=10316 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.1250" name="/newroot/236/file0/file1" dev="loop2" ino=15 res=1 errno=0
[  326.103906][ T5846] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  326.250964][T10335] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1260'.
[  326.549434][T10325] loop3: detected capacity change from 0 to 32768
[  326.606833][T10325] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.1257 (10325)
[  326.632134][T10351] loop2: detected capacity change from 0 to 512
[  326.658736][T10349] loop0: detected capacity change from 0 to 512
[  326.677898][T10325] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  326.696762][T10325] BTRFS info (device loop3): using sha256 checksum algorithm
[  326.785801][T10351] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  327.214578][T10349] EXT4-fs error (device loop0): ext4_orphan_get:1391: inode #15: comm syz.0.1264: inode has both inline data and extents flags
[  327.258294][T10351] ext4 filesystem being mounted at /238/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  327.273513][T10349] loop0: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117
[  327.273905][T10349] EXT4-fs error (device loop0): ext4_orphan_get:1396: comm syz.0.1264: couldn't read orphan inode 15 (err -117)
[  327.275455][    C1] EXT4-fs (loop0): error count since last fsck: 1
[  327.301408][    C1] EXT4-fs (loop0): initial error at time 1774273050: ext4_orphan_get:1391: inode 15
[  327.310878][    C1] EXT4-fs (loop0): last error at time 1774273050: ext4_orphan_get:1391: inode 15
[  327.445915][T10349] loop0: lost filesystem error report for type 5 error -117
[  327.456667][T10349] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  327.477214][T10325] BTRFS info (device loop3): enabling ssd optimizations
[  327.481293][T10375] EXT4-fs (loop2): shut down requested (2)
[  327.484178][T10325] BTRFS info (device loop3): turning on async discard
[  327.484201][T10325] BTRFS info (device loop3): enabling free space tree
[  327.615247][ T5838] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  327.737411][T10351] Quota error (device loop2): write_blk: dquota write failed
[  327.820659][T10351] Quota error (device loop2): qtree_write_dquot: Error -5 occurred while creating quota
[  327.827249][T10381] syzkaller1: entered promiscuous mode
[  327.850831][T10381] syzkaller1: entered allmulticast mode
[  328.043116][ T5846] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  328.067661][ T5840] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  328.294076][T10388] syzkaller1: entered promiscuous mode
[  328.321522][T10388] syzkaller1: entered allmulticast mode
[  328.553718][T10393] loop5: detected capacity change from 0 to 2048
[  328.600945][T10393] NILFS (loop5): broken superblock, retrying with spare superblock (blocksize = 1024)
[  328.652065][T10399] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  328.829287][   T30] audit: type=1800 audit(1774273052.394:35): pid=10393 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1274" name="file2" dev="loop5" ino=16 res=0 errno=0
[  328.896038][T10400] NILFS error (device loop5): nilfs_lookup: deleted inode referenced: 12
[  328.986789][T10400] Remounting filesystem read-only
[  329.909028][T10419] loop3: detected capacity change from 0 to 64
[  329.948542][T10419] hfs: unable to locate alternate MDB
[  329.980693][T10419] hfs: continuing without an alternate MDB
[  330.165536][ T3526] hfs: new node 0 already hashed?
