last executing test programs:

9.786551042s ago: executing program 0 (id=1371):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, 0x0}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1f, 0x19, &(0x7f0000000640)=@framed={{}, [@snprintf={{}, {0x3, 0x3, 0x3, 0xa, 0xa}, {0x5}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r1}, {}, {0x85, 0x0, 0x0, 0xb3}}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000000)={r2}, 0xc)

9.735056387s ago: executing program 0 (id=1372):
syz_mount_image$f2fs(&(0x7f0000000100), &(0x7f0000010600)='./bus\x00', 0x0, &(0x7f0000000580)={[{@four_active_logs}, {@fastboot}, {@test_dummy_encryption}, {@fsync_mode_strict}]}, 0x1, 0x1059a, &(0x7f0000020c40)="$eJzs3M1rI2UcB/Bftu6r61pkX/TkgAgNmNC03aIgUnUXXbBL8eXgSdNkGrKbZEqTvrhnPemf4FUQ8ebf4MV/Y/EgeBK8rSiZmcpW96A226zbzwem32eePPPL84RcnkyZAI6t2eTXXypxIc5GxExEnI/I25XyyK0U8WxEPB8RJ+47KmX/nx2nIuJcRFwYFy9qVsqXln+7e++r5268+vk3d6uNn77+cnqrBqbtxYjobxbt3X6RWafIW2V/c6ebZ39pp8zihf7t8jwrcjddzyvsNvfHNfNc7BTjs83t4Tg3es3WODvdjbx/c1C84XCns18nv+BWcys/b6freXaHWZ6dO8W89sq8MxwVddplvU/y8jEa7WfRn+6lxXo2b+fZGozK/qJu1k73xrlTZvl20cp67Xwe6//5Y37kvdMdbO8lO+nWsJsNkqv1xsv1xnKtsZW101G6VGv228tLyVynNx5WG6XN/konyzq9tN7K+tVkrtNq1RqNZO5aut5tDpJGo75Yn69drZatl5K3bn6Q9NrJ3Djf6A62R93eMNnItpLiimqyUF98pZq80EjeW11L1t69fn117f2Prn148/XVG2+Wg/42rWRuYX5hodaYry00qtZ/GJXDXc5x5wsE8K/Z/wPTYP9v/x/2v8d+/bZvHIovEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAsfXjye/ezhuzxfmTZf9TZdczEXElIi5HxKWI+P0BZuLUgZoXI6JSth80/uRf5vB9JfIK42tOl8e5iFgpj3tPP+xPAQAAAB5f3/7w6WcRM+Nm/ue1aU+Io1T+aHNmUvXyn3yemFS1i3mxvQlVu7RfciIuR8TJ2Z8nVO1KRJw4//GEqv0jMwfizH1RKeLEUc4GAAA4Ggd3AhPbvQEAAPDI+WLaE2A68vu15f/il/eCTxdR3hA8e+AMAAAA+B+qTHsCAAAAwEOX7/89/w8AAAAeb8Xz/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgD/YuZfcNGI4DsB/oFPoS0UVj6uwqrpkwSF6hC57gPY22XGGSIhzkF2OEEHEjIMyhN2YAZHvkwbbI/jJRmJhmzEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACc00OxnN+t//1vmrPdNZNnNAAAAMApm2I5LyvDqv0l3f+Wbv2IiGlETCJiHBGn5u69+FjLHEVEJ9VPvb846sN9RJmw/0w/XZ8j4le6nr6f+1sAAACA27VezRYRvX21fPl5qPEOpEWbQa68csnnQ660URn2N1Pa+CUyi0lEFMPHTGnTiOh+/Z1arfz+erVi8KroVEW3jV4AAADtqs8Ess3eAAAAuDp/Lt0BLqPcr03/xU97wf2qSBuCn2otAAAA4HodP21/0Gm3HwAAAMAFlPP/N+f/pVUB5/8BAADAbajO/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCcNsVyvl7NFk1ztrtm8owGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAntmfdxQIgTAIg73r+06D9z+WNGhqalIFwsffGAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALz53V/+T0yNM8nca2PpeSRZOzW2To29c+PoD+Pr1wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXOzP3QmEQBCEwb7zP6fF/MOSBo1BhCpY+JhhHhYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+KLf/fJ/YmqcSeZOG0vHI8naVWPrqrH3oHH0YLz9GwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4GIHDgQAAAAAgPxfG6GqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoKO3AgAAAAAADk/9oIVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVdiBAwEAAAAAIP/XRqiqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrCDhwIAAAAAAD5vzZCVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVFXbgQAAAAAAAyP+1EaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwAwcCAAAAAED+r41QVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhR04EAAAAAAA8n9thKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqirswIEAAAAAAJD/ayNUVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYQcOBAAAAACA/F8boaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgr7c2+bMBDGcfi1kyhxm4yQ3uJjBhoqBCPwISFZ8gwMwEI0VLQWi8AKIOCgpTMFz9P8fzpdcQcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7+n09MZHRGSfj8wjH67+DpeDr8jXTTP4vma2Oe7rn1tOtrtRyt8Y/xcRUUTWwm8AANpX3jfFYlnNO2m7aXtp+2nLaV3NXvloAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAzuzcsWpTURgA4JOkiVYnRyuI4KCLjU2sRsjiUOguCLqFNpZiqpJmaEuXPoHo5Oor2E1fwRcQHLTg4NBBwUUQJclNeoJBUoR7Q/0++O/9c4dzz8kQ+O9/bgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgWA73wtlBngshzM0c5V3vv+6ujDu/ffZhbhBf7ry5GI/ZHaIYQni43mpeT3Et025ze+dRo9VqtiUSiWSYZP3LBADASVNMolvXfyruL3ev5eoh/Ho1Wv9fifLwl/r/88vzFwbxc+tdJ75XXP8vpLbC6VfubDwtb27vXFvfaKw115qPq9XK4s3FG7dvVcq9ZyVlT0wAAAD4N6Uk4vo/X/+z/38mysOE9f+9pQf343sV1P9jHTX9sp4JAADA/+3cpe/fcmOu50qlsNXodNoL/ePwc6V/zGCqx3Yqibj+L9SznhUAAACQhsO93Ej/fzXKw4T9//nXuwfxmIUQwmzS/59fedJaTW85Uy2N14mzXiMAAADZmk0i7v8Xe/v/88MtD/kQwtXL/Tz5G8CJ6v+PL+6OvLQe7/+vprfEqZSv9b+P3rkWwkwt6xkBAABwkp1OolvsHxT3l9s/ni+V7P8HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDf7NgxSgNBFAbgzW5WKzFgpVZeQLSzClgIYuMhREHwBCKIBxBbS+9g6R1SK9hYWKbwBvJmd1TSBCx2lXwfTN4jDJmXSZN/AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgrun+d1/Fy6jpy/a954+rk6gvMzW8369vxop+0OXQ/9Bgr+8JAAAAWARVzvdFUbzVj4dRy3HK/3XeE5n/YaXpc56fzf25Pt29buT8f328dfl10Kg5Jz707PzidKezb/j3rc7dMUw3n569VOkHKY9u1qZ1us/B7WRysJTa5S6mBQB+YzvXtsn/h6Lu9jkYAAtj2K7iR/6vxv3OBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANCFzwAAAP//OCtiEg==")
mkdir(&(0x7f0000000400)='./file1\x00', 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800003f0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x1, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
socket$xdp(0x2c, 0x3, 0x0)
setsockopt$TIPC_GROUP_JOIN(0xffffffffffffffff, 0x10f, 0x87, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0xffffffffffffffb5)

6.26133825s ago: executing program 0 (id=1381):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1}, 0x48)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x0, &(0x7f0000000200), 0x22, 0x4cb, &(0x7f0000000540)="$eJzs3c9vG1kdAPDvTJImm81usrASPwRsWRYKqmon7m602lO5gFBVCVFx4tCGxI2i2HEUO6UJPaT/AxKVOMGfwAGJA1JP3LnBjUs5IBWoQA0SSEYzttM0sZNA0wyNPx9pNPPmOf5+X5x5b/yS+AUwtC5GxE5EXIiI2xEx3T2fdLe41tmyxz17en9x9+n9xSTa7Zt/TfL67Fzs+5rMm93nnIiI73074ofJ4bjNre3VhVqtutEtl1v19XJza/vKSn1hubpcXatU5ufmZz+++lHl1Nr6Xv2XT761cv37v/n1Fx//bucbP87SmurW7W/Haeo0fWwvTmY0Iq6/imAFGOm250LRifA/SSPiUxHxfnb9t4vOBgA4C+32dLSn95cBgPMuzefAkrTUnQuYijQtlTpzeO/GZFprNFuX7zQ215Y6c2UzMZbeWalVZ7tzhTMxlmTlufz4eblyoHw1It6JiJ+Mv5GXS4uN2lKRNz4AMMTePDD+/2O8M/4DAOfcRNEJAABnzvgPAMPH+A8Aw8f4DwDDx/gPAMPH+A8Aw8f4DwBD5bs3bmRbe7f7+ddLd7c2Vxt3ryxVm6ul+uZiabGxsV5abjSW88/sqR/3fLVGY33uw9i8V25Vm61yc2v7Vr2xuda6lX+u963q2Jm0CgA4yjvvPfpDEhE7n7yRb7FvLQdjNZxvadEJAIUZKToBoDCjRScAFMZ7fKDPEr0vOPQnQr1JwofhLgJeU5c+Z/4fhpX5fxhe5v9heHnnDsOr3U76rfmf5FUAwLlkjh/4r3//3/Pw9HMBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA18VUviVpqbsW+FSkaakU8VZEzMRYcmelVp2NiLcj4vfjY+NZea7opAGAl5T+Oemu/3Vp+oOpg7UXkn+O5/uI+NHPbv703kKrtTGXnf/b3vnWw+75ShH5AwDH6Y3TvXG859nT+4u97SzzefLNzuKiWdzd7tapGY3RfD8RYxEx+fekW+7I7ldGTiH+zoOI+Gy/9if53MhMd+XTg/Gz2G+dafz0hfhpXtfZZ9+LT59CLjBsHmX9z7V+118aF/N9/+t/Iu+hXl6v/9s91P+le/3fyID+7+JJY3z42+8MrHsQ8fnRfvGTvfjJgPgfnDD+H7/wpfcH1bV/HnEp+sffH6vcqq+Xm1vbV1bqC8vV5epapTI/Nz/78dWPKuV8jrrcm6k+7C+fXH77qPZPDog/cUz7v3rC9v/iX7d/8OUj4n/9K/1f/3ePiJ+NiV87YfyFyV8NXL47i780oP3Hvf6XTxj/8Z+2l074UADgDDS3tlcXarXqhoPTO/h3u2PAY7J7t/+XVB0UcZD9BJzG83zmFaZadM8EvGrPL/qiMwEAAAAAAAAAAAAAAAY5i394KrqNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnF//CQAA//88Atcw")
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x141842, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141842, 0x0)
write(r1, &(0x7f0000004200)="74efc4c418fdb8d66bbba727f371d056ad6f44e9762d70401d1c9d331b48b925e9e6a7759abb206b9b18bfc3f3f96adb2b37c2121ef21e91bac768dd33df29649da1d82e826a55c4d620b6f510daee26004b741c951d528d806efbe00c439f2df46d3adf8be24e280b948a49afd17d56437c6e752d84f99bf37a88f0c54488dd13b848f2381d7d2aecb68ed16762e4a3c1a847565364b9f1af92c9c89e06e89fe6179cb7078a742cb968a9f09cc690dc473df29d6ad9af5879e9a2618c63702117a3a63d3a4236baee86f5f452e9663a795306dabb97db884348ab437bdc13b7cfb03eff1cf216f09d21078e1852fc7c96413d9d65c52ce9baa6bc26de7f028738a17120de30a433c9c3c8e276f3ae5e18a1f95767fffe8e98b0c3f134f12263b01c36866d4e0e856cc14ecf50279adb9438c6219c49cae973d8e7faf33dcdeb96d7ef7e89ae828cb91df22939307bb1f7fb7392e1e24f6b63166b89937c00eb8fea0245cd93e4aa803160bd71c1a0bbb6b8285d8ab654485ab985f1dd2eb9abf53131a9680dcafe4000d3ea528dd52aba3e4ff6a3883ec614253d5627bd91522d881128328ed1e00907fa6cc48cec5268bbedd85ec02d8bac3183460dd1a27fbc06b5642473a41a6cbfb07f53deab2473b37c3d10a125d610f1b9ea5c83e7d462048f25fc1e79295eeff750a23faf5d542758c421bb0673504c9dbae2959f77", 0xffe00)
bpf$MAP_DELETE_ELEM(0x2, &(0x7f0000000400)={r0, &(0x7f0000000380), 0x20000000}, 0x20)
openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000800)=ANY=[@ANYBLOB="9feb010018000000000000002800000028000000050000000000000000000004006ee400020000000000000f02000000020000000000000e0100000000000000000061"], 0x0, 0x45}, 0x20)
r2 = syz_open_procfs(0x0, &(0x7f0000000280)='fdinfo/4\x00')
preadv(r2, &(0x7f0000000300)=[{&(0x7f00000001c0)=""/51, 0x33}], 0x1, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000800000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_QUERY(0x10, &(0x7f00000008c0)={@cgroup, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10)
syz_clone(0x4000c0fe, 0x0, 0x0, 0x0, 0x0, 0x0)

6.044934078s ago: executing program 2 (id=1385):
syz_mount_image$ext4(&(0x7f0000002080)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x2000002, &(0x7f00000020c0)={[{@lazytime}, {@noinit_itable}, {@debug}]}, 0x1, 0x544, &(0x7f0000000740)="$eJzs3c9vI1cdAPDvTH52mzZb6AEqYBcoLGi19sbbrqpe2r2AUFUJUXFAHLYh8UZh7TjETmlCJNK/ASSQOMGfwAGJA1JPHLhx5IaQygFpgQi0QaLCaMaT1M3ajds4NsSfjzQ7P1483+9Ldvye3yTzAphYVyNiPyJmI+L1iFgsjifFEi93luzrHh7srRwe7K3Ef9rt1/6W5OXZseh6Tebx4pzzEfGNr0Z8J3k0bnNn9/5yrVbdKvbLrfpmubmze2O9vrxWXatuVCq3l27ffOHW85Wh1fVK/ZcPvrL+yjd/8+tPv/P7/S//IEtroSjrrscwdao+cxwnMx0Rr5xHsDGYKtazY86DjyaNiI9FxOfy638xpvL/nQDARdZuL0Z7sXsfALjo0nwMLElLxVjAQqRpqdQZw3s6LqW1RrN1/V5je2O1M1Z2OWbSuaKv8L3835nk3nqtupSX5eX5fuXE/q2IeCoifjz3WL5fWmnUVsfT5QGAiff4ifb/n3Od9n8APe7qAQD/N+bHnQAAMHLafwCYPNp/AJg8A7T/xc3+/XPPBQAYDZ//AWDyaP8BYPJo/wFgonz91VezpX1YPP969Y2d7fuNN26sVpv3S/XtldJKY2uztNZorOXP7Kmfdr5ao7G59Fxsv1luVZutcnNn9269sb3Rups/1/tudWYktQIAPshTV97+QxIR+y8+li9hLgeYGOm4EwDGZmrcCQBjY7YvmFyDj8f/7lzzAMan58O853tuvn/Q4KcfIojfM4L/Kdc+2X/8/2TfwH0BuFiM/8Pk+mjj/y8NPQ9g9HqN/+vnw2Rot5OTc/7PHhcBABfSGf4er/3DYXVCgLE6bTLvvrfuP8z9fwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALhgFiLiu5GkpWIu8IVI01Ip4omIuBwzyb31WvVmRDwZVyJiZi7bXxp30gDAGaV/SYr5v64tPrtwsnQ2+ddcFHOCf/9nr/3kzeVWa2spO/734+NzR9OHVd573RnmFQQAhixvvyvFuuuD/MODvZWjZZT5PLgT7xZTEa8cHuzlS6dkOqbz9Xzel7j0j6TY78xF+kxETA0h/v5bEfGJ4/on77bbRfwkHxu5XMx82h0/ithPDD9+1/f/ZPz0ffHTvKyzzjpfHz9x3nQIucFF9/adiHi51/WXxtV83fv6n8/foc7uwZ3OyY7e+w674h+9/031iJ9d81cHjfHcb7/2yMH2YqfsrYhnpnvFT47jJ33iPztg/D9+6jM/eqlPWfvnEdeid/zuWOVWfbPc3Nm9sV5fXquuVTcqldtLt2++cOv5Sjkfoy4fjVQ/6q8vXn+yX25Z/S/1iT/fs/6zx6/9woD1/8W/X//2Zz8g/pc+3/vn/3TP+B1Zm/jFAeMvX/pV3+m7s/irfep/2s//+oDx3/nz7uqAXwoAjEBzZ/f+cq1W3TrTRvZpcxjnyTdmu45kKQ4lwwE3/hSji3Xqxswwv6sj3Zg+7isO98zfys444uqkQ6/FmTYejirWeN+XgPP33kU/7kwAAAAAAAAAAAAAAIB+RvGnS+OuIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABfXfwMAAP//ZbnKog==")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.numa_stat\x00', 0x275a, 0x0)
ioctl$EXT4_IOC_MOVE_EXT(r0, 0x8004587d, &(0x7f00000004c0))
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
getdents64(r1, &(0x7f0000000540)=""/239, 0xef)

5.715954994s ago: executing program 3 (id=1388):
timer_create(0x0, &(0x7f0000000680)={0x0, 0x0, 0x0, @thr={&(0x7f00000003c0)="74a0", 0x0}}, 0x0)
write$tun(0xffffffffffffffff, &(0x7f0000000240)=ANY=[@ANYBLOB="000086dd0500280008005400000060ec970001983a00fc000018c6ba35000000000000000700ff"], 0xfdef)
memfd_create(&(0x7f0000000140)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\xea7\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\xc7\xbc\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x04\xa7I\v\x86EZ\x96\xd5\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38U\xcb\xfa\xb3j\x92\f\x81\xa0\xa2-g\b\x99\x0e\x8d\x8d\x16\xd9w\\\xf8\xce\xb0j\x9d\'\x93\xef\x1d\xa0H\xcd\xbd\xd9\xaf\x12$\x8d\x16%\x8b\x00', 0x0)
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000200)=ANY=[@ANYBLOB="12010100000000105801000100000000000109022400010000002009040000010300000009210000000122dc01090589"], 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000240), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r1, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{}, 0x0, &(0x7f0000000040)}, 0x20)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_connect$printer(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="120110030000"], 0x0)
syz_usb_control_io(r0, &(0x7f00000000c0)={0x2c, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0}, 0x0)
bind$inet(0xffffffffffffffff, 0x0, 0x0)

5.544082489s ago: executing program 2 (id=1391):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x6}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = signalfd4(0xffffffffffffffff, &(0x7f0000000040), 0xffffffffffffff32, 0x0)
read$FUSE(r2, &(0x7f0000020940)={0x2020}, 0x2020)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0xfff, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x10)
r5 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
r8 = socket(0x1, 0x803, 0x0)
getsockopt$SO_BINDTODEVICE(r8, 0x1, 0x38, &(0x7f0000000000), 0x20000000)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$xdp(0x2c, 0x3, 0x0)
socket(0x10, 0x3, 0x9)
syz_genetlink_get_family_id$SEG6(&(0x7f0000000580), 0xffffffffffffffff)
setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, &(0x7f0000000440)=@raw={'raw\x00', 0x3c1, 0x3, 0x3a8, 0x0, 0x111, 0x4b4, 0x0, 0x700, 0x2d8, 0x278, 0x278, 0x2d8, 0x278, 0x3, 0x0, {[{{@ipv6={@mcast2, @empty, [], [], 'vlan0\x00', 'team_slave_0\x00', {}, {}, 0x88}, 0x0, 0x128, 0x190, 0x0, {}, [@common=@inet=@multiport={{0x50}}, @common=@unspec=@connmark={{0x30}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'netbios-ns\x00', 'syz0\x00'}}}, {{@ipv6={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @private1, [], [], 'geneve1\x00', 'erspan0\x00'}, 0x0, 0xe0, 0x148, 0x0, {}, [@common=@unspec=@statistic={{0x38}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'syz0\x00', 'syz0\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x408)

5.491389513s ago: executing program 0 (id=1392):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000000000407900060000000000000109022400010000000009040000010300000009210000000122050009058103"], 0x0)
syz_usb_control_io$hid(r2, 0x0, 0x0)
syz_usb_control_io(r2, &(0x7f0000000640)={0x2c, &(0x7f0000000300)={0x0, 0x0, 0x5, {0x5, 0x0, "9ff520"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, 0x0)

4.617745394s ago: executing program 2 (id=1400):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000180)='./file0\x00', 0x1010000, &(0x7f0000001980)=ANY=[@ANYBLOB="757466383d312c696f636861727365743d6b6f69382d722c756e695f786c6174653d302c696f636861727365743d6370313235302c757466383d302c757466383d312c757466383d302c636865636b3d72656c617865642c636865636b3d72656c617865642c757466383d302c757466383d302c73686f72746e616d653d77696e39352c73686f72746e616d653d6c6f7765722c73686f72746e616d653d6c6f7765722c73686f72746e616d653d6c6f7765722c636865636b3d7374726963742c616c6c6f775f7574696d653d30303030303030303030303030303030303030303737372c00eade9911980a28d9e64ac7143b83906e08fdc397c0249fe6c1202ecca94174f756f5b4ee6a1320dffedae492ac088fd52c782b6b1ae1e47771f3a27af913fcdc27815708b923ac65da98fe8d5dec2fc54ca63881d473f3547d482204ef00ac54c27ce9ff730eff12a28a578a27d237c3acc48429d360fc56e15b4df3421d30d7df43c6b3af973eaac4f858f9547b1e9de6575a5a101ccf4255cd30e0ab8c11b5ba2b859009818ee1b149006159e6719bc1b0ffbf3931e0"], 0x1, 0x363, &(0x7f0000000280)="$eJzs3U1oY1UbAOA3vWnSGfi+dicKQnQnaJnOTje2SAcGu1EJ/izE4HRUkiq0WGwX09aF4lJwqSt3CrpwIS5FUMSdC7eOIKPiQmc34OCR5OYmt0naaQerFJ8Hmpy+57znnPtDcntJTp9bjPal6bh8/fq1mJmpRHXxkcW4UYm5yKKwG+NqE2IAwOlwI6X4PeWOmFI54SkBACes9/7/QkQ0Yi6PvP7lYe2Td38AOPX6f/+fOazNzEEVr5zIlACAEzZ2///efdW13k+1+LVa+lQAAHBaPfH0M48urUQ83mjMRKy9udncbMZDw/qly/FSdGI1zsVs3IzILxS6D5Xe44WLK8vnGo3GTvw0F82ImOonNvMrhaWsl1+PhZiNuX5+/2ojpZRd+GRleaHRExG7O73xY62y2ZyOs/3xvz8bq8MLj6KT3lPExZXl841+B821In8nYm9436I7//mYjW+fH3STUvEJxpXlKwvFpIf5m816XBrshQPvgAAAAAAAAAAAAAAAAAAAAAAAwG2ZbwzMDdbPSd3nfKWc+fkJ9b31cfL8/vpAe/n6QKmeIqXfXnug+VYW+9YHGl2fZ9NCggAAAAAAAAAAAAAAAAAAADCwsVWLVqezur6xtd0uF3bWN7amIqIbefnrj744E+NtblGo5kPUIwZDNPrDbrdbKSsapyxiPD3rDl5EPvh0MONym/pgKyZOo35wVafzv3t+fHcYuTsrev5z2CaLyRuYlabx8EjPa//Pp3ScHTUonC9H6uOjX00plSJvlNOvPDveYVQiqsc/cNvtqTi4TeoWvrr24p3F3m99nnL33T/75NV33v+l3ep0R47eEaytb9xM7ValaHy83dLd1UWkEnmhUj4Tqoel7+2PtLLvfn3qrre/OdroqRx5tXs+j7TJ8s35eDS9lhe60xypOjNMn+5vRGd1esLJf6vCbRzTO9777MOUfvj5yEMMTY29bFT+nlcfAAAAAAAAAAAAAAAAAACgrPRd8b7+l32nD8t68LGTnxkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/HOG//+/VNjbjZHIUQp/7EzIqq+ub0TU/u3NBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgP+6vAAAA///tLFqQ")
statx(0xffffffffffffffff, 0x0, 0x800, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000940)={0x8, 0x8b}, 0x0)
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f0000000040)='./file1\x00', 0x1008002, &(0x7f0000000bc0), 0x1, 0x5d8, &(0x7f00000005c0)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x4, 0x8}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0, 0x103)
mount$cgroup(0x0, &(0x7f0000000400)='./file0\x00', 0x0, 0x0, &(0x7f0000000480)={[{@name={'name', 0x3d, 'fd'}}, {@name={'name', 0x3d, 'user_.'}}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000500)={{r3}, &(0x7f0000000400), &(0x7f00000004c0)=r4}, 0x20)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r5 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r5, 0x11b, 0x4, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r6, &(0x7f0000000100), 0xfecc)