[  330.190282][ T3526] ------------[ cut here ]------------
[  330.196292][ T3526] 1
[  330.196322][ T3526] WARNING: fs/hfs/bnode.c:520 at hfs_bnode_create+0x461/0x4f0, CPU#0: kworker/u8:11/3526
[  330.209203][ T3526] Modules linked in:
[  330.215814][ T3526] CPU: 0 UID: 0 PID: 3526 Comm: kworker/u8:11 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  330.227752][ T3526] Tainted: [L]=SOFTLOCKUP
[  330.232093][ T3526] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  330.242745][ T3526] Workqueue: writeback wb_workfn (flush-7:3)
[  330.249268][ T3526] RIP: 0010:hfs_bnode_create+0x461/0x4f0
[  330.254950][ T3526] Code: e8 8b 89 ee e8 60 7e 79 fe e9 cf fc ff ff e8 a6 0e 18 ff 4c 89 ef e8 fe 23 05 09 48 c7 c7 c0 19 e8 8b 89 ee e8 40 7e 79 fe 90 <0f> 0b 90 eb b0 44 89 f1 80 e1 07 80 c1 03 38 c1 0f 8c d6 fb ff ff
[  330.277037][ T3526] RSP: 0018:ffffc9000db5ecc0 EFLAGS: 00010246
[  330.283133][ T3526] RAX: 000000000000001f RBX: ffff888049eea000 RCX: b42c0e8149663800
[  330.291324][ T3526] RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000
[  330.299380][ T3526] RBP: 0000000000000000 R08: ffffc9000db5ea47 R09: 1ffff92001b6bd48
[  330.307412][ T3526] R10: dffffc0000000000 R11: fffff52001b6bd49 R12: 0000000000000000
[  330.315465][ T3526] R13: ffff888049eea0d8 R14: ffff888078b90e00 R15: dffffc0000000000
[  330.324327][ T3526] FS:  0000000000000000(0000) GS:ffff888125448000(0000) knlGS:0000000000000000
[  330.333899][ T3526] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  330.340601][ T3526] CR2: 0000001b2ed23ffc CR3: 000000007b734000 CR4: 00000000003526f0
[  330.348706][ T3526] Call Trace:
[  330.352005][ T3526]  <TASK>
[  330.354954][ T3526]  ? do_raw_spin_unlock+0xf5/0x210
[  330.360183][ T3526]  hfs_bmap_alloc+0x5c1/0x650
[  330.364892][ T3526]  ? __pfx_hfs_bmap_alloc+0x10/0x10
[  330.370177][ T3526]  hfs_btree_inc_height+0x100/0xad0
[  330.375447][ T3526]  ? __pfx_folio_mark_accessed+0x10/0x10
[  330.381150][ T3526]  ? __pfx_hfs_btree_inc_height+0x10/0x10
[  330.386970][ T3526]  ? do_raw_spin_unlock+0xf5/0x210
[  330.392116][ T3526]  hfs_brec_insert+0x7ef/0xc90
[  330.397028][ T3526]  ? __pfx_hfs_brec_insert+0x10/0x10
[  330.402351][ T3526]  __hfs_ext_write_extent+0x2a1/0x470
[  330.407867][ T3526]  hfs_ext_write_extent+0x17e/0x210
[  330.413144][ T3526]  ? __pfx_hfs_ext_write_extent+0x10/0x10
[  330.418956][ T3526]  ? __lock_acquire+0x6b5/0x2cf0
[  330.423931][ T3526]  hfs_write_inode+0x117/0x960
[  330.429663][ T3526]  ? __pfx_hfs_write_inode+0x10/0x10
[  330.435006][ T3526]  ? do_raw_spin_unlock+0xf5/0x210
[  330.440754][ T3526]  __writeback_single_inode+0x75a/0x10e0
[  330.446529][ T3526]  writeback_sb_inodes+0x979/0x19d0
[  330.451793][ T3526]  ? __lock_acquire+0x6b5/0x2cf0
[  330.456862][ T3526]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  330.462551][ T3526]  ? do_raw_spin_lock+0x12b/0x2f0
[  330.467651][ T3526]  ? rcu_is_watching+0x15/0xb0
[  330.472442][ T3526]  wb_writeback+0x445/0xb00
[  330.477048][ T3526]  ? queue_io+0x201/0x470
[  330.481402][ T3526]  ? __pfx_wb_writeback+0x10/0x10
[  330.486591][ T3526]  ? do_raw_spin_lock+0x12b/0x2f0
[  330.491675][ T3526]  wb_workfn+0x3f8/0xf10
[  330.496006][ T3526]  ? __lock_acquire+0x6b5/0x2cf0
[  330.500969][ T3526]  ? look_up_lock_class+0x57/0x110
[  330.506156][ T3526]  ? __pfx_wb_workfn+0x10/0x10