3.206367819s ago: executing program 2 (id=1405):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000240)='./file0\x00', 0x2000480, &(0x7f00000002c0)={[{@jqfmt_vfsv0}, {@nogrpid}]}, 0x1, 0x792, &(0x7f0000000f80)="$eJzs3c9rHGUfAPDvbJKmSfu+yQsvaD0FBA2UbkyNrYKHigcRLBT0bLtstqFmky3ZTWlCwBYRvAgqHgS99OyPevPqj6v+Fx6kpWparHiQyGx2222zm27a/RHJ5wOTfZ6Z2TzPd5+ZZ57ZGXYC2LMm0j+ZiEMR8UESMVabn0TEUDU1GHFic73b62v5dEpiY+P135LqOrfW1/LR8J7UgVrm8Yj4/t2Iw5mt5ZZXVudzxWJhqZafqiycnyqvrB45t5CbK8wVFo9Nz8wcPf7c8WOdi/WPn1YPXv/wlae/OvHXO49dff+HJE7Ewdqyxjg6ZSImap/JUPoR3uPlThfWZ0m/K8BDSXfNgc29PA7FWAxUUy2M9LJmAEC3vB0RGwDAHpM4/gPAHlP/HuDW+lq+PvX3G4neuvFSROzfjL9+fXNzyWDtmt3+6nXQ0VvJPVdGkogY70D5ExHx2TdvfpFO0aXrkADNXLocEWfGJ7b2/8mWexZ26pntFm4MV18m7put/4Pe+TYd/zzfbPyXuTP+iSbjn+Em++7DePD+n7nWgWJaSsd/Lzbc23a7If6a8YFa7j/VMd9QcvZcsZD2bf+NiMkYGk7z09VVm98FNXnz75utym8c//3+0Vufp+Wnr3fXyFwbHL73PbO5Su5R4667cTniicFm8Sd32j9pMf491WYZr77w3qetlqXxp/HWp63xd9fGlYinmrb/3bZMtr0/caq6OUzVN4omvv75k9FW5Te2fzql5dfPBXohbf/R7eMfTxrv1yzvvIwfr4x912rZg+Nvvv3vS96opvfV5l3MVSpL0xH7kte2zj969731fH39NP7JJ5vv/9tt/+k54Zk24x+8/uuXDx9/d6Xxz+6o/XeeuHp7fqBV+e21/0w1NVmb007/124FH+WzAwAAAAAAAAAAAAAAAAAAAAAAAIB2ZSLiYCSZ7J10JpPNbj7D+/8xmimWypXDZ0vLi7NRfVb2eAxl6j91Odbwe6jTtd/Dr+eP3pd/NiL+FxEfD49U89l8qTjb7+ABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoOZAi+f/p34Z7nftAICu2d/vCgAAPef4DwB7z86O/yNdqwcA0DvO/wFg72n7+H+mu/UAAHrH+T8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABddurkyXTa+HN9LZ/mZy+sLM+XLhyZLZTnswvL+Wy+tHQ+O1cqzRUL2XxpoeU/urT5UiyVzs/E4vLFqUqhXJkqr6yeXigtL1ZOn1vIzRVOF4Z6FhkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAtK+8sjqfKxYLS51LDEZER//hbkiM7I5q7JrEYOyKanQkkXRjL/jXJxp7iZH+dVAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAu9w/AQAA//8PEihV")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpuacct.usage_sys\x00', 0x275a, 0x0)
open(&(0x7f0000000080)='./bus\x00', 0x141042, 0x0)
write$binfmt_script(r0, &(0x7f0000000040)={'#! ', './file0'}, 0xb)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000020240), 0x10010)
r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r2)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r3 = gettid()
r4 = syz_open_procfs(r3, &(0x7f00000003c0)='coredump_filter\x00')
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6}]})
bpf$PROG_LOAD(0x5, 0x0, 0xa9)
pread64(r4, 0x0, 0x0, 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r5 = open(&(0x7f0000000000)='./bus\x00', 0x14113e, 0x0)
write$binfmt_script(r5, &(0x7f0000000280), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
clock_gettime(0x0, &(0x7f00000001c0))
r6 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x8, 0x5ac, 0x24b, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x7}}}}]}}]}}, 0x0)
syz_usb_control_io(r6, &(0x7f0000000bc0)={0x2c, &(0x7f0000000840)=ANY=[@ANYBLOB="4030890000008922c3ae0c3163e9153375c62b75327f2ae1f442ed0a9af7e756a90bde56a7829e5b299bea6d74f10ce947a8647ff390a7d057d5c9306b0a90a256c65d6e9f9952f92c2931afee76604d97d12f593e5bcb11a1b6f0e3aeaf75b7817bdee8420eb1e90519433a765490da24399381c1fe924aedf3f95f5209d75dda03429d281306afda9014e5c9fadb"], &(0x7f0000000900)={0x0, 0x3, 0xde, @string={0xde, 0x3, "c176103d180c44b1487a8522b075c2d2c5b549e48b51b71f11af5c7c988b55896ba7bb8c5069fbd09a5a81a5a253b4d3ef8dbc7ffb2a4fce7f1aec140f34d070c2bc473d4d2c9fb1c0bfab3f273cc8997fcfd45e97e0c0c4045dd0818d57cd0142263bb19e80566061d7ad1056114a4edfa456e783c80aeb50737c19285d1aeb285eddf86329c68923f462b9a9e51778a0a0dc68d6d07c0e86b41251c468ae9db769310ea557c1081710845ba461e744a76ac443ede559d73eed5b701a4c4ff49d76fd6cd9e67bdd42b44cce219ce8b6767b9d8b4c87e0684961569d"}}, &(0x7f0000000a00)={0x0, 0xf, 0x128, {0x5, 0xf, 0x128, 0x6, [@wireless={0xb, 0x10, 0x1, 0x4, 0x165, 0x9, 0x9, 0x1, 0xa8}, @ss_cap={0xa, 0x10, 0x3, 0x2, 0x2, 0x95, 0x6, 0x1ff}, @generic={0xf9, 0x10, 0xa, "c9e3dec853ba4d26d26327633d4c7639eeabacb417baa97f7546a4094fa754fc0f82e44f90a16c0aba264faf85d4fdf85ee7cea8d57b1feaf2ec8e812a01a90de92c4b9af555a058164dcd53489ad909cce6b343494378d0a2cd5eb99b349250b4b3bcecb163b7cb0d5bae403c59bd84dcb570ce6d5c62a336e4d322f0c4694462b761cb75fd3b6f44267b0e9f7b1e919a6078ceb47123d48c709541a17b48f92d31c11be517dec657e7c1954d121a36a15c91cdc64d7a5f31b7ffa90a923ba8c289483f20d4ad70dd2f620d7209d90a49f14629e9c5884c1f968fbbe543311b9561f2e196b775219e91c2ffe3a1995d6e8684009645"}, @ext_cap={0x7, 0x10, 0x2, 0x0, 0x3, 0xd, 0x4000}, @ext_cap={0x7, 0x10, 0x2, 0xa, 0x7, 0x8, 0x3}, @ext_cap={0x7, 0x10, 0x2, 0x12, 0x7, 0x7, 0x1}]}}, &(0x7f0000000b40)={0x20, 0x29, 0xf, {0xf, 0x29, 0x20, 0x0, 0x7f, 0x6, "fad9bbef", "8966c64b"}}, &(0x7f0000000b80)={0x20, 0x2a, 0xc, {0xc, 0x2a, 0x1f, 0x1, 0xbb, 0x8, 0x1, 0xeec2, 0x9}}}, &(0x7f0000001080)={0x84, &(0x7f0000000c00)={0x40, 0x10, 0x7b, "e441d89fc19651a699f35c8ca4a6d72595eae26f3ad3291191a7acc5b3ba1209326249d5d32f72827b6857a84aa5dad12ea00029ecbdf439d4c3f5b7b143ce8dde2c83c10475a890b1dc0adae1a718023ad85c73f9296e6db35fe7991815faf9d30ce1fe8f805726ace18ffea2ddb4ac70191d11af2e61648849c4"}, &(0x7f0000000cc0)={0x0, 0xa, 0x1, 0x80}, &(0x7f0000000d00)={0x0, 0x8, 0x1}, &(0x7f0000000d40)={0x20, 0x0, 0x4, {0x2, 0x3}}, &(0x7f0000000d80)={0x20, 0x0, 0x8, {0x400, 0x2, [0xee0]}}, &(0x7f0000000dc0)={0x40, 0x7, 0x2, 0xfffe}, &(0x7f0000000e00)={0x40, 0x9, 0x1, 0x80}, &(0x7f0000000e40)={0x40, 0xb, 0x2, '-m'}, &(0x7f0000000e80)={0x40, 0xf, 0x2, 0x5}, &(0x7f0000000ec0)={0x40, 0x13, 0x6, @local}, &(0x7f0000000f00)={0x40, 0x17, 0x6, @random="c02c39df0707"}, &(0x7f0000000f40)={0x40, 0x19, 0x2, "89f8"}, &(0x7f0000000f80)={0x40, 0x1a, 0x2, 0x401}, &(0x7f0000000fc0)={0x40, 0x1c, 0x1, 0x8}, &(0x7f0000001000)={0x40, 0x1e, 0x1, 0x4}, &(0x7f0000001040)={0x40, 0x21, 0x1, 0x1}})
syz_usb_control_io(r6, &(0x7f0000000280)={0x2c, &(0x7f0000000080)={0x40, 0x31, 0xc5, {0xc5, 0xc, "7964644000f76dca7f80edaafc44ee4002e8f00d39706d5fe45f942c77123d826e9f5857701bf80c9cb3833ee06f7f80a303e46a9c8f3a626f18a79e0b54b6761a80d3311946a986706512f48841c1610026aa3472115aadb979787a81f8e008d3667f8a65942f965d357c87994aa21336d88007024a492c5c0c96d8225618404c37f1bdf1f11034edb1cfbd5c01b88226d05d84022e51a1afbba0dfca39a02917290ae12e4ef284f0536f326ed3ac2c2849d052742d80ea0573566de17750378e09cd"}}, &(0x7f0000000180)={0x0, 0x3, 0x40, @string={0x40, 0x3, "e54a581379c50f89ef2c3370e166fe0192b9ccf40803ac07c2b55230fdeb44e1b1f84daa6386ce6954c0f041060b29c822814b5a2d78773bd05e96fcd4e7"}}, &(0x7f0000000000)={0x0, 0xf, 0x5, {0x5, 0xf, 0x5}}, &(0x7f0000000200)={0x20, 0x29, 0xf, {0xf, 0x29, 0x11, 0x1, 0x3, 0x7, "7fcaa523", "65d969a8"}}, &(0x7f0000000240)={0x20, 0x2a, 0xc, {0xc, 0x2a, 0xff, 0x8, 0x7f, 0xcd, 0x2f, 0x0, 0xffff}}}, &(0x7f0000000780)={0x84, &(0x7f0000000380)={0x0, 0x36, 0x69, "92c5d56ed30516871d4441bf3be52a7766b2a62774b918473ceb11f34c621f3b95cfc6d43365ace6205ff1c2d4a729482fa12f1c29fb8e3ea53fb3b0b62df696587a3052a5f3a12c35b36c396849630d6281a9fad7e5f7c4848cf8826a18203b4f8eec48d58fd0ee5e"}, &(0x7f0000000300)={0x0, 0xa, 0x1, 0x7f}, &(0x7f0000000400)={0x0, 0x8, 0x1, 0x71}, &(0x7f0000000440)={0x20, 0x0, 0x4, {0x2, 0x1}}, &(0x7f0000000480)={0x20, 0x0, 0x4, {0x1c00, 0x14}}, &(0x7f00000004c0)={0x40, 0x7, 0x2, 0x6}, &(0x7f0000000500)={0x40, 0x9, 0x1, 0xa2}, &(0x7f0000000540)={0x40, 0xb, 0x2, 'QZ'}, &(0x7f0000000580)={0x40, 0xf, 0x2, 0x81}, &(0x7f00000005c0)={0x40, 0x13, 0x6, @link_local}, &(0x7f0000000600)={0x40, 0x17, 0x6, @remote}, &(0x7f0000000640)={0x40, 0x19, 0x2, "a50b"}, &(0x7f0000000680)={0x40, 0x1a, 0x2, 0x1}, &(0x7f00000006c0)={0x40, 0x1c, 0x1, 0x3}, &(0x7f0000000700)={0x40, 0x1e, 0x1}, &(0x7f0000000740)={0x40, 0x21, 0x1, 0x2}})
rt_sigprocmask(0x0, &(0x7f0000000100)={[0xfffffffffffe]}, 0x0, 0x8)
r7 = gettid()
timer_create(0x7, &(0x7f00000012c0)={0x0, 0x1e, 0x1, @tid=r7}, &(0x7f0000001180))
timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
fallocate(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x101c08a, &(0x7f0000000080)=ANY=[@ANYBLOB='uni_xlate=1,utf8=1,rodir,utf8=1,uni_xlate=0,fmask=00000000000000000000003,shortnPme=lower,uni_xlate=0,utf8=1,showexec,utf8=0,utf8=0,rodir,flush,check=relaxed,rodir,check=relaxed,\x00'], 0x6, 0x2b8, &(0x7f0000000640)="$eJzs3U9rK1UYB+B30mQSdZEsXInggC5cXW7v1k2K3AtiV16yUBdabAvSBKGFgn8wduXWjQsXfgJB8IO48RsIbgV3ViiMzGSmSdqYJtJUvH2eTd+eOb+Zd6aHdrro6Ycvj472szg8++LX6HSSaPSjH+dJ9KIRta9iTv+bAAD+z87zPP7IJ9bJJRHR2VxbAMAGrfbzvzktf7qTtgCADXr67ntv7+zuPn4nyzrxZPT16aD4zb74ODm+cxgfxzAO4mF04yKifFFoRfm2UJRP8jwfN7NCL14bjU8HRXL0wc/V+Xd+jyjz29GNXjl0+bZR5t/afbydTczkx0Ufz1fX7xf5R9GNFy/Dc/lHC/IxSOP1V2f6fxDd+OWj+CSGsV82Mc1/uZ1lb+bf/vn5+0V7RT4Znw7a5bypfOuOvzQAAAAAAAAAAAAAAAAAAAAAADzDHlR757Sj3L+nGKr239m6KD5pRVbrze/PM8kn9Ylm9wfK83ycx/f1/joPsyzLq4nTfDNeas5uLAgAAAAAAAAAAAAAAAAAAAD318mnnx3tDYcHx7dS1LsBNCPir6cR//Y8/ZmRV2L55HZ1zb3hsFGV83OasyOxVc9JIpa2UdzELT2Wm4rnrvVcFT/8uO4JOzfPaS2+1m0W9eo62ksWP8N21COdapF8l0ZM56Sx4rXSfzqUxzrLL114qLv2vacvlMV4yZxIljX2xm+TJ1eNJFfvIi2f6sJ4qypm4lfWxkrrOTqT+PXvFYndOgAAAAAAAAAAAAAAAAAAYKOmf/274ODZ0mgjb2+sLQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4U9P//79GMa7CK0xO4/jkP75FAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7oG/AwAA//83x1yS")

3.07861527s ago: executing program 0 (id=1393):
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f0000003140)='./bus\x00', 0x1008002, &(0x7f00000030c0)={[{@grpquota}, {@delalloc}, {@resuid}, {@errors_remount}, {@dioread_nolock}, {@jqfmt_vfsold}, {@nomblk_io_submit}, {@noauto_da_alloc}]}, 0x1, 0x5d8, &(0x7f00000005c0)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x4, 0x8}, 0x48)
socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_group_source_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000340)={0x0, {{0x2, 0x0, @multicast1}}}, 0x108)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000500)={{}, &(0x7f0000000400), &(0x7f00000004c0)=r4}, 0x20)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
socket$packet(0x11, 0x3, 0x300)
r5 = socket(0x10, 0x2, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$BTRFS_IOC_QUOTA_CTL(0xffffffffffffffff, 0xc0109428, 0x0)
r7 = socket(0x10, 0x803, 0x0)
sendmsg$BATADV_CMD_GET_MESH(r7, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffffff000000", @ANYRES32=r8, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f00000007c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000940)=@newqdisc={0x164, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r8, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x134, 0x2, {{0x0, 0xff13, 0x0, 0x0, 0x0, 0x10f}, [@TCA_NETEM_RATE={0x14, 0x6, {0x0, 0x2, 0x100, 0x8}}, @TCA_NETEM_CORR={0x10, 0x1, {0x8001, 0x510e}}, @TCA_NETEM_SLOT={0x2c, 0xc, {0x8, 0x0, 0x8001, 0x3, 0xbfa9, 0x10001}}, @TCA_NETEM_CORRUPT={0xc, 0x4, {0xfff}}, @TCA_NETEM_JITTER64={0xc, 0xb, 0x80000000}, @TCA_NETEM_LOSS={0x58, 0x5, 0x0, 0x1, [@NETEM_LOSS_GI={0x18, 0x1, {0x0, 0x43, 0x10000, 0xffffffff, 0x8000}}, @NETEM_LOSS_GE={0x14, 0x2, {0x4, 0x6, 0x2, 0x7}}, @NETEM_LOSS_GE={0x14, 0x2, {0x7fffffff, 0x8}}, @NETEM_LOSS_GE={0x14, 0x2, {0x8001, 0xffffffff, 0x62}}]}, @TCA_NETEM_CORR={0x10, 0x1, {0x87c, 0x8, 0x1}}, @TCA_NETEM_DELAY_DIST={0x47, 0x2, "bb31dd582025a5bfe05b342a891035fe2abd168e2c8b8d284dcd49405a3da4233a46fc0f50f25bb2abef41f435190e7d58e97dac5d759d1138e8b1e6821e0d9f9be0a9"}]}}}]}, 0x164}}, 0x0)

2.532661574s ago: executing program 3 (id=1408):
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[], 0x32600)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_subtree(r0, &(0x7f0000000600)=ANY=[], 0xda00)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r3 = openat$cgroup_int(r2, &(0x7f00000000c0)='cpuset.mems\x00', 0x2, 0x0)
write$cgroup_subtree(r3, &(0x7f0000000100)=ANY=[@ANYBLOB='1-2', @ANYRESDEC=0x0], 0x23)
write$cgroup_subtree(r1, &(0x7f0000000000)={[{0x0, 'rdma'}]}, 0x40000)

2.514949696s ago: executing program 3 (id=1409):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000080)={0xa, 0x5, &(0x7f0000000c00)=ANY=[@ANYBLOB="180800000000000000000000000000008500000018000000850000007d0000009500000000000000e9e2a4048c6968d7d41c47a7dd5dc460b4877bbb535de4d973e016f69fed4a6b4b737a860ac3595dd4bdc4233e859e8c87363270d2b0f137b10fde7db4de2a452e30de29e26f4eaaa09dfbd313a0c54b061ea4bff71afc9b6b"], &(0x7f0000000000)='syzkaller\x00'}, 0x80)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r0, 0x0, 0xe, 0x0, &(0x7f0000000200)="0033ba00"/14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000840)={&(0x7f00000000c0)='sys_enter\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b702000000000000bfa30000000000000703000000feffff7a0af0ffc40bffff79a4f0ff00000000b7060000ffffffff2d6405000000000065060400210000000404000001000000b7050000220000006a0a00fe00000000850000000b000000b7000000592000009500000000000000a3028cb5af6c8f5d76781dcb7729f0170720596bb3b4d821d976f5843061cc2e3afbae82d7932d192321fa3b3042f100"/172], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
openat$hwrng(0xffffffffffffff9c, 0x0, 0x400, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$MAP_UPDATE_CONST_STR(0x2, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x20100cc, &(0x7f0000000400), 0x1, 0x7b5, &(0x7f0000000440)="$eJzs3U1oHFUcAPD/bDbZfmlS8WBFNCDa4kfStCKpCE1ED4oHwV7Ei6FJS+z2gyaiLUJTvOpNvKlU8KoIetFL6cGLN29ePUm1iPbgcWVmZ5N1s5uP7SZjs78fTPPevJ2+N9n8983Oe8wLoG+Npv+UIg5ExFISMZzvTyJiMEuVI6bqr7v91/sn0y2JWu31P5PsNWk+mo5J7c0P2xURP99I4r6B1fUuXLp8ZqZanbuY58cXz14YX7h0+en5szOn507PnZuYPDZ5dPLIsWcnuz2145WWHS9/+vkbNz975fGrH709/f2bv/+dxFQcz8uaz6NXRmN0+XcSQ/Ufg/VfTbzY68oKMpCfT6lpX1IusEFsSqnpPXwghmMgVt684bjxbaGNAwC2RC3dAIA+k+j/AaDPNO4DNMb2tmIcDPh/ujUd2UD96vgvx1T2c1c2Zr3ndtI0MljOxrVHe1B/+n/88ePXX6ZbbNE4PNDe0tVs4L9N/CdZ/I9ks3ha478+Z2CqB/W3foaIf9g+dxL/r/WgfvEPAAAAAAAAvXN9OiIm243/lZbn/0Sb8b9KRBzuQf3rj/+VbvagGqCNW9MRz7ed/7v8RJeRgTx3TzYfYDA5NV+dS2P/3og4FIOVND+xRh0/vfvrC53Kmuf/pVtaf2MuYN6Om+WWB/nMzizO3Mk5A3W3rkY8WO48/yft/5M2/X9a9tYG6/jmk68e61Q2mm1rxT+wVWrXIg7mT/qL+G/8NyRrP59vPLseGG9cFaz28EvX/ulU//r9fydPbPZUgRZp/7+n7fX/cvyPJM3P61zYfB1ffHjioU5l3V7/DyUnsqeK5o/VjPdmFhcvTkQMJa+u3n9k822GnagRD414SeP/0KNZ/E91uv/X7vo/vWK4sME6J/b98FSnsu77f+BOpfE/u6n+f/OJ01eOnulU/8b6/2eyPv1Qvsf9P1jbRgO06HYCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAvlSJiXySlseV0qTQ2FrE3Iu6PPaXq+YXFJ0+df+fcbFoWMRKDpVPz1bnDETFczydpfiJLr+SPtOSPRsT+iPi4sjvLj508X50t+uQBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAILe3w/r/qd8qRbcOANgyu4puAACw7fT/ANB/9P8A0H/a9P8ni2gHALB9fP8HgP7TZf//Xa/bAQAAAAAAAAAAAAAAAAAAAAAAAAA71P5Hrv+SRMTSc7uzLTWUlw0W2jJgq5WKbgBQmIGiGwAUplx0A4DC+I4PJG33VpZTrUuErLzeHQQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPrHwQPrrP/ffmEwYAdoXr2vVqtdKbApwDaz/j/0L+v/Q/+y/j+w3m2+lfX/l2p1jbz1/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6B8Lly6fmalW5y5K3NWJ+Q+6OGp3/kfQk2aUo7vDe1O7RFeJSueigj+YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4K/wbAAD//3ZIMe8=")
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='blkio.bfq.io_merged\x00', 0x275a, 0x0)
write$cgroup_int(r4, &(0x7f0000000100), 0x12)
ioctl$SIOCSIFHWADDR(r4, 0x4030582b, &(0x7f0000000280)={'lo\x00', @link_local={0x1, 0x80, 0xc2, 0xc}})
bpf$BPF_PROG_DETACH(0x8, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000001400)=@newtaction={0x988, 0x30, 0x1, 0x0, 0x0, {}, [{0x974, 0x1, [@m_police={0x30, 0x0, 0x0, 0x0, {{0xb}, {0x4, 0x2, 0x0, 0x1, [[]]}, {0x4}, {0xc}, {0xc}}}, @m_police={0x940, 0x2, 0x0, 0x0, {{0xb}, {0x86c, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c, 0x1, {0x3ff, 0x4, 0x5, 0x3f, 0x3ff, {0x4, 0x2, 0x6, 0x0, 0x3, 0xb74}, {0x3e, 0x0, 0x3, 0x2, 0x0, 0x2}, 0x0, 0x3ab4b216}}], [@TCA_POLICE_RATE64={0xc}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x5, 0x6, 0x6, 0x9f, 0xffffffff, 0x6, 0x8, 0x1, 0x100, 0x1, 0x4, 0x80, 0x4, 0x7f, 0x8000000, 0x1e, 0x400, 0x0, 0xbdce, 0x7, 0x3a, 0x200, 0x7, 0xed8e, 0xfffffffe, 0x40, 0x8, 0x180000, 0x200, 0xeb0, 0x7, 0x80000001, 0x8, 0x4f9, 0x80000000, 0x80, 0x4, 0x7e, 0x26, 0x8, 0x80, 0xdea4, 0x3, 0x2, 0x933f, 0x341, 0x1, 0x7fffffff, 0x6, 0x10001, 0xb7, 0x1ff, 0x9, 0x2, 0x0, 0x1, 0x5f82f16c, 0xfffff272, 0x0, 0x5, 0x9, 0x3ff, 0x100, 0x0, 0x200, 0x8001, 0x8, 0x4, 0x2, 0x0, 0x0, 0x10001, 0xfffffff8, 0x0, 0x800, 0x0, 0x9, 0x1, 0x0, 0x5, 0x0, 0x10001, 0xffff0001, 0x8, 0x7ff, 0x403, 0x6, 0x0, 0x0, 0x1, 0xbe0, 0x7, 0x8e, 0x9, 0x89, 0x4, 0x1ff, 0x3ff, 0xfff, 0x40, 0x1, 0xffffffff, 0x9, 0x66, 0x401, 0x10001, 0x3, 0x80, 0x79b, 0x8, 0x8, 0x3, 0xe95, 0xff, 0x19101711, 0x1f, 0x7, 0x4, 0x7f, 0x80, 0x5, 0x8001, 0x7f, 0x2e3, 0xeef, 0x0, 0x7fffffff, 0x4, 0x5, 0x7, 0x3, 0x5, 0x40, 0x0, 0x401, 0x9, 0x8, 0x10d, 0x8, 0x8, 0x5, 0xfff, 0x401, 0x81, 0x3f, 0x5, 0x0, 0x480000, 0x1a37, 0x6, 0x3e, 0x3, 0x5, 0x5, 0x81, 0x6, 0x9, 0xffff, 0x413, 0xda2d, 0x8000, 0x7, 0x44, 0x0, 0x100, 0xd61, 0x400, 0x4, 0x0, 0x1, 0xb6, 0x7a, 0x2, 0xffff, 0x200, 0x0, 0x0, 0x9, 0x9, 0x9, 0xfffff2e1, 0xfff, 0xdd, 0x4, 0xebb1, 0x6, 0x0, 0x44, 0x1, 0x1, 0x401, 0x362, 0x7fff, 0x94a, 0x9, 0x9, 0x8, 0x3, 0x6e, 0x0, 0x6, 0x0, 0xacd1, 0x80000000, 0x800, 0x1000, 0x6ed6cf3b, 0x1a, 0x2, 0x9, 0x4, 0x8, 0x2, 0x0, 0x4, 0x4, 0x6, 0x10000, 0x40, 0x543, 0x3, 0x8000, 0x1, 0x3, 0x7ff, 0x401, 0x8, 0xfffffff9, 0x0, 0xabcc, 0x6, 0xffff8000, 0x2, 0x7f, 0x2, 0x9, 0xffffffff, 0x4eb, 0x0, 0x1000, 0x401, 0x2, 0x6, 0x0, 0x400, 0xff, 0x400, 0x1, 0x9, 0xffffffff, 0x1, 0x8, 0xdb, 0x5, 0xd62, 0x40]}, @TCA_POLICE_PEAKRATE64={0xc, 0x9, 0x2d68}, @TCA_POLICE_PEAKRATE64={0xc, 0x9, 0x2}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x1, 0x0, 0x0, 0x7e6, 0x4, 0x0, 0xed, 0x0, 0xff, 0x5, 0x80, 0x5, 0x8, 0x4, 0xed, 0x2b, 0x6, 0x7, 0x10001, 0x7, 0x9, 0xffffffff, 0x0, 0x2, 0x81, 0x7, 0x430845e1, 0x80, 0x7fff, 0x80000001, 0x7, 0x1, 0x7, 0x5, 0x1ff, 0x2, 0x7fffffff, 0x6, 0xf03c, 0x1, 0x9, 0x1, 0x7, 0x9, 0x1000, 0x8, 0x5, 0x0, 0x4, 0x0, 0x7f, 0x1ff, 0x2, 0x7, 0x400, 0x8b, 0x3, 0x4, 0x5, 0x7, 0x0, 0x466d, 0x80000000, 0x5efed7cb, 0x2, 0x10000, 0xffff, 0x1, 0xfffff001, 0x5, 0x9, 0x8, 0x0, 0x800, 0x0, 0x46d8, 0x2, 0xfffffffe, 0x100, 0x59, 0xffffff9d, 0x245, 0xfffffffb, 0x2, 0x35b9, 0x8, 0x2, 0x4, 0x80, 0x401, 0xff, 0xd3, 0x6, 0x44e, 0x8, 0x0, 0x1, 0x1f, 0x80000001, 0x0, 0x0, 0x101, 0x2, 0x7, 0x9, 0x2, 0x532b, 0x0, 0x0, 0x7fffffff, 0xffffffff, 0x1ade, 0x10000, 0x3fc0, 0x4, 0x5, 0x54c0, 0x2, 0x7, 0xfffffff8, 0xec3f12c1, 0xff, 0x57, 0x2, 0xfffffffb, 0x5, 0x7f, 0x401, 0x7a, 0x7f, 0x2, 0x1, 0x0, 0x3, 0xc1, 0x2, 0x1, 0x80, 0xf634, 0x9, 0x7d, 0xb49, 0xff, 0x1, 0x6, 0x8, 0x8000, 0xb5, 0x80000001, 0x0, 0x9, 0x408, 0x49e, 0x7, 0x3, 0x4, 0x5, 0x2, 0x9, 0x1, 0x7, 0x1903, 0x7, 0x5, 0x2, 0x134, 0x1, 0x3f, 0x2, 0x9, 0x8, 0x8, 0xa934, 0x4, 0x6, 0xa3, 0x1fa, 0x8, 0xffff, 0x7, 0x0, 0x400, 0x10001, 0x10000, 0x0, 0xeb2, 0x81, 0x80000000, 0x0, 0x7fffffff, 0x4, 0x5, 0x3ff, 0x4, 0x3, 0xffffffff, 0x1f, 0x3, 0x3f, 0x6, 0x665, 0x8f9c, 0x9, 0x34, 0xfffff4cc, 0x6, 0xd6, 0x1, 0x8, 0x0, 0xe, 0x1000, 0xfffffffa, 0x6, 0x1, 0x7fffffff, 0x101, 0x9, 0x9, 0x1f, 0x32d, 0x0, 0x1, 0x20, 0x328, 0x9, 0x0, 0xfffffffb, 0x3, 0x1ff, 0x5d87, 0xdf93, 0x6, 0x94b, 0x4d, 0x8000, 0x4, 0x1, 0x7622, 0x6, 0x1, 0xff, 0x9, 0x4c, 0xff, 0x1000, 0x9, 0xf2, 0x4bd, 0x6, 0xb8, 0xfffffff7, 0x800, 0x7864, 0xffff, 0x2]}]]}, {0xa9, 0x6, "1c34070f36d1d3c9ee31f37d6146866b5be36b7d7a3aa77847067da22d354aebe651c9e2ec3517b7bb517a3a9dc18612e4a85b672273c2f8c7853f157adf15fedce44eab4835b8cbf030ec5491cf5bdb2f26c6fe8497c14bb34a86890afdbef1aa9ae6213c557f248dcb23a3c2fda82f92b6e4d18d6726bfaefe9f9bcfd63b03f6b5d43831e5f3bde21db683bafdb94183036b4ad57eff5d4f2c1c38a7c47e5b857382b017"}, {0xc}, {0xc}}}]}]}, 0x988}}, 0x0)
fsetxattr$trusted_overlay_redirect(0xffffffffffffffff, &(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x8, 0x2)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r2, 0xa002a0, 0x10, 0x18, &(0x7f0000000000)="5ae02efc441a80536af0d1d905c723fa", &(0x7f0000000040)=""/24, 0x6414}, 0x28)
rt_sigprocmask(0x0, &(0x7f000078b000)={[0xfffffffffffffffd]}, 0x0, 0x8)
tkill(0xffffffffffffffff, 0x0)

2.184973863s ago: executing program 0 (id=1410):
syz_mount_image$f2fs(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='nobarrier,mode=lfs,fsync_mode=strict\x00acl,\x00'], 0x1, 0x552d, &(0x7f000000d000)="$eJzs3M1rI2UYAPAn7Xa7X65FPHjbgUVoYRM23Q/0VnUXP7BLWfXgSdMkDdlNMqVJ09qTB4/iwf9EFDx59G/w4NmbeFC8CUpmJrpdFVybtN3294PJM/PmnWeeN5TCMxMSwKm1kPz6cykux/mImI2ISxHZfqnYMit5eCEirkTEzCNbqRj/c+BsRFyIiMtxbnx6qXjr82vDq7d+euuXb76bP3Pxi6+/P5IFA8fCixHR3cz3d7p5TFt5fFCM14btLHZvDouYv9F9WBynedxprmcZdmrjebUs3mjl89PN7f4obnRq9VFstTey8c1efsH+sDXOk53woLaVHTea61ls99Mstvbyunb38v+Xe/1BnqdR5PsoSx+DwTjm483dZr6ezYdZrPcGxXieN200d0dxWMTiclFPO42sjvWDfNLH29vt3vZuMmxu9dtpL7lVqb5Uqd4uV7fSRnPQvFmudRu3byaLrc5oWnnQrHVXWmna6jQr9bS7lCy26vVytZos3mmut2u9pFqt3KhcL99aKvauJa/fey/pNJLFUXy13dsetDv9ZCPdSvIzlpLlyo2Xl5Kr1eSd1bVk7f7du6tr735w5/17r6y++Vox6W9lJYvL15eXy9Xr5eXq0ila/ydF0RNcPxxI6cmmz0+rDoCnyBT7/4iFPKf+H3jc9Pr/rfsR0+//Q/8/EU9V/3va+/8prB8O5An7fwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAATo4f5r58I9tZyI8vFuPPFEPPFceliJiJiN//wWyc3Zdztsgz9y/z5x6r4dtSZBlG15gvtgsRsVJsvz077U8BAAAATq6vPr7yWd6t5y8LR10Qhym/aTNz6cMJ5StFxNzCjxPKNjN6eX5CybK/7zOxO6Fs2Q2scxNKlt9yOzOpbP/J7L5w7pFQysPMoZYDAAAciv2dwOF2IQAAABymT4+6AI5GKcaPMsfPgrNv3v/1QPD8viMAAADgKM3/v9NKk64DAAAAOHay/t/v/wEAAMDJlv/+HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPAHO3eUozQQxwH435YKikZifDTxKPoGx/AIPvpoOICX4Ah4BS/AGfDNIxjY0OmSZcNudtNp2d18X9IO0ww/Zgg8zEwyAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQp7/1evH75+dfXXN2+27yjAYAAAA4Z1uvF82LWapP2+fv2kcf2noREWVEnJu7V/HqJLOKiE8RUd/Rvr7Vhz8RTcLhM8bt9SYivrbX//d9fwsAAADwcm2Wq3marafb7NIdYkhp0aZ8+y1TXhER9exfprTykPcxU1jz+x7Fj0xpzQLWJFNYWnIb5Up7kObvfly1m9woilSU978/29gBAIABVSfFsLMQAAAAhvT9cPty6V7QXfW45kVcb2UetwLHqWi3916f1AAAAIBnqLh0BwAAAIDeNfP/vs7/mzr/DwAAAJ6EdP4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfdrW68VmuZp3zdntu8kzGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAK/bnHQVCIAzCYO/6zmTuf1hp0NTUpAqEj78xGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA3v/vL/4mpcSaZe20sPY8ka6fG1qmxd24c/WF8/RoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC42J/fDIhhKIqjd2Yy/75V9r/YuqS6hCrnEH7yJDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABu5H/EY50zXo0tyUjybLx7PZN8Omp8O2r8+mCuD8e8cCMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADY2bmf1ziqOADgb2Z2tmlVXKPkEBELHvRi021t7U08KMGDf4IQ0m2N3fqjzcGWIuTiTXLuRfQoIijx1v+h5xZ6qbcecqjguTK/kpc04KpkZtP9fODN+84wmfd9sxDynTdZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADYY/v93TgrNoMqTutj9x7fWi36+/v6wp3NB4tFK+KkzaSPhtfinWQh2plrPxkAAABmQ9bU9yGEh/nWctGng7L+z5tzipr/hxequKnn99f9Td/U/kX7/bdHr+wMNKjGKS56aW08Ov10Kr3Dm+V0e/Efz+iVd7589pKVH0j60cbL23l5P5Pv7t79oF+Gx9rIFgD4L041fR00fw8V/bDLxACYGb2o8G7q/2zQbU4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAbdjeCM81cRJCWOztxoX7j2+tHtTf2Xyw2LTzt29vxtcsLpGHEC6tjUenw1yLs5lu12/cvLIyHo+utR+8HkLoavT36ulf+WSCk0M4pDROdnTnZyxI6w97WvI5GkGHv5QAAHgm5XUr6vqH+dZycSyZD+HJj3vr/zejOExY/z/69Py9eKy4/h+2NsPpt7R+9cul6zduvr12deXy6PLo83fODN8dnr1w7tyFpfJZSbXtOk0AAACOsH7d4vo/nX96/f9EFIcJ6/+vvh9+E4+Vqf8PtLvo13UmAAAAs+2lk3/9mRxwPOn3w9cr6+vXhtV2Z/9Mte0g1X/tWN3i+j+b7zorAAAAoA3bG8me9f+LURwmXP9//qdXf4mvmYUQjtfr/6dWvxhfbG86U+1//Idw6E34413PEQAAgHY92fciw/G6xev/efn+f7pzZhpCeOuNKq6/BnCi+j/78Nuf47Hi9//PHvI8p126UN2Psl8IobfQdUYAAAA8y+bKNijr/z/yreXPfj3xcd/7/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABt+zsAAP//RP895g==")
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x800000000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
syz_emit_ethernet(0xa3, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
pipe2(&(0x7f0000000000), 0x10880)
syz_open_procfs(0x0, &(0x7f00000001c0)='net/ip6_tables_targets\x00')
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000040000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r4}, 0x10)
r5 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r5, &(0x7f00000000c0)={0x28, 0x0, 0x0, @host}, 0x10)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/16, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x0, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r6}, 0x10)
r7 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$AUTOFS_IOC_FAIL(r7, 0x4c80, 0xffffffffffffffb6)
syz_usb_connect(0x0, 0x24, &(0x7f0000000340)=ANY=[@ANYBLOB="12010000a500e9406b06f92094ff0102030109021210010000000009"], 0x0)

2.150033245s ago: executing program 3 (id=1411):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000d80)={0x6, 0x5, &(0x7f0000000a80)=ANY=[@ANYBLOB="180000000000000000000000000000008520000001800000852000000220"], &(0x7f0000000b40)='GPL\x00'}, 0x90)

2.055996973s ago: executing program 3 (id=1412):
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000080), &(0x7f00000000c0)=0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x2d)
bpf$MAP_UPDATE_CONST_STR(0x2, 0x0, 0xfaa7adca8cba7d97)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
socket$inet(0x2, 0x2, 0x0)
setsockopt$netlink_NETLINK_NO_ENOBUFS(0xffffffffffffffff, 0x10e, 0x5, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000900), &(0x7f0000000e80)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f0000003440)={[{@uni_xlateno}, {@shortname_mixed}, {@fat=@errors_continue}, {@utf8no}, {@shortname_mixed}, {@iocharset={'iocharset', 0x3d, 'cp949'}}, {@numtail}, {@iocharset={'iocharset', 0x3d, 'macroman'}}, {@uni_xlateno}, {@shortname_mixed}, {@uni_xlateno}, {@shortname_lower}, {@shortname_win95}, {@fat=@codepage={'codepage', 0x3d, '860'}}, {@utf8}, {@utf8no}]}, 0x1, 0x2ad, &(0x7f0000000240)="$eJzs3c9qY1UYAPDvpmly1UWycCWKF3ThapjOE6RIBwazUrJQFyrODMgkCDNQ8A/GWQmu3Lj0CQRhdr6EG9/ABxDc2UXhyE3ubZI2TXuhadX5/Tb9es757vnOzW1LF/ny8auTR/eLePj06z8iz7NoDWIQR1n0oxW1b2PF4IcAAP7LjlKKv9Jck7wsIvLtlQUAbFHjv//Ptl4SALBl773/wTv7w+HBu0WRx93Jd4ej8j/78ut8fv9hfBbjeBC3oxfHEenEPL6bUpq2i1I/3pxMD0dl5uSj36rr7/8ZMcvfi170Z0MplvPvDQ/2irml/GlZx4vV/oMy/0704uU1+98bHtxZkx+jTrz1xlL9t6IXv38an8c47pdFLOV/s1cUb6cf//7qw7K8Mj+bHo66s3ULaeeaXxoAAAAAAAAAAAAAAAAAAAAAAP7HblW9c7ox699TDlX9d3aOy292o6j1V/vzzPOz+kKn+gNNU/xU99e5XRRFqhYu8tvxSjvaN3NqAAAAAAAAAAAAAAAAAAAA+Hd58sWXjz4Zjx88vpKg7gZQv62/+XWezbIGSyOvx+as7mKvVhVu2CJ26jVZxMZ6ykNc0W25KHjhvJp//qXpBfOL1+yWe+VXeIr65V4aiXokW38PuyeL8/oh+bUeSSmlTlxy9855U6nR49dZO9VrfDc6L82C6YY1kZ1X2PevLX4uq6ns9Ck6K/d5JditgqX0U89Go+f57O+KTLcOAAAAAAAAAAAAAAAAAADYqsWbftdMPj07lC/CVuputTQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuDaLz/9vEEyr5Ess7sTjJzd8RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ4D/wQAAP//INFcCA==")
openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.net/syz1\x00', 0x200002, 0x0)

1.166868006s ago: executing program 3 (id=1413):
r0 = syz_usb_connect$hid(0x0, 0x49, &(0x7f0000000080)=ANY=[@ANYBLOB="1201000000000040341d0a0000000000000109022400010000000009040000010300000009210000000122050009058103"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000240)={0x24, 0x0, 0x0, &(0x7f0000000000)={0x0, 0x22, 0x5, {[@main=@item_4={0x3, 0x0, 0x0, "6f7f5e18"}]}}, 0x0}, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, 0x0)

1.163806846s ago: executing program 1 (id=1414):
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000100)={{0x1, 0x0, 0x0, 0x3}})
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r0, 0x40505412, &(0x7f0000000440)={0x2, 0x20000006})
r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r1, 0x40345410, &(0x7f0000000100)={{0x1, 0x0, 0x0, 0x3}})

1.148500937s ago: executing program 1 (id=1415):
prlimit64(0x0, 0x0, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
getxattr(0x0, 0x0, &(0x7f00000002c0)=""/66, 0x42)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x95)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
io_uring_setup(0x2f19, &(0x7f0000000480)={0x0, 0x3ea, 0x8, 0x0, 0x38b})
r0 = openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB="2c726f7e746d6f64653d3030303030303030303820303030303030303030ccc5f5cd6d8e8a03002c445539bfce9e4a344f7214a53030302c757365725f69643d", @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB=',\x00'])
write$FUSE_NOTIFY_INVAL_ENTRY(r0, &(0x7f0000010140)=ANY=[@ANYBLOB="29000000030000000000000000000000010000000076185b81ae"], 0x29)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r2, 0x89f1, &(0x7f0000000900)={'ip6_vti0\x00', @broadcast})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r1}, 0x10)
sync()
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
waitid(0x0, 0x0, &(0x7f0000002b80), 0x41000004, 0x0)

933.212035ms ago: executing program 1 (id=1416):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000300)='qdisc_dequeue\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000001080)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000300)='qdisc_dequeue\x00', r2}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000640)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd020f4c0c8c56147d66527da307bf731fef97861750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3665f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fff0d7216fdb0d3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447c2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2acb72e7ead0509d380578673f8b6e74ce23877a6b24db0000000000000003629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d7b90dfae158b94f50adab988dd8e12b1b56073d0d10f7067c881434af5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a331bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf77bfc95769a9294df517d90bdc01e73835efd98ad5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b31592479ecf2392548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4e62b445c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708194cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbe1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5646ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4766e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec859c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f250057931d828ec78e116ae46c4897e2795b6ff92e9a1f63a6ed8fb4f8f3a6ec4e76f8621e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403f02734137ff47257f164391c673b6071b6ad0f05eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb79f5589829b6b0679b5d65a81826fc9b38f791c8f1892b51ad65a89bc84646ebf78f5d5d4804d9abb071fd711b5e7cc163b42a6510b8f5ee6747df0b560eabe0499bf1fef7c18bb9f55effa018679845c6598fb78bf1b8d9d9f04a5f6062c2bbb91952755b3f7c948268cb647d0a0bb1286480615941154a01d23734bcafe3b164474e2f2efa77850686ee4541f3e79efa63545a7ae53d5f0c40cc86473f7eb093980bd0d97bb4750128d9c519984c5f731ea259e71b2f12d67ce12e52c283e74594dfc933e625737ed231d61263721d46daf093f770357cd78fe1431aef52b4a0a933f1a5334ad03f3876fc8a8e187f80318427b4c922075cf829e3cc49d71d52137b48e1fb6b05dd1c7b251a7059f0a4b4f3431f67fc65b75c202e43816e34ff41db85bacd77b25242830b788ae1e00"/2566], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r3, 0x18000000000002a0, 0xe40, 0x0, &(0x7f0000000100)="b9ff03076844268cb89e14f005dd1be0ffff00fe3a21632f77fbac14141de007031762079f4b4d2f87e5feca6aab845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0x8, 0x60000000}, 0x1e)