[  330.510977][ T3526]  ? do_raw_spin_lock+0x12b/0x2f0
[  330.516089][ T3526]  ? lock_acquire+0x106/0x350
[  330.520787][ T3526]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  330.526245][ T3526]  ? process_one_work+0x8b7/0x1710
[  330.532313][ T3526]  ? process_one_work+0x8b7/0x1710
[  330.537968][ T3526]  ? process_one_work+0x8b7/0x1710
[  330.543110][ T3526]  process_one_work+0x9a3/0x1710
[  330.548201][ T3526]  ? __pfx_process_one_work+0x10/0x10
[  330.553602][ T3526]  ? do_raw_spin_lock+0x12b/0x2f0
[  330.558712][ T3526]  worker_thread+0xba8/0x11e0
[  330.563446][ T3526]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  330.569495][ T3526]  ? __kthread_parkme+0x7a/0x1f0
[  330.574475][ T3526]  ? __kthread_parkme+0x19c/0x1f0
[  330.579614][ T3526]  kthread+0x388/0x470
[  330.583705][ T3526]  ? __pfx_worker_thread+0x10/0x10
[  330.588980][ T3526]  ? __pfx_kthread+0x10/0x10
[  330.593618][ T3526]  ret_from_fork+0x51e/0xb90
[  330.598459][ T3526]  ? __pfx_ret_from_fork+0x10/0x10
[  330.603602][ T3526]  ? __switch_to+0xc7d/0x1420
[  330.608379][ T3526]  ? __pfx_kthread+0x10/0x10
[  330.613025][ T3526]  ret_from_fork_asm+0x1a/0x30
[  330.617867][ T3526]  </TASK>
[  330.620903][ T3526] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  330.628184][ T3526] CPU: 0 UID: 0 PID: 3526 Comm: kworker/u8:11 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  330.639293][ T3526] Tainted: [L]=SOFTLOCKUP
[  330.643606][ T3526] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  330.653654][ T3526] Workqueue: writeback wb_workfn (flush-7:3)
[  330.659654][ T3526] Call Trace:
[  330.662950][ T3526]  <TASK>
[  330.665876][ T3526]  vpanic+0x56c/0xa60
[  330.669907][ T3526]  ? __pfx__printk+0x10/0x10
[  330.674490][ T3526]  ? __pfx_vpanic+0x10/0x10
[  330.678987][ T3526]  ? is_bpf_text_address+0x292/0x2b0
[  330.684268][ T3526]  ? is_bpf_text_address+0x26/0x2b0
[  330.689468][ T3526]  panic+0xc5/0xd0
[  330.693187][ T3526]  ? __pfx_panic+0x10/0x10
[  330.697609][ T3526]  ? ret_from_fork_asm+0x1a/0x30
[  330.702539][ T3526]  __warn+0x315/0x4c0
[  330.706515][ T3526]  ? hfs_bnode_create+0x461/0x4f0
[  330.711537][ T3526]  ? hfs_bnode_create+0x461/0x4f0
[  330.716555][ T3526]  __report_bug+0x29a/0x540
[  330.721058][ T3526]  ? preempt_schedule_thunk+0x16/0x30
[  330.726427][ T3526]  ? hfs_bnode_create+0x461/0x4f0
[  330.731441][ T3526]  ? __pfx___report_bug+0x10/0x10
[  330.736471][ T3526]  ? __wake_up_klogd+0xe6/0x120
[  330.741320][ T3526]  ? vprintk_emit+0x4eb/0x560
[  330.745990][ T3526]  ? __pfx_vprintk_emit+0x10/0x10
[  330.751017][ T3526]  ? hfs_bnode_create+0x461/0x4f0
[  330.756036][ T3526]  report_bug+0x16a/0x220
[  330.760364][ T3526]  ? hfs_bnode_create+0x461/0x4f0
[  330.765379][ T3526]  ? hfs_bnode_create+0x463/0x4f0
[  330.770400][ T3526]  handle_bug+0x9c/0x200
[  330.774643][ T3526]  exc_invalid_op+0x1a/0x50
[  330.779154][ T3526]  asm_exc_invalid_op+0x1a/0x20
[  330.784099][ T3526] RIP: 0010:hfs_bnode_create+0x461/0x4f0
[  330.789740][ T3526] Code: e8 8b 89 ee e8 60 7e 79 fe e9 cf fc ff ff e8 a6 0e 18 ff 4c 89 ef e8 fe 23 05 09 48 c7 c7 c0 19 e8 8b 89 ee e8 40 7e 79 fe 90 <0f> 0b 90 eb b0 44 89 f1 80 e1 07 80 c1 03 38 c1 0f 8c d6 fb ff ff
[  330.809355][ T3526] RSP: 0018:ffffc9000db5ecc0 EFLAGS: 00010246
[  330.815425][ T3526] RAX: 000000000000001f RBX: ffff888049eea000 RCX: b42c0e8149663800