913.551186ms ago: executing program 1 (id=1417):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x3, 0x4, 0x2}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
unshare(0x60600)
mount$incfs(&(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='./file0\x00', &(0x7f0000000180), 0x0, 0x0)
mount$incfs(&(0x7f0000000140)='./file0\x00', &(0x7f0000000100)='./file0\x00', &(0x7f0000000040), 0x0, 0x0)
openat(r1, &(0x7f0000000140)='./file0/file0\x00', 0xa4b40, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5, 0x1000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000001900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
r4 = add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000080)={'fscrypt:', @desc2}, &(0x7f00000000c0)={0x0, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300"}, 0x52ba, 0xffffffffffffffff)
r5 = add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000080)={'fscrypt:', @desc2}, &(0x7f00000000c0)={0x0, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300"}, 0x52ba, 0xffffffffffffffff)
r6 = add_key$fscrypt_v1(&(0x7f0000000400), &(0x7f0000000440)={'fscrypt:', @desc1}, &(0x7f0000000480)={0x0, "6035ae1e0fe721441705322225930e6c1e3e2a51a92fd796bc34d7cf6e0236805b4377f7ab1a9b01c103a4c6a7ef54e6763fd7264c39ea00c508ba6062696138"}, 0x48, 0xfffffffffffffffe)
keyctl$KEYCTL_MOVE(0x4, r6, r5, 0x0, 0x0)
keyctl$KEYCTL_MOVE(0x4, r4, r4, 0x0, 0x0)
rename(&(0x7f0000000500)='./file0\x00', &(0x7f0000000540)='./file1\x00')
unshare(0x6020400)
r7 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
openat$cgroup_int(0xffffffffffffffff, &(0x7f0000000040)='cpuset.mems\x00', 0x2, 0x0)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000003c0)={0xffffffffffffffff, 0x20, &(0x7f00000001c0)={&(0x7f0000000340)=""/84, 0x54, <r8=>0x0, &(0x7f0000000080)}}, 0x10)
dup3(r7, r1, 0x0)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x10, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r8, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r9}, 0x10)
memfd_create(&(0x7f0000000400)='[)\\$#:\\-\x00', 0x4)
epoll_pwait(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)

892.123858ms ago: executing program 1 (id=1418):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x4000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xfff, 0x7}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000400007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='sched_switch\x00', r4}, 0x10)
socket(0x2c, 0x0, 0x0)
r5 = socket$inet_udplite(0x2, 0x2, 0x88)
mkdir(&(0x7f0000000740)='./file0\x00', 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
ioctl$FS_IOC_SET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x800c6613, 0x0)
add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000140)={'fscrypt:', @desc1}, &(0x7f00000001c0)={0x0, "28d7b07d54891881fe02c1203fe49696b9f26f2da4149683f065714f8a61d1f32c99064bbd27b2aa77459cff33a3a98350f1af9d51ed5bef3d63520d260804d0"}, 0x48, 0xfffffffffffffffd)
getdents64(0xffffffffffffffff, 0x0, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(r5, 0x0, 0x60, &(0x7f0000000500)={'filter\x00', 0x4, 0x4, 0x400, 0x0, 0x210, 0x108, 0x318, 0x318, 0x318, 0x7fffffe, 0x0, {[{{@arp={@initdev={0xac, 0x1e, 0x0, 0x0}, @loopback, 0x0, 0x0, 0x0, 0x0, {@mac=@link_local}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'netpci0\x00', 'pimreg0\x00'}, 0xc0, 0x108, 0x0, {0x3ed}}, @unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x0, 'syz0\x00'}}}, {{@arp={@rand_addr, @loopback, 0x0, 0x0, 0x0, 0x0, {}, {@mac=@link_local}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'gretap0\x00', 'bridge_slave_0\x00'}, 0xc0, 0x108}, @unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x6, 'syz1\x00'}}}, {{@arp={@remote, @broadcast, 0x0, 0x0, 0x0, 0x0, {}, {@mac}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'veth0_to_bridge\x00', 'lo\x00'}, 0xc0, 0x108}, @unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x0, 'syz0\x00'}}}], {{'\x00', 0xc0, 0xe8}, {0x28, '\x00', 0x2}}}}, 0x450)

180.557516ms ago: executing program 4 (id=1420):
mkdir(0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_PEER_REMOVE(0xffffffffffffffff, 0x0, 0x4040015)
socket$nl_xfrm(0x10, 0x3, 0x6)
r0 = epoll_create1(0x80000)
r1 = epoll_create1(0x0)
r2 = syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000), &(0x7f0000000000))
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000180))
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000000))
r3 = dup(r1)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r3, &(0x7f0000000000))

171.341737ms ago: executing program 4 (id=1421):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000004000ed0000000008100d00850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r0}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x4, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB='\x00'], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000380)={0x1b, 0x0, 0x0, 0x1200000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x5}, 0x48)
getitimer(0x2, &(0x7f0000000880))
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000180)='sys_enter\x00', r3}, 0x10)
mlock2(&(0x7f00004fb000/0x800000)=nil, 0x800000, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xfff, 0x7}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00'}, 0x10)
setitimer(0x0, &(0x7f0000000280), 0x0)

124.7609ms ago: executing program 4 (id=1422):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$GIO_UNIMAP(r0, 0x4bfb, &(0x7f0000000040)={0x48, 0x0})

116.425921ms ago: executing program 4 (id=1423):
r0 = add_key$keyring(&(0x7f0000000740), &(0x7f0000000780)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd)
keyctl$revoke(0x3, r0)
keyctl$instantiate(0xb, r0, 0x0, 0xffffffffffffff80, 0xfffffffffffffffb)

107.893342ms ago: executing program 4 (id=1424):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000e00), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket(0x200000100000011, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'syz_tun\x00', <r5=>0x0})
sendmsg$ETHTOOL_MSG_COALESCE_SET(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)={0x20, r2, 0x803, 0x0, 0x0, {}, [@ETHTOOL_A_COALESCE_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}]}]}, 0x20}}, 0x0)

99.153103ms ago: executing program 4 (id=1425):
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
open$dir(0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x8, &(0x7f00000017c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546000677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5467a932b77674e802a0d42bc6099ad238af770b5ed8925161729298700000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809b5b9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed3957f813567f7a95435ac15fc0288d9b2a169cdcacc413b48dafb7a2c8cb482bac0ac559eaf39027ceb379a902d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff7a1ef3282830689da6b53b263339863297771429d120000003341bf4abacac94500fca0493cf29b33dcc9ffffffffffffffd39f6ce0c6ff01589646efd1cf870cd7bb2366fdf870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1293b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd000c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301fb997316dbf17866fb84d4173731efe895ff2e1c55ef08235a0126e01254c44060926e90109b598502d3e959efc71f665c4d75cf2458e3542c9062ece84c99a861887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc74aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7ad333545794f37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea139376f24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff070000001e48418046c216c1f895778cb25122a2a998de0842a486721737390cbf3a74cb2003016f1514216bdf57d2a40dddb51ab63e96ec84ac3571f02f647b3385b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba2f58ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df986741517abf11389b751f4e109b60000000000000000d6d5210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288d139bd3da230ed05a8fe64680b0a3f9f2dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30235b9100000000a55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c776f4b4ce07e1c6fa66fcfc7a228805f76785efc0ceb1c8e5729c66418d169fc03aa18854693ad2a182068e1e3a0e2505bc7f41019645466ac96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7e478950aa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab848753203b458b97ec1afb079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7db3c4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b70ebc660309e1e245b0fdf9743af932cd6db49a47613808bad959719c0000000000378ac2e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6ca0400966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e3030108000000000000c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bffef97dcecc467ace456597685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0ebb5000000000006065d6735eb7a00e127c0000000000000000000000bfb0bba79344643b1d8daa9f38e4b62c1e2af68c6f5054b078acd74b4a9c944e4505da485a3a4154387a0a88370d9ed9467b09c5888a06431df3f68abf0b366c4d5f8bea7b29c257ed756dff7a21c6b661cbdd43de65afd7f661d5c84f915c90e3d6ea012b68b787eb01d8320000000000000060176dacba0ec503a37fae6b472ec369c79ee6a420c0fd8d8d82fe136d5af6c30bfeb0a7275babfdb96a127aa9386e0671c6454245a18c1c8c49552cff5d27b547cdc34c0858c77a47a9ff86ee9fbd9ceda428716a4218821176d8067997527230fa67d26950d3e4f2750fa7c872874ad3a2d11f9f6eb08e6d7b6fa257b04d8ce36360f524e3dfd2211641f3d2637d86b80681eca50ce0eecafdd22d41fa515c15591e70ded4b70efac3cb42fb352d82e8f7573e8ed8248da356fa91a252976d3a4d8c1843a8d5bb7f5f1028453a0562a3ea93117076dd4940b7df50d78289fe66197525f6095f8662d232970bef61b03fa83027963a1a2e07cfee30c0d0b4c5877f93b3637ca21eab5afcf5d4638dfe8f9202aaad51c979049dd76d65368cbd4187d9f74257c7c4a23ac4a34eec5aa17e78c5167216f5e72138d20f8325dd5f8f96c32189c904eaef580987f1ce601a7cdc35461db9981ac42f9e24b0699bbe4e3d986e38952b0b7938eefd9e7a292bbb66367ad77045fdc18855c81c031dedd185c723238373fc698d676791d04f1ff5f0825a6619e844882f31ed190233d58ecee949e310bf2b1a51b8a33ae65a06d2b6ad386bf8dc49dd328bcd75d1843a13d68560175a18af7efc3c0f20e32f84f6aaaf000000000000000000000013a6c66bce74a8fb9092023df695da2714a7933d699d42de2bc4a85e0a0e22228290a7a7553ab93a16e42553ed86869a02df2f47d4088fac1772d3cd955c81cbf91c2ca7942942f61723b558079b82547844f92df2499c4b2c2ef2539e5daa8d8727baaa6b5755e6f83bbfca000000000000000000000509619f5f0cbc72eebc653946d3552236f0dfe485cfa71bd69f4ded6e131128c3875b785875addfcbd5931c12adbef75535e694f3a19f28f9f99fa32e8ff66e7b1ff674434fb63ba0e28aadccf77d387525c98e81476058c958eaccfa7d251d0671222dc9d06485f7f690d3d4227bd21bd7ff8338617705b7faec47c86789a488b43d0fedf1b0ee05d65c677ced1e8214b2f6cb74d73886eb"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xffffffffffffff7e}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000100)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$inet(0x2, 0x3, 0x8d)
r5 = syz_open_dev$tty1(0xc, 0x4, 0x2)
r6 = dup(r5)
setsockopt$inet_msfilter(r4, 0x0, 0x8, &(0x7f0000000340)=ANY=[@ANYRES32=r6], 0x1)
getsockopt$inet_pktinfo(r4, 0x0, 0x8, &(0x7f00000000c0)={0x0, @local, @local}, 0x0)

68.767255ms ago: executing program 2 (id=1426):
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000005e002200850000006d00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='9p_protocol_dump\x00', r0}, 0x10)
pipe2$9p(&(0x7f0000001900)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
r3 = dup(r2)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[], [], 0x6b}})

7.31327ms ago: executing program 2 (id=1427):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000100)=0x5)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000200)='sched_switch\x00', r0}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
write$P9_RVERSION(0xffffffffffffffff, 0x0, 0x15)
write$FUSE_DIRENTPLUS(0xffffffffffffffff, &(0x7f00000012c0)=ANY=[@ANYBLOB], 0xb0)
write$FUSE_INIT(0xffffffffffffffff, 0x0, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f0000004140)={0x2020}, 0x2020)
socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSETD(r4, 0x5423, 0x0)
r5 = socket(0x10, 0x3, 0x0)
write(r5, &(0x7f0000000000)="2400000011005f0414f9f40700090400810000000b0000000000000008000f0001000000", 0x24)

0s ago: executing program 1 (id=1428):
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x3, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000004000000000000000000190095"], &(0x7f00000001c0)='syzkaller\x00'}, 0x90)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'syz_tun\x00', <r2=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000000c0)={r0, r2}, 0x10)
syz_emit_ethernet(0xd86, &(0x7f0000001580)={@multicast, @link_local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "711e8f", 0xd50, 0x3a, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @ipv4={'\x00', '\xff\xff', @dev}, {[], @time_exceed={0x9, 0x0, 0x0, 0x0, '\x00', {0x0, 0x6, "bede78", 0x0, 0x0, 0x0, @dev, @loopback, [@srh={0x0, 0xe, 0x4, 0x7, 0x0, 0x0, 0x0, [@mcast1, @empty, @private2, @private1, @private1, @loopback, @local]}, @dstopts={0x0, 0x193, '\x00', [@generic={0x0, 0x5f, "f0edb1af7badf7491d2500721be4cce0542133657e2d12f0ae3e134727e49fe7c04867be7426e8cbefd47520beacbe5c36083a972cb3b73de48f661a252e0b0a5a236ddf29543f29a5e18fd1c7b54248c8b03dc91385c9160f3394ff0708c8"}, @hao={0xc9, 0x10, @private1}, @jumbo, @calipso={0x7, 0x28, {0x0, 0x8, 0x0, 0x0, [0x800, 0x0, 0x0, 0x4]}}, @jumbo, @calipso={0x7, 0x28, {0x2, 0x8, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0]}}, @generic={0x0, 0xbc4, "dc733e56d5e0dffc92fe381f7e59a85405fcac11efe328327ba77b61d75c9b4a52ba908550849d16616e3109da0b774f1cfbd53c86c37963124edfbf35f4657de4f594b9a53ae13df8d0201e34ed6f6014a5c86e11affdf1d097c9028235c908c9afcf1d25e7d44d72162f5befed065f67599646ce098e5841d399276fb729faabc579531cc60088d025423e0ef8be5d996fedea4cffa6a8a4b0a9b639d7d5a78a298e02b16fc9810df711c725ed6344fcfea4f3601bf17f3837eb8ca45b583b120308de1f53741e81031409b3c70566d7fb088acea835476c77a3e53992ab859305fe14c882dbd019526699fcbd3c4176bb5d3ea412eeede2fa2d381317f2b3e88c528cd6a17c4b864884bc21f1a3f432387ca5a0da91480929542322a6ae494f57b4e8670f2f59906b36251800c64a2b4620d42946eff9a184005cf36d538033f43f2d7c34810245e027e5c1107d0eb79a62122def8c195b4c72358f4450ccc7cc1a58da745c47dfa0bcd3ae125b119b0817a3b3cc54fdbeacd62b1df80694e67ebd8054bae0e47b3aff499e3ed9767eff1cb1ce6853a66a1270a12ffcaa6ed846673707710018c4887d8a0b5a0a3b25b73c7eb0f08211a9f197f9886d5522b922e66fe23590123ee5f548c2ac96f068c5bb45c3aeb98e43af0e1e64d635e58f2b3b322fb037070f21baebaee9d0759818cf1423fb17dad7221b4405848e1d49a7f575524e7699dcae9d820bf21d0a80f857b0fa3568eafc4d7f1b5510a3f82948914a25c38292a34ba7700e56e54455a5f649964a4c77d345a76990d751ef82df3500e947cb90235378183bc74b84f680b716925063e908e3cd5ad965865a81f5f037f30cec1f17946cf18e379855c873de0a3c03a7d7ef5b01932f4a5caecc2b8e672750e3b56bf0b6b13794472290bcbb4344cd1df3335afa343d04bbbe6c12b8c2ecafa54b778b31a48f9e5cbf14a0b579e60563d0b08d8b00c0d462d4eaf4d46265853df427d84d86e68ecdbc7c4f68b479718dd1e5d80d6500eca741b5e218d70cc33689b386ee1d172233ce547d158832d558dbb8b8d7f3c384905a9f261b8083ed7d24d2e9ea403269c98a1ced9b569044ceaed1c83b41de642e2f0e88d676036f54e9ed115633e35b777af432d360f25b0aef0a4631e003b9db784953b9becc711a65ca3adea326cd18c8aae01eda13d735ad8b518c8c2f2e7a3410490d8eb80e9bea318c9fee4b7c59b992fe9b91128555f6486bb78e983d81e8ad7d5b451a6c5c374225801a94f69488f4ed00b8ae174985396b4ca91f8a157b17cfea3778c5cf62d35b40bb44bb137358ce25e6b179c90198eac0c0e8df6b248b2ef990ed424c43706c613a121ce6fedc0198872eb983fca1fe036a7fec23b33b39d0bc6f5956090ce521aca3d9632540d294e740606aa19c24281d19c1910c15bcb51dfa32ee1c643543e24dcebfb611dca5cc7106fe26166ae272ae878c82ad025d7e8c21560c94c610feee745496f5c9ce9924bcfd9899fc30ba09184006a6306402102a621a10c432e0cad32f74911868ddbae34cf288e57fe428b4eb616fa05571288a71115c28d3977e4d38fa2c67f908c321f99737b1a8f5ffef7583022448c0549518f841f0dcc6e57d81d68da4c6f29066e4307dea8e11f1e5e517672aeee90079a76dd8b28488706a0e0cfccee67c87dbafd846a1b61920cb159569480618f29d99e09505db4ff78135349769393593951a3c9e72ff91846fcab32a6b69c0d8116feeec57b03affc60fb470f67d148a8c4c8a63071a5fb05f97d038f9948096e6ace12dcec8b7bc7680a5acca359b235d029eaaef3503b7b0a2aaabe63e0a51aefa26fe63f1c8017b4408d216b6d6ef19f33ce4a12c10ea95b60a780da1da5d5b46b11e871947dd3de79584bcb896d868051ad2e8b7f5645b2ece9bac99eccb37071fdc7225b14df13f074f0bf6e6b5f73842d9976ab2fbac7c468302defd77170ae6a98ee48b50766969b5d5843a1b5f84223f72d1df80c0f6ca2a47639264abccae6a5b8eb5de0aad90f7860501c0352732be643eb4b7ea9e1f55095c9f8a23c6e065e69002967a85a89304da189e4893e14c4d93738c7969e2b2f3af53a2efcc5d621e8c938719f7bfa12a2417d72296a85a3901cfc5144226835a2ef5d95aef20e5a3c25f1ac4d3ef9e5edf45fa60e844cbee8eb197289a0bd4a65a22de70a0730a0b2a481f9eae7fac436d6cc4d4ab9c2502ce70b5252f7f42a2d3253046220022064dd0e94dbbf6dc0df4e23bc8fde3d546a533086f49fc5139dab3c8c7856a5016ca05c3241140aa40790af2c95e1e89bee5d339d974ec09ac8982080c03cc09e996592750437210519c03b975afa4e2d949eda4907d109919d894647e7995e771529bb3af3588e293251d75b19e5493e93fb669ca6c1d304df72d8b3146835b92fcbd01f0e5ca874e121fc084bbfd920ddb8ff10bfd87ccdbc52eadb641d5d2291479f10d4ff78678e53fb986204947f02f7e796c305fea8f1324917f8f6f5bdec1713ad4203ef46ad6b5d1883235c19bbde32b30593c38a577d2e393417e4aa73d8632cc5c32750edceeb7f8ac3ee50a9daeb7ea52d8ea1504467e33c397f4d53dcd37c4d99f76bfb65db27dd086073c65fe2f811df4f0708e8bc9e7a92ab19efe61aa8814f6c786d5fd10cb652f5a851982b665cebd26e94bcab9edf05d827a87e64f7de24602c082799cfb49e86e35fa80eedd5abc7fb22cfa5f0027ce2bfc20262b8b2502cc52afb1fd6a994c7d9f67b7f6e27ed0347c7ff0557dd07ac7b89b8da8a8d1bb282734ad24c4741f1bc544f8697e3768cd664c8a37cb6a648c76982b065b75b25d5016e18e32d98048a309943ae7d87a3fe90b4aeb85348ba5d6a50e8927fd28e5ef90d359b8b24dd49992785cd8f47548510a61d89769971b519e535eb0d8ed4112bd151a77758dccde1acaff9caf0e2524617ede84560e5d729e24c7afaaf3030f2ddb6815dc1dd0f5a503e179eb5df9a4b58fb7a19db62ac99b7fc20270bc52cfb688ebb12c7519404f95894594e99c22a9b36db13f703b84cd392065e57a019455109f6589155f50eb3d0b7efc25e8d6e6b3bfbffb6befbb05e4ceaad437c9749467c25ce4fd14d02f29957488773ca605787882d4e96248a52adb08222911ae8771bab39c5a39ac8cd4671c95db67b1a93cb928917d09b11e6c49adf047b96a6906ffe76f4d3dd5643cbc846b0fcc35e57b6007c7c0f19b3fbd446f6fbb0d640781fb89dac774e58d0fd8f5452d75dd1d1c059f3c0de0d056936941a37cc45b71cae59495fca4f6e08f5e5c38a5c906416bcb5b4d47b7e0570cd74f9436870b641b04fece9eff8df11891f80f94821633bf5af78437fc9266dfd702b8e0c7d05a8718ead75e52e7adc6b01c3fa961c9a1991b2c2f761d56c68261e67709f7781061ac1af0257bd8328524733ecf9005dad44363fc7eeb9c1d2201e41d72e59e339830904602a854b93565ec9ec4a757005e4e6b87959b1232dab1aa6a4ffe11a31644deb22f6f7cca5b90aac548125d79405faa101ed5c093db514962989bea2a46370311ffb304320d49a36970fae564c80627b59b495efb8fc8e28637617ce6e2e5f95344605952359fc240a4378c545dffcb04a180107236b8aab06e54aa8a42e17abf58d324c9c012a0aa71e211e5a89650f821723d22e7ead40e96f6e0e7cf9da4dc95ebc07591f3b0c9d320925550a139897374a59c7a408e20f48413ea8d770d4558d18e0bc3b8cb780031d131331e8281f2aff03b0b77890a80bb1fdfbc1190bafb553721c61f11f59c2e59f6eee602294d9819fdfa35cf6641dfbee142e92081cd73909fff9bed4217179a2eeb3acd4671cc43d47c38d6a9f0935ee0ec0f7be1a1d5eba8bc1f45940672a7c511c7834eedb33cb6ebc07525c6dc686d18a5e8bf706ec0fd9f594e6e4b6e829dea06336e00bbb9e800b81dda33e58f4d2625ea24ca6c798791045059c2de67f45f65bae3b68c05832d3dc1ec5252befe0e109b263d4e0ce4da524d85171ffee6436b72f8c909f290126d02e864dc4b17e490069d36f6d77adf6b56e3dbccdb5b48d66465cd302a7db901636bd737271350d97b00fe5902b5746f85bb96d1a130f02cb41a2529282274045c473d5ba29c17c7b47e26e990809a67b02ed386fc8aaa185ed871dcac43f915b3477da89274fbedb4a128db89328ff24464e857127d3c"}]}]}}}}}}}, 0x0)

kernel console output (not intermixed with test programs):

ave_0) entered blocking state
[  242.821494][ T4188] bridge0: port 1(bridge_slave_0) entered disabled state
[  242.829358][ T4188] device bridge_slave_0 entered promiscuous mode
[  242.829781][   T28] audit: type=1400 audit(2000000135.119:19729): avc:  denied  { listen } for  pid=4193 comm="syz.1.1062" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  242.836249][ T4188] bridge0: port 2(bridge_slave_1) entered blocking state
[  242.879145][   T28] audit: type=1400 audit(2000000135.149:19730): avc:  denied  { shutdown } for  pid=4193 comm="syz.1.1062" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  242.898779][ T4188] bridge0: port 2(bridge_slave_1) entered disabled state
[  242.906193][ T4188] device bridge_slave_1 entered promiscuous mode
[  242.957752][ T4196] loop1: detected capacity change from 0 to 1024
[  243.007153][ T4150] EXT4-fs (loop3): unmounting filesystem.
[  243.019536][ T4188] bridge0: port 2(bridge_slave_1) entered blocking state
[  243.026421][ T4188] bridge0: port 2(bridge_slave_1) entered forwarding state
[  243.033513][ T4188] bridge0: port 1(bridge_slave_0) entered blocking state
[  243.040292][ T4188] bridge0: port 1(bridge_slave_0) entered forwarding state
[  243.049825][ T4196] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  243.054945][ T4200] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  243.074864][ T1927] EXT4-fs (loop1): unmounting filesystem.
[  243.097684][  T380] device bridge_slave_1 left promiscuous mode
[  243.109078][  T380] bridge0: port 2(bridge_slave_1) entered disabled state
[  243.116482][  T380] device bridge_slave_0 left promiscuous mode
[  243.125878][  T380] bridge0: port 1(bridge_slave_0) entered disabled state
[  243.138346][  T380] device veth1_macvtap left promiscuous mode
[  243.144615][  T380] device veth0_vlan left promiscuous mode
[  243.242760][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  243.267059][   T24] bridge0: port 1(bridge_slave_0) entered disabled state
[  243.334771][ T4208] loop2: detected capacity change from 0 to 256
[  243.344576][ T4208] exFAT-fs (loop2): bogus sector size bits : 0
[  243.350727][ T4208] exFAT-fs (loop2): failed to read boot sector
[  243.356832][ T4208] exFAT-fs (loop2): failed to recognize exfat type
[  243.370032][   T24] bridge0: port 2(bridge_slave_1) entered disabled state
[  243.486204][  T330] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  243.494503][  T330] bridge0: port 1(bridge_slave_0) entered blocking state
[  243.501383][  T330] bridge0: port 1(bridge_slave_0) entered forwarding state
[  243.508868][  T330] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  243.516906][  T330] bridge0: port 2(bridge_slave_1) entered blocking state
[  243.523773][  T330] bridge0: port 2(bridge_slave_1) entered forwarding state
[  243.538667][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  243.546540][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  243.557724][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  243.569051][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  243.584610][ T4188] device veth0_vlan entered promiscuous mode
[  243.592105][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  243.600678][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  243.609357][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  243.617203][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  243.631477][ T4188] device veth1_macvtap entered promiscuous mode
[  243.640929][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  243.648475][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  243.655917][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  243.664212][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  243.672380][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  243.699921][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  243.708306][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  243.716603][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  243.725489][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  243.733939][ T4212] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1067'.
[  243.815269][ T4215] netlink: 512 bytes leftover after parsing attributes in process `syz.3.1067'.
[  244.177723][ T4219] loop2: detected capacity change from 0 to 512
[  244.219281][ T4219] EXT4-fs error (device loop2): ext4_orphan_get:1396: inode #15: comm syz.2.1068: casefold flag without casefold feature
[  244.241253][ T4219] EXT4-fs error (device loop2): ext4_xattr_inode_iget:404: inode #2: comm syz.2.1068: missing EA_INODE flag
[  244.262699][ T4219] EXT4-fs error (device loop2): ext4_xattr_inode_iget:409: comm syz.2.1068: error while reading EA inode 2 err=-117
[  244.278841][ T4219] EXT4-fs (loop2): 1 orphan inode deleted
[  244.284391][ T4219] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  244.334349][ T3841] EXT4-fs (loop2): unmounting filesystem.
[  244.389583][ T4212] syz.3.1067 (4212) used greatest stack depth: 18936 bytes left
[  244.728764][   T45] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  244.728835][  T751] Bluetooth: hci0: command 0x1003 tx timeout
[  244.863554][ T4248] loop3: detected capacity change from 0 to 512
[  244.870016][ T4248] EXT4-fs: Ignoring removed mblk_io_submit option
[  244.876712][ T4248] EXT4-fs (loop3): Test dummy encryption mode enabled
[  244.884983][ T4248] EXT4-fs error (device loop3): __ext4_iget:5046: inode #11: block 1: comm syz.3.1078: invalid block
[  244.896030][ T4248] EXT4-fs error (device loop3): ext4_orphan_get:1401: comm syz.3.1078: couldn't read orphan inode 11 (err -117)
[  244.907892][ T4248] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  245.068717][  T316] usb 2-1: new high-speed USB device number 25 using dummy_hcd
[  245.118784][    T6] usb 5-1: new high-speed USB device number 25 using dummy_hcd
[  245.359095][    T6] usb 5-1: Using ep0 maxpacket: 16
[  245.428711][  T316] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  245.439645][  T316] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  245.449305][  T316] usb 2-1: New USB device found, idVendor=0419, idProduct=0600, bcdDevice= 0.00
[  245.458235][  T316] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  245.468491][  T316] usb 2-1: config 0 descriptor??
[  245.478715][    T6] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  245.489638][    T6] usb 5-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 8
[  245.499242][    T6] usb 5-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 22
[  245.513428][    T6] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  245.522835][    T6] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  245.548711][ T4246] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  245.569589][    T6] cdc_acm 5-1:1.0: Control and data interfaces are not separated!
[  245.784621][ T4254] loop2: detected capacity change from 0 to 2048
[  245.809706][    T6] cdc_acm 5-1:1.0: ttyACM0: USB ACM device
[  245.819754][    T6] usb 5-1: USB disconnect, device number 25
[  245.827065][ T4254] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  245.936490][ T4261] loop0: detected capacity change from 0 to 256
[  245.946520][ T4261] exFAT-fs (loop0): bogus sector size bits : 0
[  245.952609][ T4261] exFAT-fs (loop0): failed to read boot sector
[  245.958639][ T4261] exFAT-fs (loop0): failed to recognize exfat type
[  246.385058][ T4150] EXT4-fs (loop3): unmounting filesystem.
[  246.391800][  T316] samsung 0003:0419:0600.0033: unknown main item tag 0x0
[  246.399214][  T316] samsung 0003:0419:0600.0033: unknown main item tag 0x0
[  246.406168][  T316] samsung 0003:0419:0600.0033: unknown main item tag 0x0
[  246.413033][  T316] samsung 0003:0419:0600.0033: unknown main item tag 0x0
[  246.419883][  T316] samsung 0003:0419:0600.0033: unknown main item tag 0x0
[  246.427683][  T316] samsung 0003:0419:0600.0033: hidraw0: USB HID v0.00 Device [HID 0419:0600] on usb-dummy_hcd.1-1/input0
[  246.433353][ T4264] loop3: detected capacity change from 0 to 512
[  246.447104][ T4264] EXT4-fs error (device loop3): ext4_orphan_get:1396: inode #15: comm syz.3.1080: casefold flag without casefold feature
[  246.459798][ T4264] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: inode #2: comm syz.3.1080: missing EA_INODE flag
[  246.471876][ T4264] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz.3.1080: error while reading EA inode 2 err=-117
[  246.484341][ T4264] EXT4-fs (loop3): 1 orphan inode deleted
[  246.484442][  T474] usb 2-1: USB disconnect, device number 25
[  246.489948][ T4264] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  246.527061][ T4150] EXT4-fs (loop3): unmounting filesystem.
[  246.596544][ T3841] EXT4-fs (loop2): unmounting filesystem.
[  246.609557][   T28] audit: type=1400 audit(2000000138.899:19731): avc:  denied  { read } for  pid=4269 comm="syz.0.1082" lport=58 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  246.692183][ T4267] loop3: detected capacity change from 0 to 40427
[  246.700405][ T4267] F2FS-fs (loop3): invalid crc value
[  246.708732][ T4267] F2FS-fs (loop3): Found nat_bits in checkpoint
[  246.754966][ T4267] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4
[  246.898708][    T6] usb 1-1: new high-speed USB device number 26 using dummy_hcd
[  247.165549][   T28] audit: type=1400 audit(2000000139.449:19732): avc:  denied  { create } for  pid=4288 comm="syz.1.1087" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  247.185121][   T28] audit: type=1400 audit(2000000139.449:19733): avc:  denied  { ioctl } for  pid=4288 comm="syz.1.1087" path="socket:[35781]" dev="sockfs" ino=35781 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  247.210294][   T28] audit: type=1400 audit(2000000139.449:19734): avc:  denied  { bind } for  pid=4288 comm="syz.1.1087" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  247.229873][   T28] audit: type=1400 audit(2000000139.449:19735): avc:  denied  { read } for  pid=4288 comm="syz.1.1087" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  247.249306][   T28] audit: type=1400 audit(2000000139.519:19736): avc:  denied  { setopt } for  pid=4288 comm="syz.1.1087" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  247.268988][   T28] audit: type=1400 audit(2000000139.519:19737): avc:  denied  { write } for  pid=4288 comm="syz.1.1087" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  247.418132][ T4150] syz-executor: attempt to access beyond end of device
[  247.418132][ T4150] loop3: rw=524288, sector=45064, nr_sectors = 8 limit=40427
[  247.436847][ T4150] syz-executor: attempt to access beyond end of device
[  247.436847][ T4150] loop3: rw=0, sector=45064, nr_sectors = 8 limit=40427
[  247.453821][ T4306] SELinux:  Context � is not valid (left unmapped).
[  247.480579][ T3331] kworker/u4:7: attempt to access beyond end of device
[  247.480579][ T3331] loop3: rw=2049, sector=40960, nr_sectors = 96 limit=40427
[  247.508731][    T6] usb 1-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  247.517636][    T6] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  247.595019][ T4308] loop4: detected capacity change from 0 to 256
[  247.603525][ T4308] exFAT-fs (loop4): bogus sector size bits : 0
[  247.609642][ T4308] exFAT-fs (loop4): failed to read boot sector
[  247.615621][ T4308] exFAT-fs (loop4): failed to recognize exfat type
[  247.754374][    T6] usb 1-1: config 0 descriptor??
[  248.303488][ T4319] bridge0: port 1(bridge_slave_0) entered blocking state
[  248.310772][ T4319] bridge0: port 1(bridge_slave_0) entered disabled state
[  248.318063][ T4319] device bridge_slave_0 entered promiscuous mode
[  248.326093][ T4319] bridge0: port 2(bridge_slave_1) entered blocking state
[  248.333452][ T4319] bridge0: port 2(bridge_slave_1) entered disabled state
[  248.341573][ T4319] device bridge_slave_1 entered promiscuous mode
[  248.425458][  T330] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  248.433555][  T330] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  248.454053][  T474] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  248.463201][  T474] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  248.471798][  T474] bridge0: port 1(bridge_slave_0) entered blocking state
[  248.478671][  T474] bridge0: port 1(bridge_slave_0) entered forwarding state
[  248.486211][  T474] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  248.495090][  T474] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  248.503423][  T474] bridge0: port 2(bridge_slave_1) entered blocking state
[  248.510977][  T474] bridge0: port 2(bridge_slave_1) entered forwarding state
[  248.518452][  T474] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  248.526309][  T474] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  248.539089][  T380] device bridge_slave_1 left promiscuous mode
[  248.545589][  T380] bridge0: port 2(bridge_slave_1) entered disabled state
[  248.553203][  T380] device bridge_slave_0 left promiscuous mode
[  248.558731][    T6] usb 5-1: new high-speed USB device number 26 using dummy_hcd
[  248.559563][  T380] bridge0: port 1(bridge_slave_0) entered disabled state
[  248.574706][  T380] device veth1_macvtap left promiscuous mode
[  248.580794][  T380] device veth0_vlan left promiscuous mode
[  248.614887][ T4318] loop1: detected capacity change from 0 to 131072
[  248.632932][ T4318] F2FS-fs (loop1): Test dummy encryption mode enabled
[  248.646595][ T4318] F2FS-fs (loop1): invalid crc value
[  248.653881][ T4318] F2FS-fs (loop1): Found nat_bits in checkpoint
[  248.682725][ T4318] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  248.695145][  T474] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  248.713782][  T474] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  248.754572][ T4319] device veth0_vlan entered promiscuous mode
[  248.769756][ T4319] device veth1_macvtap entered promiscuous mode
[  248.777066][  T330] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  248.785143][  T330] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  248.793229][  T330] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  248.800682][  T330] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  248.814019][  T330] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  248.822230][  T330] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  249.135308][ T1927] F2FS-fs (loop1): f2fs_fill_dentries: corrupted namelen=1025, run fsck to fix.
[  249.167937][ T4343] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  249.177731][ T4343] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  249.185430][    T6] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  249.196640][    T6] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  249.206635][    T6] usb 5-1: New USB device found, idVendor=04d9, idProduct=a055, bcdDevice= 0.00
[  249.217285][    T6] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  249.225746][    T6] usb 5-1: config 0 descriptor??
[  249.471575][ T4323] device pim6reg1 entered promiscuous mode
[  249.688694][    T6] usbhid 5-1:0.0: can't add hid device: -71
[  249.694543][    T6] usbhid: probe of 5-1:0.0 failed with error -71
[  249.701834][    T6] usb 5-1: USB disconnect, device number 26
[  249.859310][   T10] device bridge_slave_1 left promiscuous mode
[  249.865312][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[  249.872678][   T10] device bridge_slave_0 left promiscuous mode
[  249.878708][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[  249.886206][   T10] device veth1_macvtap left promiscuous mode
[  250.130297][ T4352] loop2: detected capacity change from 0 to 512
[  250.139850][ T4352] EXT4-fs (loop2): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  250.149774][ T4352] EXT4-fs (loop2): ext4_check_descriptors: Inode table for group 0 not in group (block 1)!
[  250.160388][ T4352] EXT4-fs (loop2): group descriptors corrupted!
[  250.189019][   T28] audit: type=1400 audit(2000000142.479:19738): avc:  denied  { ioctl } for  pid=4354 comm="syz.3.1105" path="/dev/binderfs/binder0" dev="binder" ino=13 ioctlcmd=0x6201 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  250.218166][ T4360] loop4: detected capacity change from 0 to 16
[  250.234687][ T4360] erofs: (device loop4): mounted with root inode @ nid 36.
[  250.243395][ T4360] cgroup: release_agent respecified
[  250.250392][  T330] usb 1-1: USB disconnect, device number 26
[  250.316563][ T4356] bridge0: port 1(bridge_slave_0) entered blocking state
[  250.328649][ T4356] bridge0: port 1(bridge_slave_0) entered disabled state
[  250.339719][ T4369] loop2: detected capacity change from 0 to 2048
[  250.346544][ T4356] device bridge_slave_0 entered promiscuous mode
[  250.354199][ T4356] bridge0: port 2(bridge_slave_1) entered blocking state
[  250.361852][ T4356] bridge0: port 2(bridge_slave_1) entered disabled state
[  250.375907][ T4356] device bridge_slave_1 entered promiscuous mode
[  250.399255][ T4369] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  250.426608][ T4362] loop0: detected capacity change from 0 to 40427
[  250.438372][ T4362] F2FS-fs (loop0): invalid crc value
[  250.453093][ T4362] F2FS-fs (loop0): Found nat_bits in checkpoint
[  250.499099][ T4362] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4
[  250.509797][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  250.517312][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  250.528343][  T330] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  250.567347][  T330] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  250.575629][  T330] bridge0: port 1(bridge_slave_0) entered blocking state
[  250.582497][  T330] bridge0: port 1(bridge_slave_0) entered forwarding state
[  250.589891][  T330] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  250.598464][  T330] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  250.606507][  T330] bridge0: port 2(bridge_slave_1) entered blocking state
[  250.613345][  T330] bridge0: port 2(bridge_slave_1) entered forwarding state
[  250.620738][  T330] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  250.632072][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  250.648136][ T4356] device veth0_vlan entered promiscuous mode
[  250.656048][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  250.666163][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  250.675376][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  250.683383][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  250.692044][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  250.795339][  T474] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  250.813850][ T4356] device veth1_macvtap entered promiscuous mode
[  250.820401][  T330] usb 5-1: new high-speed USB device number 27 using dummy_hcd
[  250.828027][    T6] usb 3-1: new high-speed USB device number 25 using dummy_hcd
[  250.850871][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  250.863666][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  250.872587][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  251.025574][ T4389] input: syz0 as /devices/virtual/input/input42
[  251.145230][ T3606] syz-executor: attempt to access beyond end of device
[  251.145230][ T3606] loop0: rw=524288, sector=45064, nr_sectors = 8 limit=40427
[  251.199359][ T4373] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm ext4lazyinit: bg 0: block 234: padding at end of block bitmap is not set
[  251.219910][ T3606] syz-executor: attempt to access beyond end of device
[  251.219910][ T3606] loop0: rw=0, sector=45064, nr_sectors = 8 limit=40427
[  251.235186][ T4390] loop3: detected capacity change from 0 to 512
[  251.241458][    T6] usb 3-1: Using ep0 maxpacket: 16
[  251.252650][ T4390] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  251.259106][   T10] kworker/u4:1: attempt to access beyond end of device
[  251.259106][   T10] loop0: rw=2049, sector=40960, nr_sectors = 96 limit=40427
[  251.261504][ T4390] ext4 filesystem being mounted at /5/file0 supports timestamps until 2038 (0x7fffffff)
[  251.297565][ T4390] overlayfs: missing 'lowerdir'
[  251.308696][  T330] usb 5-1: config index 0 descriptor too short (expected 45, got 36)
[  251.358697][    T6] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  251.361702][  T330] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  251.382444][  T330] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  251.391500][  T330] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  251.395474][    T6] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  251.399926][  T330] usb 5-1: config 0 descriptor??
[  251.422460][    T6] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  251.431378][    T6] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  251.445285][    T6] usb 3-1: config 0 descriptor??
[  251.820550][ T4399] bridge0: port 1(bridge_slave_0) entered blocking state
[  251.827388][ T4399] bridge0: port 1(bridge_slave_0) entered disabled state
[  251.835042][ T4399] device bridge_slave_0 entered promiscuous mode
[  251.842787][ T4399] bridge0: port 2(bridge_slave_1) entered blocking state
[  251.849916][ T4399] bridge0: port 2(bridge_slave_1) entered disabled state
[  251.857012][ T4399] device bridge_slave_1 entered promiscuous mode
[  251.899707][ T4399] bridge0: port 2(bridge_slave_1) entered blocking state
[  251.906560][ T4399] bridge0: port 2(bridge_slave_1) entered forwarding state
[  251.914587][ T4399] bridge0: port 1(bridge_slave_0) entered blocking state
[  251.921364][ T4399] bridge0: port 1(bridge_slave_0) entered forwarding state
[  251.943739][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  251.951039][   T19] bridge0: port 1(bridge_slave_0) entered disabled state
[  251.958065][   T19] bridge0: port 2(bridge_slave_1) entered disabled state
[  251.967134][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  251.976123][  T330] plantronics 0003:047F:FFFF.0034: unknown main item tag 0xd
[  251.983460][   T24] bridge0: port 1(bridge_slave_0) entered blocking state
[  251.990301][   T24] bridge0: port 1(bridge_slave_0) entered forwarding state
[  252.025990][  T330] plantronics 0003:047F:FFFF.0034: No inputs registered, leaving
[  252.038922][  T330] plantronics 0003:047F:FFFF.0034: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[  252.053497][ T4319] EXT4-fs (loop3): unmounting filesystem.
[  252.067598][  T330] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  252.075682][  T330] bridge0: port 2(bridge_slave_1) entered blocking state
[  252.082529][  T330] bridge0: port 2(bridge_slave_1) entered forwarding state
[  252.090174][  T330] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  252.097857][  T330] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  252.112371][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  252.119773][    T6] microsoft 0003:045E:07DA.0035: No inputs registered, leaving
[  252.130294][ T4399] device veth0_vlan entered promiscuous mode
[  252.136620][ T3331] device bridge_slave_1 left promiscuous mode
[  252.141220][    T6] microsoft 0003:045E:07DA.0035: hidraw1: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.2-1/input0
[  252.142746][ T3331] bridge0: port 2(bridge_slave_1) entered disabled state
[  252.153825][    T6] microsoft 0003:045E:07DA.0035: no inputs found
[  252.166831][    T6] microsoft 0003:045E:07DA.0035: could not initialize ff, continuing anyway
[  252.167020][ T3331] device bridge_slave_0 left promiscuous mode
[  252.182336][ T3331] bridge0: port 1(bridge_slave_0) entered disabled state
[  252.195594][ T3331] device veth1_macvtap left promiscuous mode
[  252.268331][ T4399] device veth1_macvtap entered promiscuous mode
[  252.275194][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  252.283521][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  252.291631][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  252.303582][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  252.311367][   T19] usb 5-1: USB disconnect, device number 27
[  252.325664][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  252.334438][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  252.360962][ T4407] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1129'.
[  252.363872][ T4369] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  252.371614][ T4407] Zero length message leads to an empty skb
[  252.385248][ T4369] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  252.579258][   T28] audit: type=1400 audit(2000000144.869:19739): avc:  denied  { read } for  pid=4408 comm="syz.3.1130" name="ptp0" dev="devtmpfs" ino=172 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  252.602330][   T28] audit: type=1400 audit(2000000144.869:19740): avc:  denied  { open } for  pid=4408 comm="syz.3.1130" path="/dev/ptp0" dev="devtmpfs" ino=172 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  252.623701][   T24] usb 3-1: USB disconnect, device number 25
[  252.626657][   T28] audit: type=1400 audit(2000000144.869:19741): avc:  denied  { ioctl } for  pid=4408 comm="syz.3.1130" path="/dev/ptp0" dev="devtmpfs" ino=172 ioctlcmd=0x3d06 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  252.768675][    T6] usb 2-1: new high-speed USB device number 26 using dummy_hcd