[  330.823392][ T3526] RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000
[  330.831360][ T3526] RBP: 0000000000000000 R08: ffffc9000db5ea47 R09: 1ffff92001b6bd48
[  330.839328][ T3526] R10: dffffc0000000000 R11: fffff52001b6bd49 R12: 0000000000000000
[  330.847356][ T3526] R13: ffff888049eea0d8 R14: ffff888078b90e00 R15: dffffc0000000000
[  330.855344][ T3526]  ? do_raw_spin_unlock+0xf5/0x210
[  330.860462][ T3526]  hfs_bmap_alloc+0x5c1/0x650
[  330.865145][ T3526]  ? __pfx_hfs_bmap_alloc+0x10/0x10
[  330.870355][ T3526]  hfs_btree_inc_height+0x100/0xad0
[  330.875596][ T3526]  ? __pfx_folio_mark_accessed+0x10/0x10
[  330.881227][ T3526]  ? __pfx_hfs_btree_inc_height+0x10/0x10
[  330.886943][ T3526]  ? do_raw_spin_unlock+0xf5/0x210
[  330.892052][ T3526]  hfs_brec_insert+0x7ef/0xc90
[  330.896824][ T3526]  ? __pfx_hfs_brec_insert+0x10/0x10
[  330.902115][ T3526]  __hfs_ext_write_extent+0x2a1/0x470
[  330.907492][ T3526]  hfs_ext_write_extent+0x17e/0x210
[  330.912688][ T3526]  ? __pfx_hfs_ext_write_extent+0x10/0x10
[  330.918414][ T3526]  ? __lock_acquire+0x6b5/0x2cf0
[  330.923358][ T3526]  hfs_write_inode+0x117/0x960
[  330.928120][ T3526]  ? __pfx_hfs_write_inode+0x10/0x10
[  330.933420][ T3526]  ? do_raw_spin_unlock+0xf5/0x210
[  330.938562][ T3526]  __writeback_single_inode+0x75a/0x10e0
[  330.944201][ T3526]  writeback_sb_inodes+0x979/0x19d0
[  330.949396][ T3526]  ? __lock_acquire+0x6b5/0x2cf0
[  330.954360][ T3526]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  330.959987][ T3526]  ? do_raw_spin_lock+0x12b/0x2f0
[  330.965036][ T3526]  ? rcu_is_watching+0x15/0xb0
[  330.969809][ T3526]  wb_writeback+0x445/0xb00
[  330.974336][ T3526]  ? queue_io+0x201/0x470
[  330.978686][ T3526]  ? __pfx_wb_writeback+0x10/0x10
[  330.983716][ T3526]  ? do_raw_spin_lock+0x12b/0x2f0
[  330.988754][ T3526]  wb_workfn+0x3f8/0xf10
[  330.992990][ T3526]  ? __lock_acquire+0x6b5/0x2cf0
[  330.997927][ T3526]  ? look_up_lock_class+0x57/0x110
[  331.003051][ T3526]  ? __pfx_wb_workfn+0x10/0x10
[  331.007814][ T3526]  ? do_raw_spin_lock+0x12b/0x2f0
[  331.012831][ T3526]  ? lock_acquire+0x106/0x350
[  331.017527][ T3526]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  331.022895][ T3526]  ? process_one_work+0x8b7/0x1710
[  331.028009][ T3526]  ? process_one_work+0x8b7/0x1710
[  331.033125][ T3526]  ? process_one_work+0x8b7/0x1710
[  331.038257][ T3526]  process_one_work+0x9a3/0x1710
[  331.043209][ T3526]  ? __pfx_process_one_work+0x10/0x10
[  331.048578][ T3526]  ? do_raw_spin_lock+0x12b/0x2f0
[  331.053614][ T3526]  worker_thread+0xba8/0x11e0
[  331.058287][ T3526]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  331.064089][ T3526]  ? __kthread_parkme+0x7a/0x1f0
[  331.069018][ T3526]  ? __kthread_parkme+0x19c/0x1f0
[  331.074043][ T3526]  kthread+0x388/0x470
[  331.078106][ T3526]  ? __pfx_worker_thread+0x10/0x10
[  331.083205][ T3526]  ? __pfx_kthread+0x10/0x10
[  331.087790][ T3526]  ret_from_fork+0x51e/0xb90
[  331.092410][ T3526]  ? __pfx_ret_from_fork+0x10/0x10
[  331.097526][ T3526]  ? __switch_to+0xc7d/0x1420
[  331.102205][ T3526]  ? __pfx_kthread+0x10/0x10
[  331.106788][ T3526]  ret_from_fork_asm+0x1a/0x30
[  331.111576][ T3526]  </TASK>
[  331.115108][ T3526] Kernel Offset: disabled
[  331.119444][ T3526] Rebooting in 86400 seconds..