[  253.008628][    T6] usb 2-1: Using ep0 maxpacket: 16
[  253.128692][    T6] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  253.139865][    T6] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  253.145630][ T3841] EXT4-fs (loop2): unmounting filesystem.
[  253.155259][    T6] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  253.167686][    T6] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  253.176833][    T6] usb 2-1: config 0 descriptor??
[  253.283619][ T4428] loop3: detected capacity change from 0 to 2048
[  253.300104][ T4428] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  254.802875][ T4319] EXT4-fs (loop3): unmounting filesystem.
[  255.289485][   T28] audit: type=1400 audit(2000000147.229:19742): avc:  denied  { mount } for  pid=4435 comm="syz.4.1127" name="/" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1
[  255.337330][   T28] audit: type=1326 audit(2000000147.369:19743): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4435 comm="syz.4.1127" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f25505779f9 code=0x0
[  255.405703][    T6] microsoft 0003:045E:07DA.0036: No inputs registered, leaving
[  255.414081][    T6] microsoft 0003:045E:07DA.0036: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.1-1/input0
[  255.425365][    T6] microsoft 0003:045E:07DA.0036: no inputs found
[  255.431538][    T6] microsoft 0003:045E:07DA.0036: could not initialize ff, continuing anyway
[  255.484397][ T4442] loop0: detected capacity change from 0 to 40427
[  255.491461][ T4442] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  255.499060][ T4442] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  255.507608][ T4442] F2FS-fs (loop0): invalid crc value
[  255.514017][ T4442] F2FS-fs (loop0): Found nat_bits in checkpoint
[  255.540051][ T4442] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  255.546918][ T4442] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  255.597945][ T4448] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  255.617492][ T4448] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  255.688708][   T24] usb 3-1: new high-speed USB device number 26 using dummy_hcd
[  255.795839][ T4459] syz.0.1128: attempt to access beyond end of device
[  255.795839][ T4459] loop0: rw=2049, sector=45096, nr_sectors = 128 limit=40427
[  255.970670][ T4468] loop3: detected capacity change from 0 to 512
[  256.000757][  T826] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  256.009908][  T826] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  256.026583][  T826] kworker/u4:6: attempt to access beyond end of device
[  256.026583][  T826] loop0: rw=1, sector=45224, nr_sectors = 8 limit=40427
[  256.049084][   T24] usb 3-1: Using ep0 maxpacket: 16
[  256.051151][ T3463] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  256.079122][  T474] usb 2-1: USB disconnect, device number 26
[  256.092034][ T4470] loop4: detected capacity change from 0 to 512
[  256.123063][ T4470] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  256.131975][ T4470] ext4 filesystem being mounted at /17/file0 supports timestamps until 2038 (0x7fffffff)
[  256.148515][ T4470] overlayfs: missing 'lowerdir'
[  256.220193][   T24] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  256.230866][ T4477] loop0: detected capacity change from 0 to 2048
[  256.237326][   T24] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  256.247530][   T24] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  256.260542][   T24] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2e22, bcdDevice= 0.00
[  256.269732][   T24] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  256.278412][   T24] usb 3-1: config 0 descriptor??
[  256.284568][ T4477] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  256.738659][   T19] usb 1-1: new high-speed USB device number 27 using dummy_hcd
[  256.761245][   T24] koneplus 0003:1E7D:2E22.0037: unknown main item tag 0x0
[  256.771579][   T24] koneplus 0003:1E7D:2E22.0037: hidraw0: USB HID v0.00 Device [HID 1e7d:2e22] on usb-dummy_hcd.2-1/input0
[  256.968719][   T24] koneplus 0003:1E7D:2E22.0037: couldn't init struct koneplus_device
[  256.978654][   T19] usb 1-1: Using ep0 maxpacket: 16
[  256.984065][ T4188] EXT4-fs (loop4): unmounting filesystem.
[  257.019653][   T24] koneplus 0003:1E7D:2E22.0037: couldn't install mouse
[  257.026818][   T24] koneplus: probe of 0003:1E7D:2E22.0037 failed with error -5
[  257.062587][ T4489] loop4: detected capacity change from 0 to 512
[  257.082607][ T4489] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem
[  257.092276][ T4489] EXT4-fs error (device loop4): ext4_orphan_get:1396: inode #15: comm syz.4.1139: iget: bad i_size value: -67835469387268086
[  257.105475][ T4489] EXT4-fs error (device loop4): ext4_orphan_get:1401: comm syz.4.1139: couldn't read orphan inode 15 (err -117)
[  257.109554][   T19] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  257.117654][ T4489] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  257.128527][   T19] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  257.136339][ T4489] ext2 filesystem being mounted at /18/file0 supports timestamps until 2038 (0x7fffffff)
[  257.149142][   T19] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  258.651225][   T19] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  258.660632][  T420] usb 3-1: USB disconnect, device number 26
[  258.667352][   T19] usb 1-1: config 0 descriptor??
[  258.985208][ T4507] netlink: 'syz.3.1142': attribute type 4 has an invalid length.
[  258.995355][ T4507] netlink: 'syz.3.1142': attribute type 4 has an invalid length.
[  259.005904][ T4507] loop3: detected capacity change from 0 to 256
[  259.007435][ T4503] overlayfs: upper fs needs to support d_type.
[  259.059162][ T3463] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  259.166130][ T4512] A link change request failed with some changes committed already. Interface batadv_slave_0 may have been left with an inconsistent configuration, please check.
[  259.267941][   T19] microsoft 0003:045E:07DA.0038: No inputs registered, leaving
[  259.277719][ T4188] EXT4-fs (loop4): unmounting filesystem.
[  259.283554][   T19] microsoft 0003:045E:07DA.0038: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.0-1/input0
[  259.313847][   T19] microsoft 0003:045E:07DA.0038: no inputs found
[  259.332081][   T19] microsoft 0003:045E:07DA.0038: could not initialize ff, continuing anyway
[  259.359175][  T420] usb 3-1: new high-speed USB device number 27 using dummy_hcd
[  259.438626][   T28] audit: type=1400 audit(2000000151.719:19744): avc:  denied  { read } for  pid=4513 comm="syz.4.1144" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  259.509922][   T28] audit: type=1400 audit(2000000151.799:19745): avc:  denied  { write } for  pid=4513 comm="syz.4.1144" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  259.669651][   T28] audit: type=1400 audit(2000000151.959:19746): avc:  denied  { create } for  pid=4518 comm="syz.3.1145" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  259.683182][ T4520] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  259.698183][ T4520] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  259.888691][  T420] usb 3-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f
[  259.905241][  T420] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  259.919357][  T420] usb 3-1: Product: syz
[  259.925786][  T420] usb 3-1: Manufacturer: syz
[  259.934385][  T420] usb 3-1: SerialNumber: syz
[  259.943162][  T420] usb 3-1: config 0 descriptor??
[  260.006897][  T420] usb 1-1: USB disconnect, device number 27
[  260.088659][ T4475] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm ext4lazyinit: bg 0: block 234: padding at end of block bitmap is not set
[  260.238723][ T4531] loop4: detected capacity change from 0 to 512
[  260.261092][ T4531] EXT4-fs (loop4): 1 orphan inode deleted
[  260.266687][ T4531] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  260.275667][ T4531] ext4 filesystem being mounted at /20/file1 supports timestamps until 2038 (0x7fffffff)
[  260.636705][ T4399] EXT4-fs (loop0): unmounting filesystem.
[  260.656095][ T4538] loop0: detected capacity change from 0 to 512
[  260.670406][ T4538] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  260.679297][ T4538] ext4 filesystem being mounted at /5/file0 supports timestamps until 2038 (0x7fffffff)
[  260.693123][ T4538] overlayfs: missing 'lowerdir'
[  261.068854][ T4545] loop1: detected capacity change from 0 to 2048
[  261.124752][ T4188] EXT4-fs (loop4): unmounting filesystem.
[  261.149499][ T4545] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  262.095727][ T4356] EXT4-fs (loop1): unmounting filesystem.
[  262.291313][ T4399] EXT4-fs (loop0): unmounting filesystem.
[  262.303622][ T4560] usb 3-1: USB disconnect, device number 27
[  262.802829][ T2920] usb 1-1: new high-speed USB device number 28 using dummy_hcd
[  263.158634][ T2920] usb 1-1: Using ep0 maxpacket: 8
[  263.278883][ T2920] usb 1-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  263.287777][ T2920] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  263.296375][ T2920] usb 1-1: config 0 descriptor??
[  265.518714][ T2920] asix 1-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  265.528631][ T2920] asix: probe of 1-1:0.0 failed with error -71
[  265.536433][ T2920] usb 1-1: USB disconnect, device number 28
[  266.017022][ T4587] loop1: detected capacity change from 0 to 256
[  266.022152][ T4589] loop0: detected capacity change from 0 to 512
[  266.031715][ T4586] loop3: detected capacity change from 0 to 2048
[  266.045234][ T4589] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  266.063904][ T4586] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  266.073259][ T4589] EXT4-fs error (device loop0): ext4_orphan_get:1396: inode #15: comm syz.0.1162: iget: bad i_size value: -67835469387268086
[  266.147121][ T4597] loop2: detected capacity change from 0 to 1024
[  267.031460][ T4597] JBD2: no valid journal superblock found
[  267.037050][ T4597] EXT4-fs (loop2): error loading journal
[  267.063202][ T4594] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm ext4lazyinit: bg 0: block 234: padding at end of block bitmap is not set
[  267.077480][ T4589] EXT4-fs error (device loop0): ext4_orphan_get:1401: comm syz.0.1162: couldn't read orphan inode 15 (err -117)
[  267.349023][ T4589] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  267.355386][   T28] audit: type=1400 audit(2000000159.639:19747): avc:  denied  { mount } for  pid=4604 comm="syz.2.1167" name="/" dev="bpf" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=filesystem permissive=1
[  267.357471][ T4589] ext2 filesystem being mounted at /7/file0 supports timestamps until 2038 (0x7fffffff)
[  267.412858][   T28] audit: type=1400 audit(2000000159.699:19748): avc:  denied  { unmount } for  pid=3841 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=filesystem permissive=1
[  267.839930][  T330] usb 4-1: new high-speed USB device number 23 using dummy_hcd
[  267.851541][ T4609] netlink: 116 bytes leftover after parsing attributes in process `syz.2.1168'.
[  267.860669][ T4609] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1168'.
[  267.871748][ T4609] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1168'.
[  267.995054][ T4612] overlayfs: upper fs needs to support d_type.
[  268.293359][  T330] usb 4-1: Using ep0 maxpacket: 16
[  268.363280][ T4616] loop4: detected capacity change from 0 to 2048
[  268.381514][ T4620] loop1: detected capacity change from 0 to 512
[  268.393387][ T4399] EXT4-fs (loop0): unmounting filesystem.
[  268.400484][ T4616] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  268.408802][  T330] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  268.408834][  T330] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  268.430962][ T4625] loop0: detected capacity change from 0 to 1024
[  268.435672][  T330] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  268.457055][ T4620] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  268.466081][ T4620] ext4 filesystem being mounted at /11/file0 supports timestamps until 2038 (0x7fffffff)
[  268.490017][ T4625] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a000c118, mo2=0002]
[  268.504074][  T330] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  268.512679][  T330] usb 4-1: config 0 descriptor??
[  268.518448][ T4625] System zones: 0-1, 3-12
[  268.520538][ T4620] overlayfs: missing 'lowerdir'
[  268.523241][ T4625] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  269.148460][ T4399] EXT4-fs (loop0): unmounting filesystem.
[  269.425861][ T4188] EXT4-fs (loop4): unmounting filesystem.
[  269.432941][ T4319] EXT4-fs (loop3): unmounting filesystem.
[  269.576200][ T4356] EXT4-fs (loop1): unmounting filesystem.
[  269.882439][  T330] usbhid 4-1:0.0: can't add hid device: -71
[  270.095184][ T4655] loop3: detected capacity change from 0 to 16
[  270.102365][ T4655] erofs: Unknown parameter '����'
[  270.113969][  T330] usbhid: probe of 4-1:0.0 failed with error -71
[  270.135273][ T4649] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1179'.
[  270.147695][  T330] usb 4-1: USB disconnect, device number 23
[  270.204698][   T28] audit: type=1400 audit(2000000162.489:19749): avc:  denied  { getopt } for  pid=4648 comm="syz.0.1179" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  271.292036][ T4668] loop1: detected capacity change from 0 to 512
[  271.349138][ T4668] EXT4-fs (loop1): Test dummy encryption mode enabled
[  271.449106][ T4668] EXT4-fs error (device loop1): __ext4_iget:5046: inode #11: block 1: comm syz.1.1181: invalid block
[  271.461257][ T4668] EXT4-fs error (device loop1): ext4_orphan_get:1401: comm syz.1.1181: couldn't read orphan inode 11 (err -117)
[  271.473984][ T4668] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  271.643752][ T4356] EXT4-fs (loop1): unmounting filesystem.
[  271.661963][ T4680] loop1: detected capacity change from 0 to 1024
[  271.676681][ T4680] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  271.689578][ T4684] loop2: detected capacity change from 0 to 256
[  271.695906][ T4684] exfat: Bad value for 'uid'
[  271.723883][ T4684] loop2: detected capacity change from 0 to 512
[  271.898669][  T330] usb 5-1: new low-speed USB device number 28 using dummy_hcd
[  272.378686][  T330] usb 5-1: No LPM exit latency info found, disabling LPM.
[  272.458754][  T330] usb 5-1: config 1 contains an unexpected descriptor of type 0x1, skipping
[  272.467346][  T330] usb 5-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[  272.477216][  T330] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  272.519597][ T4356] EXT4-fs (loop1): unmounting filesystem.
[  272.718689][  T330] usb 5-1: string descriptor 0 read error: -22
[  272.724732][  T330] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  272.733934][  T330] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  272.779905][  T330] usb 5-1: 0:2 : does not exist
[  272.982946][  T330] usb 5-1: USB disconnect, device number 28
[  273.499183][ T4695] EXT4-fs warning (device sda1): verify_group_input:151: Cannot add at group 925 (only 8 groups)
[  273.517815][ T4699] loop4: detected capacity change from 0 to 2048
[  273.530400][ T4699] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  273.573832][ T4707] loop0: detected capacity change from 0 to 2048
[  273.590514][ T4707] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  274.140142][  T330] usb 5-1: new high-speed USB device number 29 using dummy_hcd
[  274.392319][ T4714] loop1: detected capacity change from 0 to 2048
[  274.447486][  T330] usb 5-1: Using ep0 maxpacket: 16
[  274.450640][ T4714] EXT4-fs (loop1): cluster size (2048) smaller than block size (4096)
[  274.464140][ T4399] EXT4-fs (loop0): unmounting filesystem.
[  274.511870][ T4723] loop0: detected capacity change from 0 to 512
[  274.540344][ T4723] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  274.549233][ T4723] ext4 filesystem being mounted at /15/file0 supports timestamps until 2038 (0x7fffffff)
[  274.565183][ T4723] overlayfs: missing 'lowerdir'
[  274.616269][  T330] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  274.627047][  T330] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  274.640469][  T330] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  274.649398][  T330] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  274.676952][  T330] usb 5-1: config 0 descriptor??
[  275.722272][ T4736] loop2: detected capacity change from 0 to 16
[  275.748477][ T4735] loop3: detected capacity change from 0 to 512
[  275.761491][ T4736] erofs: (device loop2): mounted with root inode @ nid 36.
[  275.770355][ T4735] EXT4-fs (loop3): Test dummy encryption mode enabled
[  275.881475][ T4735] EXT4-fs error (device loop3): __ext4_iget:5046: inode #11: block 1: comm syz.3.1197: invalid block
[  275.893041][ T4735] EXT4-fs error (device loop3): ext4_orphan_get:1401: comm syz.3.1197: couldn't read orphan inode 11 (err -117)
[  275.906291][ T4735] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  276.016916][  T330] microsoft 0003:045E:07DA.0039: No inputs registered, leaving
[  276.024963][  T330] microsoft 0003:045E:07DA.0039: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.4-1/input0
[  276.036761][  T330] microsoft 0003:045E:07DA.0039: no inputs found
[  276.042978][  T330] microsoft 0003:045E:07DA.0039: could not initialize ff, continuing anyway
[  276.053795][ T4399] EXT4-fs (loop0): unmounting filesystem.
[  276.116766][ T4319] EXT4-fs (loop3): unmounting filesystem.
[  276.129644][ T4740] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  276.153697][ T4740] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  276.848696][  T330] usb 2-1: new low-speed USB device number 27 using dummy_hcd
[  276.901953][ T4763] loop2: detected capacity change from 0 to 2048
[  276.919919][ T4763] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  276.968731][   T39] usb 5-1: USB disconnect, device number 29
[  277.199651][ T4702] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm ext4lazyinit: bg 0: block 234: padding at end of block bitmap is not set
[  277.338683][  T330] usb 2-1: No LPM exit latency info found, disabling LPM.
[  277.428822][  T330] usb 2-1: config 1 contains an unexpected descriptor of type 0x1, skipping
[  277.437490][  T330] usb 2-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[  277.447361][  T330] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  277.481689][ T4188] EXT4-fs (loop4): unmounting filesystem.
[  277.578695][ T4741] usb 1-1: new high-speed USB device number 29 using dummy_hcd
[  277.670800][ T4781] loop4: detected capacity change from 0 to 256
[  277.681013][ T4781] FAT-fs (loop4): Unrecognized mount option "184467440737095516150xffffffffffffffff�" or missing value
[  277.800239][  T330] usb 2-1: string descriptor 0 read error: -22
[  277.807833][  T330] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  277.838848][   T28] audit: type=1400 audit(2000000170.079:19750): avc:  denied  { read } for  pid=4778 comm="syz.4.1212" name="vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[  277.864688][  T330] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  277.866081][ T3841] EXT4-fs (loop2): unmounting filesystem.
[  277.878799][   T28] audit: type=1400 audit(2000000170.079:19751): avc:  denied  { open } for  pid=4778 comm="syz.4.1212" path="/dev/vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[  277.921019][ T4787] loop2: detected capacity change from 0 to 512
[  277.929809][  T330] usb 2-1: 0:2 : does not exist
[  277.956075][ T4787] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  277.965344][ T4787] ext4 filesystem being mounted at /54/file0 supports timestamps until 2038 (0x7fffffff)
[  277.977827][ T4787] overlayfs: missing 'lowerdir'
[  277.988686][ T4741] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  278.056472][ T4741] usb 1-1: config 0 has no interfaces?
[  278.062082][ T4741] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  278.071260][ T4741] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  278.080100][ T4741] usb 1-1: config 0 descriptor??
[  278.082733][ T4785] loop3: detected capacity change from 0 to 40427
[  278.091688][ T4785] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  278.099500][ T4785] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  278.108087][ T4785] F2FS-fs (loop3): invalid crc value
[  278.114586][ T4785] F2FS-fs (loop3): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 39874397669)
[  278.400344][ T4741] usb 2-1: USB disconnect, device number 27
[  278.402031][ T4775] loop0: detected capacity change from 0 to 512
[  278.419270][ T4775] EXT4-fs: Ignoring removed nomblk_io_submit option
[  278.419529][   T28] audit: type=1400 audit(2000000170.709:19752): avc:  denied  { mount } for  pid=4797 comm="syz.4.1216" name="/" dev="configfs" ino=13765 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1
[  278.452349][   T28] audit: type=1400 audit(2000000170.739:19753): avc:  denied  { read } for  pid=4797 comm="syz.4.1216" name="/" dev="configfs" ino=13765 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  278.475561][   T28] audit: type=1400 audit(2000000170.739:19754): avc:  denied  { open } for  pid=4797 comm="syz.4.1216" path="/" dev="configfs" ino=13765 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  278.498235][ T4785] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  278.505345][ T4785] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  278.507833][ T4775] EXT4-fs error (device loop0): ext4_xattr_delete_inode:2926: inode #16: comm syz.0.1210: corrupted xattr block 8
[  278.524888][ T4775] EXT4-fs (loop0): Remounting filesystem read-only
[  278.525278][   T28] audit: type=1400 audit(2000000170.819:19755): avc:  denied  { unmount } for  pid=4188 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1
[  278.531472][ T4775] EXT4-fs warning (device loop0): ext4_evict_inode:299: xattr delete (err -117)
[  278.561229][ T4775] EXT4-fs (loop0): 1 orphan inode deleted
[  278.567071][ T4775] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  278.576097][ T4775] ext4 filesystem being mounted at /19/file1 supports timestamps until 2038 (0x7fffffff)
[  278.596135][ T4774] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  278.605326][ T4774] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  278.683073][ T4741] usb 1-1: USB disconnect, device number 29
[  279.326845][ T4807] overlayfs: missing 'lowerdir'
[  279.358796][   T28] audit: type=1400 audit(2000000171.609:19756): avc:  denied  { setopt } for  pid=4784 comm="syz.3.1215" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  279.429033][ T3841] EXT4-fs (loop2): unmounting filesystem.
[  279.675819][ T4816] loop2: detected capacity change from 0 to 2048
[  279.725607][ T4816] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  279.792282][ T4820] loop3: detected capacity change from 0 to 256
[  279.821639][ T4399] EXT4-fs (loop0): unmounting filesystem.
[  279.844728][ T4820] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x38db593b, utbl_chksum : 0xe619d30d)
[  280.006041][ T4827] loop0: detected capacity change from 0 to 2048
[  280.173789][  T330] usb 3-1: new high-speed USB device number 28 using dummy_hcd
[  280.299517][ T4827] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  280.719160][  T330] usb 3-1: Using ep0 maxpacket: 16
[  280.808881][ T4837] input: syz0 as /devices/virtual/input/input48
[  280.939397][  T330] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  280.956846][ T4399] EXT4-fs (loop0): unmounting filesystem.
[  281.057538][  T330] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  281.074021][  T330] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  281.083189][  T330] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  281.085930][ T4812] loop4: detected capacity change from 0 to 131072
[  281.094835][  T330] usb 3-1: config 0 descriptor??
[  281.102841][ T4812] F2FS-fs (loop4): Test dummy encryption mode enabled
[  281.116029][ T4812] F2FS-fs (loop4): invalid crc value
[  281.118919][ T4841] loop0: detected capacity change from 0 to 128
[  281.123487][ T4812] F2FS-fs (loop4): Found nat_bits in checkpoint
[  281.127500][ T4841] FAT-fs (loop0): Unrecognized mount option "0xffffffffffffffff" or missing value
[  281.167339][ T4812] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  281.498914][ T4847] loop0: detected capacity change from 0 to 512
[  281.784492][ T4849] loop3: detected capacity change from 0 to 512
[  281.791156][ T4188] F2FS-fs (loop4): f2fs_fill_dentries: corrupted namelen=1025, run fsck to fix.
[  281.803527][ T4847] EXT4-fs warning (device loop0): dx_probe:877: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  281.810063][ T4856] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1230'.
[  281.815415][ T4847] EXT4-fs warning (device loop0): dx_probe:880: Enable large directory feature to access it
[  281.833703][ T4847] EXT4-fs warning (device loop0): dx_probe:965: inode #2: comm syz.0.1228: Corrupt directory, running e2fsck is recommended
[  281.847244][ T4847] EXT4-fs (loop0): Cannot turn on journaled quota: type 1: error -117
[  281.857057][ T4849] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  281.865826][ T4847] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2213: inode #15: comm syz.0.1228: corrupted in-inode xattr
[  281.868680][ T4849] ext4 filesystem being mounted at /30/file0 supports timestamps until 2038 (0x7fffffff)
[  281.887120][ T4847] EXT4-fs (loop0): Remounting filesystem read-only
[  281.893608][ T4847] EXT4-fs error (device loop0): ext4_orphan_get:1401: comm syz.0.1228: couldn't read orphan inode 15 (err -117)
[  281.903762][ T4849] overlayfs: missing 'lowerdir'
[  281.910014][ T4847] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  281.919212][ T4847] EXT4-fs (loop0): unmounting filesystem.
[  282.011054][  T330] microsoft 0003:045E:07DA.003A: No inputs registered, leaving
[  282.019060][  T330] microsoft 0003:045E:07DA.003A: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.2-1/input0
[  282.030353][  T330] microsoft 0003:045E:07DA.003A: no inputs found
[  282.036748][  T330] microsoft 0003:045E:07DA.003A: could not initialize ff, continuing anyway
[  282.389786][ T4865] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  282.402035][ T4865] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  282.416560][ T4319] EXT4-fs (loop3): unmounting filesystem.
[  282.529947][   T28] audit: type=1400 audit(2000000174.809:19757): avc:  denied  { shutdown } for  pid=4861 comm="syz.1.1233" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  282.615695][ T4871] netlink: 'syz.3.1235': attribute type 4 has an invalid length.
[  282.701904][ T4872] netlink: 'syz.3.1235': attribute type 4 has an invalid length.
[  282.718730][ T4790] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm ext4lazyinit: bg 0: block 234: padding at end of block bitmap is not set
[  282.760414][ T2920] usb 1-1: new low-speed USB device number 30 using dummy_hcd
[  282.807184][  T474] usb 3-1: USB disconnect, device number 28
[  283.015636][ T3331] device bridge_slave_1 left promiscuous mode
[  283.022305][ T3331] bridge0: port 2(bridge_slave_1) entered disabled state
[  283.032748][ T3331] device bridge_slave_0 left promiscuous mode
[  283.039179][ T3331] bridge0: port 1(bridge_slave_0) entered disabled state
[  283.051724][ T3331] device veth1_macvtap left promiscuous mode
[  283.155933][ T4878] bridge0: port 1(bridge_slave_0) entered blocking state
[  283.162923][ T4878] bridge0: port 1(bridge_slave_0) entered disabled state
[  283.170496][ T4878] device bridge_slave_0 entered promiscuous mode
[  283.177356][ T4878] bridge0: port 2(bridge_slave_1) entered blocking state
[  283.184301][ T4878] bridge0: port 2(bridge_slave_1) entered disabled state
[  283.191794][ T4878] device bridge_slave_1 entered promiscuous mode
[  283.230706][ T4878] bridge0: port 2(bridge_slave_1) entered blocking state
[  283.237586][ T4878] bridge0: port 2(bridge_slave_1) entered forwarding state
[  283.244064][ T4882] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  283.244761][ T4878] bridge0: port 1(bridge_slave_0) entered blocking state
[  283.261685][ T4878] bridge0: port 1(bridge_slave_0) entered forwarding state
[  283.280533][  T420] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  283.287875][  T420] bridge0: port 1(bridge_slave_0) entered disabled state
[  283.294969][  T420] bridge0: port 2(bridge_slave_1) entered disabled state
[  283.302011][ T2920] usb 1-1: No LPM exit latency info found, disabling LPM.
[  283.315566][  T420] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  283.323535][  T420] bridge0: port 1(bridge_slave_0) entered blocking state
[  283.330379][  T420] bridge0: port 1(bridge_slave_0) entered forwarding state
[  283.337537][  T420] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  283.345535][  T420] bridge0: port 2(bridge_slave_1) entered blocking state
[  283.352374][  T420] bridge0: port 2(bridge_slave_1) entered forwarding state
[  283.368660][  T420] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  283.376688][  T420] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  283.384496][  T420] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  283.392637][  T420] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  283.400233][ T2920] usb 1-1: config 1 contains an unexpected descriptor of type 0x1, skipping
[  283.408933][ T2920] usb 1-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[  283.410771][  T474] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  283.418842][ T2920] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  283.427591][  T474] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  283.447779][ T4878] device veth0_vlan entered promiscuous mode
[  283.454023][ T4741] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  283.461957][ T4741] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  283.470061][ T4741] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  283.470123][ T3841] EXT4-fs (loop2): unmounting filesystem.
[  283.477354][ T4741] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  283.495663][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  283.504099][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  283.506034][ T4889] loop2: detected capacity change from 0 to 1024
[  283.518349][ T4878] device veth1_macvtap entered promiscuous mode
[  283.527741][ T4889] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  283.529444][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  283.543987][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  283.552085][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  283.561081][ T3841] EXT4-fs (loop2): unmounting filesystem.
[  283.572186][  T420] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  283.605636][  T420] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  283.708698][ T2920] usb 1-1: string descriptor 0 read error: -22
[  283.714724][ T2920] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  283.723896][ T2920] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  283.809805][ T4897] input: syz0 as /devices/virtual/input/input50
[  283.971134][ T2920] usb 1-1: 0:2 : does not exist
[  284.180905][  T474] usb 1-1: USB disconnect, device number 30
[  284.534056][ T4908] loop3: detected capacity change from 0 to 512
[  284.541383][ T4910] syz.4.1246[4910] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  284.541453][ T4910] syz.4.1246[4910] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  284.584730][ T4908] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  284.604680][ T4908] ext4 filesystem being mounted at /35/file0 supports timestamps until 2038 (0x7fffffff)
[  284.622600][ T4908] overlayfs: missing 'lowerdir'
[  285.306358][  T474] usb 2-1: new high-speed USB device number 28 using dummy_hcd
[  285.362074][ T4926] loop0: detected capacity change from 0 to 256
[  285.365000][ T4319] EXT4-fs (loop3): unmounting filesystem.
[  285.397700][ T4926] FAT-fs (loop0): Directory bread(block 64) failed
[  285.408918][ T4926] FAT-fs (loop0): Directory bread(block 65) failed
[  285.415492][ T4926] FAT-fs (loop0): Directory bread(block 66) failed
[  285.429317][ T4926] FAT-fs (loop0): Directory bread(block 67) failed
[  285.445865][ T4926] FAT-fs (loop0): Directory bread(block 68) failed
[  285.462511][ T4926] FAT-fs (loop0): Directory bread(block 69) failed
[  285.679055][ T4926] FAT-fs (loop0): Directory bread(block 70) failed
[  285.687692][ T4926] FAT-fs (loop0): Directory bread(block 71) failed
[  285.740267][ T4926] FAT-fs (loop0): Directory bread(block 72) failed
[  285.746653][ T4926] FAT-fs (loop0): Directory bread(block 73) failed
[  285.871582][ T4906] loop2: detected capacity change from 0 to 131072
[  285.884245][ T4906] F2FS-fs (loop2): Test dummy encryption mode enabled
[  285.890967][  T474] usb 2-1: config 17 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 255, changing to 11
[  285.902055][  T474] usb 2-1: config 17 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 59391, setting to 1024
[  285.914082][  T474] usb 2-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00
[  285.924188][  T474] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  286.169498][ T4906] F2FS-fs (loop2): invalid crc value
[  286.169971][ T4904] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  286.193737][ T4906] F2FS-fs (loop2): Found nat_bits in checkpoint
[  286.234107][ T4906] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  286.313124][  T826] kworker/u4:6: attempt to access beyond end of device
[  286.313124][  T826] loop0: rw=1, sector=1224, nr_sectors = 128 limit=256
[  286.662505][ T3841] F2FS-fs (loop2): f2fs_fill_dentries: corrupted namelen=1025, run fsck to fix.
[  286.692533][   T19] usb 4-1: new high-speed USB device number 24 using dummy_hcd
[  286.700208][ T2920] usb 5-1: new high-speed USB device number 30 using dummy_hcd
[  287.108848][   T19] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  287.119935][ T2920] usb 5-1: config 0 has an invalid interface number: 1 but max is 0
[  287.127778][ T2920] usb 5-1: config 0 has no interface number 0
[  287.133690][   T19] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  287.143219][ T2920] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  287.153900][   T19] usb 4-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00
[  287.162867][ T2920] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  287.172426][   T19] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  287.180235][ T2920] usb 5-1: New USB device found, idVendor=5543, idProduct=0522, bcdDevice= 0.00
[  287.189441][ T2920] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  287.197666][   T19] usb 4-1: config 0 descriptor??
[  287.210478][ T2920] usb 5-1: config 0 descriptor??
[  287.329107][  T380] device bridge_slave_1 left promiscuous mode
[  287.335087][  T380] bridge0: port 2(bridge_slave_1) entered disabled state
[  287.342391][  T380] device bridge_slave_0 left promiscuous mode
[  287.348312][  T380] bridge0: port 1(bridge_slave_0) entered disabled state
[  287.355999][  T380] device veth1_macvtap left promiscuous mode
[  287.428729][  T474] aiptek 2-1:17.0: Aiptek using 400 ms programming speed
[  287.437655][  T474] input: Aiptek as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:17.0/input/input51
[  287.448451][  T474] usb 2-1: USB disconnect, device number 28
[  287.458601][    C1] aiptek 2-1:17.0: aiptek_irq - usb_submit_urb failed with result -19
[  287.659632][   T19] lg-g15 0003:046D:C222.003B: unknown main item tag 0x0
[  287.666956][   T19] lg-g15 0003:046D:C222.003B: hidraw0: USB HID v0.00 Device [HID 046d:c222] on usb-dummy_hcd.3-1/input0
[  287.688841][ T2920] hid (null): global environment stack underflow
[  287.695980][ T2920] uclogic 0003:5543:0522.003C: global environment stack underflow
[  287.703648][ T2920] uclogic 0003:5543:0522.003C: item 0 1 1 11 parsing failed
[  287.710860][ T2920] uclogic 0003:5543:0522.003C: parse failed
[  287.716595][ T2920] uclogic: probe of 0003:5543:0522.003C failed with error -22
[  287.863911][ T2920] usb 4-1: USB disconnect, device number 24
[  287.892548][   T19] usb 5-1: USB disconnect, device number 30
[  287.928484][   T28] audit: type=1400 audit(2000000180.209:19758): avc:  denied  { read } for  pid=4950 comm="syz.0.1265" name="msr" dev="devtmpfs" ino=86 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[  287.952972][   T28] audit: type=1400 audit(2000000180.239:19759): avc:  denied  { open } for  pid=4950 comm="syz.0.1265" path="/dev/cpu/0/msr" dev="devtmpfs" ino=86 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[  288.249331][ T4952] loop1: detected capacity change from 0 to 40427
[  288.269135][ T4952] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  288.276923][ T4952] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  288.286105][ T4952] F2FS-fs (loop1): invalid crc value
[  288.292686][ T4952] F2FS-fs (loop1): Found nat_bits in checkpoint
[  288.299569][ T4955] bridge0: port 1(bridge_slave_0) entered blocking state
[  288.306407][ T4955] bridge0: port 1(bridge_slave_0) entered disabled state
[  288.313920][ T4955] device bridge_slave_0 entered promiscuous mode
[  288.321194][ T4955] bridge0: port 2(bridge_slave_1) entered blocking state
[  288.329487][ T4955] bridge0: port 2(bridge_slave_1) entered disabled state
[  288.342000][ T4955] device bridge_slave_1 entered promiscuous mode
[  288.377889][ T4952] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  288.417776][ T4952] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  288.635632][ T4955] bridge0: port 2(bridge_slave_1) entered blocking state
[  288.642778][ T4955] bridge0: port 2(bridge_slave_1) entered forwarding state
[  288.649980][ T4955] bridge0: port 1(bridge_slave_0) entered blocking state
[  288.656721][ T4955] bridge0: port 1(bridge_slave_0) entered forwarding state
[  288.686238][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  288.694442][   T19] bridge0: port 1(bridge_slave_0) entered disabled state
[  288.702200][   T19] bridge0: port 2(bridge_slave_1) entered disabled state
[  288.718291][ T2920] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  288.726741][ T2920] bridge0: port 1(bridge_slave_0) entered blocking state
[  288.733624][ T2920] bridge0: port 1(bridge_slave_0) entered forwarding state
[  289.596891][ T4984] loop4: detected capacity change from 0 to 256
[  289.620179][ T2920] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  289.628418][ T2920] bridge0: port 2(bridge_slave_1) entered blocking state
[  289.635292][ T2920] bridge0: port 2(bridge_slave_1) entered forwarding state
[  289.649597][  T420] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  289.668934][ T4984] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x38db593b, utbl_chksum : 0xe619d30d)
[  289.676462][  T420] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  289.699822][  T826] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  289.701596][  T420] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  289.711574][  T826] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  289.716995][  T420] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  289.735220][ T4955] device veth0_vlan entered promiscuous mode
[  289.954136][   T28] audit: type=1400 audit(2000000182.089:19760): avc:  denied  { create } for  pid=4980 comm="syz.3.1260" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  289.973304][ T4955] device veth1_macvtap entered promiscuous mode
[  289.980606][ T4987] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1260'.
[  289.989460][ T4988] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1260'.
[  289.998910][ T2920] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  290.023514][ T2920] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  290.126546][ T2920] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  290.186800][ T2920] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  290.223320][ T2920] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  290.230985][ T2920] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  290.238343][ T2920] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  290.258732][  T474] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  290.267205][  T474] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  290.275694][  T474] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  290.284112][  T474] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  290.292160][   T28] audit: type=1400 audit(2000000182.579:19761): avc:  denied  { setopt } for  pid=4992 comm="syz.1.1261" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  290.871499][ T5017] loop3: detected capacity change from 0 to 512
[  290.909598][ T5017] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  290.918679][ T5017] ext4 filesystem being mounted at /41/file0 supports timestamps until 2038 (0x7fffffff)
[  291.319714][ T5017] overlayfs: missing 'lowerdir'
[  293.377447][ T4319] EXT4-fs (loop3): unmounting filesystem.
[  294.524816][ T5055] loop1: detected capacity change from 0 to 2048
[  294.525719][ T5057] loop2: detected capacity change from 0 to 256
[  294.552322][ T5055] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  294.563578][ T5057] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x38db593b, utbl_chksum : 0xe619d30d)
[  294.691845][ T5068] loop4: detected capacity change from 0 to 2048
[  295.303742][   T28] audit: type=1400 audit(2000000187.059:19762): avc:  denied  { setopt } for  pid=5054 comm="syz.1.1278" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  295.479011][ T4356] EXT4-fs (loop1): unmounting filesystem.
[  295.498550][ T5068] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  295.578524][ T4560] usb 1-1: new full-speed USB device number 31 using dummy_hcd
[  296.058687][ T2920] usb 5-1: new high-speed USB device number 31 using dummy_hcd
[  296.098220][ T5089] loop2: detected capacity change from 0 to 2048
[  296.110229][ T5089] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  296.228691][ T4560] usb 1-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  296.237376][ T4560] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 4
[  296.248154][ T4560] usb 1-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 4
[  296.308612][ T2920] usb 5-1: Using ep0 maxpacket: 16
[  296.418760][ T4560] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  296.428715][ T2920] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  296.448663][ T4560] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  296.456655][ T2920] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  296.472506][ T4560] usb 1-1: Product: syz
[  296.480995][ T4560] usb 1-1: Manufacturer: syz
[  296.488909][ T2920] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  296.499974][ T4560] usb 1-1: SerialNumber: syz
[  296.516412][ T2920] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  296.536048][ T2920] usb 5-1: config 0 descriptor??
[  296.750281][ T5064] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  296.760281][ T5064] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  296.769800][ T5064] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1281'.
[  296.784419][ T5064] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1281'.
[  296.838624][  T474] usb 4-1: new high-speed USB device number 25 using dummy_hcd
[  296.956498][ T5088] EXT4-fs error (device loop2): ext4_map_blocks:721: inode #18: block 62218: comm syz.2.1287: lblock 0 mapped to illegal pblock 62218 (length 1)
[  296.971431][ T5088] EXT4-fs (loop2): Remounting filesystem read-only
[  296.980470][ T4955] EXT4-fs error (device loop2): ext4_map_blocks:607: inode #2: block 16: comm syz-executor: lblock 0 mapped to illegal pblock 16 (length 1)
[  296.997152][ T4955] EXT4-fs (loop2): Inode 18 (ffff88813638d010): i_reserved_data_blocks (1) not cleared!
[  297.007166][ T4955] EXT4-fs (loop2): unmounting filesystem.
[  297.007953][ T2920] microsoft 0003:045E:07DA.003D: No inputs registered, leaving
[  297.021211][ T2920] microsoft 0003:045E:07DA.003D: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.4-1/input0
[  297.034799][ T2920] microsoft 0003:045E:07DA.003D: no inputs found
[  297.041381][ T4560] usb 1-1: 2:1 : unknown format tag 0x0 is detected.  processed as MPEG.
[  297.049940][ T2920] microsoft 0003:045E:07DA.003D: could not initialize ff, continuing anyway
[  297.088695][  T474] usb 4-1: Using ep0 maxpacket: 32
[  297.100978][ T4560] usb 1-1: found format II with max.bitrate = 0, frame size=0
[  297.264478][ T5106] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  297.276966][ T5106] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  297.288898][  T474] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  297.315856][ T4560] usb 1-1: 2:1 : unknown format tag 0x0 is detected.  processed as MPEG.
[  297.325472][ T4560] usb 1-1: found format II with max.bitrate = 0, frame size=0
[  297.341037][  T474] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  297.354889][  T474] usb 4-1: New USB device found, idVendor=0461, idProduct=4e72, bcdDevice= 0.00
[  297.364913][  T474] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  297.379303][  T474] usb 4-1: config 0 descriptor??
[  297.398708][ T4560] usb 1-1: USB disconnect, device number 31
[  297.452937][ T5108] bridge0: port 1(bridge_slave_0) entered blocking state
[  297.459813][ T5108] bridge0: port 1(bridge_slave_0) entered disabled state
[  297.466903][ T5108] device bridge_slave_0 entered promiscuous mode
[  297.474970][ T5108] bridge0: port 2(bridge_slave_1) entered blocking state
[  297.481974][ T5108] bridge0: port 2(bridge_slave_1) entered disabled state
[  297.489210][ T5108] device bridge_slave_1 entered promiscuous mode
[  297.531633][ T5108] bridge0: port 2(bridge_slave_1) entered blocking state
[  297.538473][ T5108] bridge0: port 2(bridge_slave_1) entered forwarding state
[  297.545695][ T5108] bridge0: port 1(bridge_slave_0) entered blocking state
[  297.552462][ T5108] bridge0: port 1(bridge_slave_0) entered forwarding state
[  297.579735][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  297.619308][   T39] bridge0: port 1(bridge_slave_0) entered disabled state
[  297.628051][   T39] bridge0: port 2(bridge_slave_1) entered disabled state
[  297.639768][   T39] usb 5-1: USB disconnect, device number 31
[  297.646904][ T4560] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  297.654936][ T4560] bridge0: port 1(bridge_slave_0) entered blocking state
[  297.661888][ T4560] bridge0: port 1(bridge_slave_0) entered forwarding state
[  297.670505][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  297.678413][   T19] bridge0: port 2(bridge_slave_1) entered blocking state
[  297.685169][   T19] bridge0: port 2(bridge_slave_1) entered forwarding state
[  297.692304][ T5022] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm ext4lazyinit: bg 0: block 234: padding at end of block bitmap is not set
[  297.720815][ T5108] device veth0_vlan entered promiscuous mode
[  297.985513][ T4560] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  297.993874][ T4560] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  297.999898][  T474] hid-rmi 0003:0461:4E72.003E: unknown main item tag 0x0
[  298.001703][ T4560] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  298.010420][  T474] hid-rmi 0003:0461:4E72.003E: unknown main item tag 0x0
[  298.015514][ T4560] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  298.022509][  T474] hid-rmi 0003:0461:4E72.003E: unknown main item tag 0x0
[  298.029478][ T4560] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  298.036497][  T474] hid-rmi 0003:0461:4E72.003E: unknown main item tag 0x0
[  298.044284][ T4560] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  298.051007][  T474] hid-rmi 0003:0461:4E72.003E: unknown main item tag 0x0
[  298.074639][  T474] hid-rmi 0003:0461:4E72.003E: hidraw0: USB HID v0.00 Device [HID 0461:4e72] on usb-dummy_hcd.3-1/input0
[  298.074931][ T5108] device veth1_macvtap entered promiscuous mode
[  298.093499][ T4560] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  298.101490][ T4560] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  298.109572][ T4560] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  298.122257][  T474] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  298.130460][  T474] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  298.141296][  T474] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  298.149440][  T474] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  298.159946][  T826] device bridge_slave_1 left promiscuous mode
[  298.165931][  T826] bridge0: port 2(bridge_slave_1) entered disabled state
[  298.173250][  T826] device bridge_slave_0 left promiscuous mode
[  298.179304][  T826] bridge0: port 1(bridge_slave_0) entered disabled state
[  298.187261][  T826] device veth1_macvtap left promiscuous mode
[  298.193264][  T826] device veth0_vlan left promiscuous mode
[  298.211215][ T4560] usb 4-1: USB disconnect, device number 25
[  298.258639][ T4741] usb 2-1: new high-speed USB device number 29 using dummy_hcd
[  298.384036][   T28] audit: type=1400 audit(2000000190.669:19763): avc:  denied  { append } for  pid=5119 comm="syz.2.1303" name="001" dev="devtmpfs" ino=162 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  298.410910][ T4878] EXT4-fs (loop4): unmounting filesystem.
[  298.527426][ T5131] loop0: detected capacity change from 0 to 512
[  298.539455][ T5131] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  298.547280][ T5131] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e040e018, mo2=0002]
[  298.555343][ T5131] System zones: 0-1, 15-15, 18-18, 34-34
[  298.562044][ T5131] EXT4-fs (loop0): orphan cleanup on readonly fs
[  298.569743][ T5131] Quota error (device loop0): v2_read_header: Failed header read: expected=8 got=0
[  298.580449][ T5131] EXT4-fs warning (device loop0): ext4_enable_quotas:6999: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  298.597199][ T5131] EXT4-fs (loop0): Cannot turn on quotas: error -22
[  298.604933][ T5131] EXT4-fs error (device loop0): ext4_orphan_get:1422: comm syz.0.1297: bad orphan inode 16
[  298.654797][ T5135] input: syz0 as /devices/virtual/input/input53
[  298.694307][ T5131] ext4_test_bit(bit=15, block=18) = 1
[  298.718816][ T4741] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  298.732221][ T5131] is_bad_inode(inode)=0
[  298.736287][ T5131] NEXT_ORPHAN(inode)=0
[  298.740808][ T4741] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  298.746907][ T5131] max_ino=32
[  298.751119][ T4741] usb 2-1: New USB device found, idVendor=056e, idProduct=010d, bcdDevice= 0.00
[  298.753853][ T5131] i_nlink=2
[  298.764425][ T4741] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  298.765603][ T5131] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  298.776976][ T4741] usb 2-1: config 0 descriptor??
[  298.799926][ T5131] fscrypt (loop0, inode 16): Error -61 getting encryption context
[  298.808790][ T2920] usb 3-1: new high-speed USB device number 29 using dummy_hcd
[  298.816623][ T4399] EXT4-fs (loop0): unmounting filesystem.
[  298.823146][ T5137] loop3: detected capacity change from 0 to 512
[  298.841882][ T5137] EXT4-fs (loop3): 1 truncate cleaned up
[  298.842867][ T5141] loop0: detected capacity change from 0 to 256
[  298.847428][ T5137] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  298.856143][ T5141] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x38db593b, utbl_chksum : 0xe619d30d)
[  300.229510][ T4741] elecom 0003:056E:010D.003F: item fetching failed at offset 0/3
[  300.237312][ T4741] elecom: probe of 0003:056E:010D.003F failed with error -22
[  300.237791][ T4319] EXT4-fs (loop3): unmounting filesystem.
[  301.059153][   T28] audit: type=1326 audit(2000000193.139:19764): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5152 comm="syz.3.1302" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f64fd7779f9 code=0x0
[  301.141261][ T2920] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  301.236307][   T19] usb 2-1: USB disconnect, device number 29
[  301.318708][ T2920] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  301.328887][ T5166] loop3: detected capacity change from 0 to 512
[  301.341459][ T2920] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  301.358908][ T5166] EXT4-fs: dax option not supported
[  301.525794][   T28] audit: type=1326 audit(2000000193.809:19765): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5160 comm="syz.4.1305" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f30f77779f9 code=0x0
[  301.548093][ T2920] usb 3-1: can't set config #1, error -71
[  301.554703][ T2920] usb 3-1: USB disconnect, device number 29
[  301.583460][ T3438] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  301.668451][ T5174] loop2: detected capacity change from 0 to 2048
[  301.883368][ T5174] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  302.419636][   T28] audit: type=1400 audit(2000000194.709:19766): avc:  denied  { wake_alarm } for  pid=5194 comm="syz.1.1315" capability=35  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  302.508625][ T2920] usb 3-1: new high-speed USB device number 30 using dummy_hcd
[  302.638953][ T5178] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm ext4lazyinit: bg 0: block 234: padding at end of block bitmap is not set
[  302.745094][ T5199] loop4: detected capacity change from 0 to 256
[  302.753583][ T5199] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x38db593b, utbl_chksum : 0xe619d30d)
[  303.368513][ T5209] loop3: detected capacity change from 0 to 256
[  303.384323][ T5209] FAT-fs (loop3): Directory bread(block 64) failed
[  303.390832][ T2920] usb 3-1: Using ep0 maxpacket: 16
[  303.396604][ T5209] FAT-fs (loop3): Directory bread(block 65) failed
[  303.403108][ T5209] FAT-fs (loop3): Directory bread(block 66) failed
[  303.409556][ T5209] FAT-fs (loop3): Directory bread(block 67) failed
[  303.418528][ T5209] FAT-fs (loop3): Directory bread(block 68) failed
[  303.425158][ T5209] FAT-fs (loop3): Directory bread(block 69) failed
[  303.432217][ T5209] FAT-fs (loop3): Directory bread(block 70) failed
[  303.438603][ T5209] FAT-fs (loop3): Directory bread(block 71) failed
[  303.445278][ T5209] FAT-fs (loop3): Directory bread(block 72) failed
[  303.451777][ T5209] FAT-fs (loop3): Directory bread(block 73) failed
[  303.611164][ T5206] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  304.131918][ T2920] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  304.143819][ T2920] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  304.156570][ T2920] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  304.165596][ T2920] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  304.174469][ T2920] usb 3-1: config 0 descriptor??
[  304.490112][ T5228] loop4: detected capacity change from 0 to 512
[  304.524183][ T5228] EXT4-fs error (device loop4): ext4_get_branch:178: inode #11: block 4294967295: comm syz.4.1324: invalid block
[  304.565502][ T3331] kworker/u4:7: attempt to access beyond end of device
[  304.565502][ T3331] loop3: rw=1, sector=1224, nr_sectors = 128 limit=256
[  304.582696][ T5228] EXT4-fs (loop4): Remounting filesystem read-only
[  304.589404][ T5228] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #11: comm syz.4.1324: invalid indirect mapped block 4294967295 (level 1)
[  304.611194][ T5228] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #11: comm syz.4.1324: invalid indirect mapped block 4294967295 (level 1)
[  304.663292][ T5228] EXT4-fs (loop4): 2 truncates cleaned up
[  304.669017][ T5228] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  304.685428][ T5108] EXT4-fs (loop2): unmounting filesystem.
[  304.691471][ T5239] loop0: detected capacity change from 0 to 512
[  304.697813][ T5239] EXT4-fs: Ignoring removed orlov option
[  304.698700][ T2920] usbhid 3-1:0.0: can't add hid device: -71
[  304.703981][ T5239] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  304.713115][ T5228] EXT4-fs warning (device loop4): ext4_resize_begin:74: won't resize using backup superblock at 1
[  304.720616][ T5239] EXT4-fs (loop0): Test dummy encryption mode enabled
[  304.731365][ T2920] usbhid: probe of 3-1:0.0 failed with error -71
[  304.741791][ T5239] EXT4-fs error (device loop0): ext4_xattr_inode_iget:400: comm syz.0.1327: Parent and EA inode have the same ino 15
[  304.746728][ T2920] usb 3-1: USB disconnect, device number 30
[  304.874461][ T5239] EXT4-fs (loop0): 1 orphan inode deleted
[  304.898988][ T5239] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  304.938855][   T28] audit: type=1400 audit(2000000197.089:19767): avc:  denied  { write } for  pid=5233 comm="syz.1.1335" name="vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[  304.973296][ T5243] loop2: detected capacity change from 0 to 512
[  304.981404][ T5243] EXT4-fs (loop2): Test dummy encryption mode enabled
[  304.981961][ T4878] EXT4-fs (loop4): unmounting filesystem.
[  304.999682][ T5243] EXT4-fs error (device loop2): __ext4_iget:5046: inode #11: block 1: comm syz.2.1326: invalid block
[  305.011136][ T5243] EXT4-fs error (device loop2): ext4_orphan_get:1401: comm syz.2.1326: couldn't read orphan inode 11 (err -117)
[  305.022989][ T5243] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  305.035803][ T4399] EXT4-fs (loop0): unmounting filesystem.
[  305.108676][   T19] usb 4-1: new high-speed USB device number 26 using dummy_hcd
[  306.827807][ T5256] ------------[ cut here ]------------
[  306.833154][ T5256] WARNING: CPU: 0 PID: 5256 at mm/page_alloc.c:5690 __alloc_pages+0xc0/0x780
[  306.842112][ T5256] Modules linked in:
[  306.845716][ T5256] CPU: 0 PID: 5256 Comm: syz.1.1331 Tainted: G        W          6.1.90-syzkaller-00004-g79436849ef1d #0
[  306.857065][ T5256] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  306.867674][ T5256] RIP: 0010:__alloc_pages+0xc0/0x780
[  306.873036][ T5256] Code: 0b 72 13 44 89 e8 25 00 20 00 00 75 09 80 3d 4b 9e b7 05 00 74 0d 83 fb 0a 76 16 45 31 e4 e9 4e 03 00 00 c6 05 35 9e b7 05 01 <0f> 0b 83 fb 0a 77 ea 89 1c 24 44 23 2d 17 c7 ba 05 65 48 8b 05 27
[  306.892571][ T5256] RSP: 0018:ffffc9000b4f7840 EFLAGS: 00010246
[  306.898451][ T5256] RAX: 0000000000000000 RBX: 000000000000000c RCX: 0000000000000000
[  306.906329][ T5256] RDX: 0000000000000018 RSI: 0000000000000000 RDI: ffffc9000b4f78e8
[  306.914102][ T5256] RBP: ffffc9000b4f7978 R08: dffffc0000000000 R09: ffffc9000b4f78d0
[  306.921928][ T5256] R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000000000000
[  306.929710][ T5256] R13: 0000000000040d40 R14: dffffc0000000000 R15: 1ffff9200169ef14
[  306.937513][ T5256] FS:  00007f786acff6c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[  306.946319][ T5256] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  306.952710][ T5256] CR2: 0000000020001000 CR3: 0000000145feb000 CR4: 00000000003526b0
[  306.960546][ T5256] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  306.968319][ T5256] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  306.976167][ T5256] Call Trace:
[  306.979277][ T5256]  <TASK>
[  306.982041][ T5256]  ? show_regs+0x58/0x60
[  306.986115][ T5256]  ? __warn+0x160/0x3d0
[  306.990129][ T5256]  ? __alloc_pages+0xc0/0x780
[  306.994624][ T5256]  ? report_bug+0x4d5/0x7d0
[  306.998994][ T5256]  ? __alloc_pages+0xc0/0x780
[  307.003473][ T5256]  ? handle_bug+0x41/0x70
[  307.007637][ T5256]  ? exc_invalid_op+0x1b/0x50
[  307.012180][ T5256]  ? asm_exc_invalid_op+0x1b/0x20
[  307.017013][ T5256]  ? __alloc_pages+0xc0/0x780
[  307.021648][ T5256]  ? entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  307.027516][ T5256]  ? prep_new_page+0x110/0x110
[  307.032152][ T5256]  __kmalloc_large_node+0x9e/0x1b0
[  307.037066][ T5256]  ? incfs_realloc_mount_info+0xa7/0x470
[  307.042565][ T5256]  __kmalloc+0xef/0x1e0
[  307.046523][ T5256]  incfs_realloc_mount_info+0xa7/0x470
[  307.051845][ T5256]  incfs_alloc_mount_info+0x481/0x550
[  307.057024][ T5256]  incfs_mount_fs+0x416/0xa30
[  307.061578][ T5256]  ? incfs_unlink+0x90/0x90
[  307.065876][ T5256]  ? vfs_parse_fs_string+0x18c/0x220
[  307.071021][ T5256]  ? cap_capable+0x1d2/0x270
[  307.075424][ T5256]  legacy_get_tree+0xf1/0x190
[  307.079987][ T5256]  ? incfs_unlink+0x90/0x90
[  307.084282][ T5256]  vfs_get_tree+0x88/0x290
[  307.088527][ T5256]  do_new_mount+0x2ba/0xb30
[  307.092906][ T5256]  ? do_move_mount_old+0x160/0x160
[  307.097874][ T5256]  ? security_capable+0x87/0xb0
[  307.102545][ T5256]  ? ns_capable+0x89/0xe0
[  307.106671][ T5256]  path_mount+0x671/0x1070
[  307.110951][ T5256]  ? user_path_at_empty+0x14e/0x1a0
[  307.115958][ T5256]  __se_sys_mount+0x2c4/0x3b0
[  307.120508][ T5256]  ? __x64_sys_mount+0xd0/0xd0
[  307.125071][ T5256]  ? fpregs_restore_userregs+0x130/0x290
[  307.130564][ T5256]  __x64_sys_mount+0xbf/0xd0
[  307.134965][ T5256]  x64_sys_call+0x49d/0x9a0
[  307.139414][ T5256]  do_syscall_64+0x3b/0xb0
[  307.143676][ T5256]  ? clear_bhb_loop+0x55/0xb0
[  307.148278][ T5256]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  307.154043][ T5256] RIP: 0033:0x7f7869f779f9
[  307.158260][ T5256] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  307.177752][ T5256] RSP: 002b:00007f786acff038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  307.185976][ T5256] RAX: ffffffffffffffda RBX: 00007f786a105f80 RCX: 00007f7869f779f9
[  307.193784][ T5256] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 0000000020000000
[  307.201592][ T5256] RBP: 00007f7869fe58ee R08: 00000000200001c0 R09: 0000000000000000
[  307.209414][ T5256] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  307.217199][ T5256] R13: 0000000000000000 R14: 00007f786a105f80 R15: 00007ffd72518f78
[  307.225054][ T5256]  </TASK>
[  307.227868][ T5256] ---[ end trace 0000000000000000 ]---
[  307.233425][ T5256] incfs: Error allocating mount info. -12
[  307.239131][ T5256] incfs: mount failed -12
[  307.244165][ T5108] EXT4-fs (loop2): unmounting filesystem.
[  307.408675][ T2920] usb 1-1: new high-speed USB device number 32 using dummy_hcd
[  307.498709][   T19] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  307.509394][   T19] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  307.518956][   T19] usb 4-1: New USB device found, idVendor=056e, idProduct=010d, bcdDevice= 0.00
[  307.527778][   T19] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  307.536425][   T19] usb 4-1: config 0 descriptor??
[  307.708791][   T19] usbhid 4-1:0.0: can't add hid device: -71
[  307.714527][   T19] usbhid: probe of 4-1:0.0 failed with error -71
[  307.721495][   T19] usb 4-1: USB disconnect, device number 26
[  307.788743][ T2920] usb 1-1: config index 0 descriptor too short (expected 65535, got 36)
[  307.796909][ T2920] usb 1-1: config 255 has too many interfaces: 255, using maximum allowed: 32
[  307.805705][ T2920] usb 1-1: config 255 has an invalid descriptor of length 0, skipping remainder of the config
[  307.815739][ T2920] usb 1-1: config 255 has 0 interfaces, different from the descriptor's value: 255
[  307.824939][ T2920] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  307.833707][ T2920] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  308.086439][  T330] usb 1-1: USB disconnect, device number 32
[  308.100253][ T5268] loop3: detected capacity change from 0 to 256
[  308.109937][ T5269] loop4: detected capacity change from 0 to 256
[  308.112898][ T5268] exfat: Deprecated parameter 'utf8'
[  308.118027][ T5265] loop1: detected capacity change from 0 to 1024
[  308.132460][ T5268] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x0ec8ca35, utbl_chksum : 0xe619d30d)
[  308.138983][ T5265] EXT4-fs: Ignoring removed orlov option
[  308.151466][ T5271] xt_bpf: check failed: parse error
[  308.164991][ T5265] EXT4-fs: Ignoring removed nomblk_io_submit option
[  308.169916][ T5269] FAT-fs (loop4): Directory bread(block 64) failed
[  308.178634][ T5269] FAT-fs (loop4): Directory bread(block 65) failed
[  308.179201][ T5265] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  308.185197][ T5269] FAT-fs (loop4): Directory bread(block 66) failed
[  308.213372][ T5269] FAT-fs (loop4): Directory bread(block 67) failed
[  308.243195][ T5265] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a84fc018, mo2=0002]
[  308.246853][ T5278] loop3: detected capacity change from 0 to 2048
[  308.257688][ T5269] FAT-fs (loop4): Directory bread(block 68) failed
[  308.259075][ T5265] System zones: 
[  308.264806][ T5269] FAT-fs (loop4): Directory bread(block 69) failed
[  308.274060][ T5265] 0-1, 3-36
[  308.281325][ T5269] FAT-fs (loop4): Directory bread(block 70) failed
[  308.281911][ T5265] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  308.287786][ T5269] FAT-fs (loop4): Directory bread(block 71) failed
[  308.306619][ T5269] FAT-fs (loop4): Directory bread(block 72) failed
[  308.313566][ T5269] FAT-fs (loop4): Directory bread(block 73) failed
[  308.327386][ T5278] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  308.402112][ T4356] EXT4-fs (loop1): unmounting filesystem.
[  308.818514][ T2920] usb 4-1: new high-speed USB device number 27 using dummy_hcd
[  308.979215][    T8] kworker/u4:0: attempt to access beyond end of device
[  308.979215][    T8] loop4: rw=1, sector=1224, nr_sectors = 128 limit=256
[  308.982305][ T5273] loop0: detected capacity change from 0 to 131072
[  309.001582][ T5273] F2FS-fs (loop0): Test dummy encryption mode enabled
[  309.009156][ T5273] F2FS-fs (loop0): invalid crc value
[  309.051012][ T5306] tipc: Started in network mode
[  309.128736][   T28] audit: type=1400 audit(2000000201.369:19768): avc:  denied  { set_context_mgr } for  pid=5302 comm="syz.2.1347" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[  309.156257][ T5306] tipc: Node identity 5f3a14aa, cluster identity 4711
[  309.170091][ T5273] F2FS-fs (loop0): Found nat_bits in checkpoint
[  309.206583][ T5306] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  309.208974][   T28] audit: type=1400 audit(2000000201.389:19769): avc:  denied  { write } for  pid=5302 comm="syz.2.1347" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  309.246528][ T5273] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  309.268609][ T2920] usb 4-1: Using ep0 maxpacket: 16
[  309.272887][   T28] audit: type=1400 audit(2000000201.399:19770): avc:  denied  { map } for  pid=5302 comm="syz.2.1347" path="/dev/binderfs/binder0" dev="binder" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  309.281095][ T5315] loop4: detected capacity change from 0 to 512
[  309.304719][ T5315] EXT4-fs: Ignoring removed nobh option
[  309.310501][ T5315] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  309.330217][ T5315] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  309.339166][ T5315] ext4 filesystem being mounted at /22/file0 supports timestamps until 2038 (0x7fffffff)
[  309.352342][   T28] audit: type=1400 audit(2000000201.639:19771): avc:  denied  { mounton } for  pid=5314 comm="syz.4.1350" path="/22/file0/file1" dev="loop4" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  309.376973][ T5315] EXT4-fs: Ignoring removed nobh option
[  309.382765][ T5315] EXT4-fs: Cannot change journaled quota options when quota turned on
[  309.399277][ T4878] EXT4-fs (loop4): unmounting filesystem.
[  309.428713][ T2920] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  309.439539][   T28] audit: type=1400 audit(2000000201.719:19772): avc:  denied  { mount } for  pid=5320 comm="syz.4.1353" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  309.442400][ T5323] fuse: Bad value for 'fd'
[  309.633460][ T5326] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1352'.
[  309.828713][ T2920] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  309.833537][ T4399] F2FS-fs (loop0): f2fs_fill_dentries: corrupted namelen=1025, run fsck to fix.
[  309.841343][ T2920] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  309.841367][ T2920] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  309.875908][ T2920] usb 4-1: config 0 descriptor??
[  310.238701][ T5280] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm ext4lazyinit: bg 0: block 234: padding at end of block bitmap is not set
[  310.274330][   T28] audit: type=1400 audit(2000000202.559:19773): avc:  denied  { getattr } for  pid=5331 comm="syz.2.1357" name="/" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  310.344748][ T2920] microsoft 0003:045E:07DA.0040: No inputs registered, leaving
[  310.359521][ T2920] microsoft 0003:045E:07DA.0040: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.3-1/input0
[  310.388619][ T2920] microsoft 0003:045E:07DA.0040: no inputs found
[  310.394777][ T2920] microsoft 0003:045E:07DA.0040: could not initialize ff, continuing anyway
[  310.439105][ T5346] overlayfs: overlapping lowerdir path
[  310.449387][ T5338] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1360'.
[  310.506517][ T5343] bridge0: port 1(bridge_slave_0) entered blocking state
[  310.513467][ T5343] bridge0: port 1(bridge_slave_0) entered disabled state
[  310.521055][ T5343] device bridge_slave_0 entered promiscuous mode
[  310.527935][ T5343] bridge0: port 2(bridge_slave_1) entered blocking state
[  310.534862][ T5343] bridge0: port 2(bridge_slave_1) entered disabled state
[  310.542253][ T5343] device bridge_slave_1 entered promiscuous mode
[  310.555980][  T623] device bridge_slave_1 left promiscuous mode
[  310.562043][  T623] bridge0: port 2(bridge_slave_1) entered disabled state
[  310.569483][  T623] device bridge_slave_0 left promiscuous mode
[  310.575413][  T623] bridge0: port 1(bridge_slave_0) entered disabled state
[  310.583287][  T623] device veth1_macvtap left promiscuous mode
[  310.589142][  T623] device veth0_vlan left promiscuous mode
[  310.599615][ T5355] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  310.610108][ T5355] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  310.751315][ T5343] bridge0: port 2(bridge_slave_1) entered blocking state
[  310.758228][ T5343] bridge0: port 2(bridge_slave_1) entered forwarding state
[  310.765415][ T5343] bridge0: port 1(bridge_slave_0) entered blocking state
[  310.772349][ T5343] bridge0: port 1(bridge_slave_0) entered forwarding state
[  310.779609][ T2920] usb 3-1: new high-speed USB device number 31 using dummy_hcd
[  310.797923][  T420] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  310.805897][  T420] bridge0: port 1(bridge_slave_0) entered disabled state
[  310.813259][  T420] bridge0: port 2(bridge_slave_1) entered disabled state
[  310.829432][  T420] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  310.837334][  T420] bridge0: port 1(bridge_slave_0) entered blocking state
[  310.844097][  T420] bridge0: port 1(bridge_slave_0) entered forwarding state
[  310.851240][  T420] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  310.859118][  T420] bridge0: port 2(bridge_slave_1) entered blocking state
[  310.865935][  T420] bridge0: port 2(bridge_slave_1) entered forwarding state
[  310.871228][  T330] usb 4-1: USB disconnect, device number 27
[  310.873375][  T420] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  310.886527][  T420] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  310.898177][ T4741] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  310.909240][  T420] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  310.916916][  T420] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  310.924357][  T420] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  310.932772][ T5343] device veth0_vlan entered promiscuous mode
[  310.942660][ T5343] device veth1_macvtap entered promiscuous mode
[  310.949528][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  310.960562][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  310.971894][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  311.078697][  T474] usb 5-1: new high-speed USB device number 32 using dummy_hcd
[  311.135130][ T5365] sch_fq: defrate 0 ignored.
[  311.168718][ T2920] usb 3-1: config 1 has an invalid descriptor of length 125, skipping remainder of the config
[  311.182282][ T2920] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  311.195710][ T5367] tipc: Started in network mode
[  311.200428][ T5367] tipc: Node identity 4adbebc304c3, cluster identity 4711
[  311.207736][ T5367] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  311.215939][ T5367] syzkaller0: MTU too low for tipc bearer
[  311.221785][ T5367] tipc: Disabling bearer <eth:syzkaller0>
[  311.278776][ T2920] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  311.287853][ T2920] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  311.293351][ T5369] loop1: detected capacity change from 0 to 256
[  311.295842][ T2920] usb 3-1: SerialNumber: syz
[  311.394787][ T4319] EXT4-fs (loop3): unmounting filesystem.
[  311.588704][ T5338] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  311.597143][ T5338] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  311.629203][ T2920] usb 3-1: 0:2 : does not exist
[  311.633924][ T2920] usb 3-1: unit 48 not found!
[  311.640237][ T2920] usb 3-1: USB disconnect, device number 31
[  311.654971][  T474] usb 5-1: config 1 interface 0 altsetting 231 bulk endpoint 0x1 has invalid maxpacket 32
[  311.665042][   T28] audit: type=1400 audit(2000000203.959:19774): avc:  denied  { setopt } for  pid=5368 comm="syz.1.1367" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  311.665236][  T474] usb 5-1: config 1 interface 0 has no altsetting 0
[  311.692653][   T28] audit: type=1400 audit(2000000203.979:19775): avc:  denied  { write } for  pid=5368 comm="syz.1.1367" name="attr" dev="proc" ino=41390 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1
[  311.715658][   T28] audit: type=1400 audit(2000000203.979:19776): avc:  denied  { add_name } for  pid=5368 comm="syz.1.1367" name="current" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1
[  311.717672][ T3463] udevd[3463]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[  311.735955][   T28] audit: type=1400 audit(2000000203.979:19777): avc:  denied  { create } for  pid=5368 comm="syz.1.1367" name="current" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=file permissive=1
[  311.848709][  T474] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  311.857610][  T474] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  311.865501][  T474] usb 5-1: Product: ࠌ
[  311.869804][  T474] usb 5-1: Manufacturer: ȗ⩪㞄밽屠莅㩁齟୾ᗞ洫뜠ඓ睗ǽ馊䚭讇㕁㣸ꗌ㓛Ὃ楄銹ꋥ껗⊻矤ك琮褟ᄆ言晔飧쳾慧핀匥忋呑듄쯮ဈ톉薓䆻翳켊ﹰ杈
[  311.889274][  T474] usb 5-1: SerialNumber: ц
[  311.908689][ T5360] raw-gadget.3 gadget.4: fail, usb_ep_enable returned -22
[  312.209689][ T5388] kvm: vcpu 0: requested 128 ns lapic timer period limited to 200000 ns
[  312.217882][ T5388] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer.
[  312.272026][  T474] usblp 5-1:1.0: usblp0: USB Unidirectional printer dev 32 if 0 alt 231 proto 1 vid 0x0525 pid 0xA4A8
[  312.349496][  T474] usb 5-1: USB disconnect, device number 32
[  312.390865][  T474] usblp0: removed
[  312.394342][ T5392] loop2: detected capacity change from 0 to 16
[  312.400986][ T5392] erofs: (device loop2): mounted with root inode @ nid 36.
[  312.445285][ T5396] device pim6reg1 entered promiscuous mode
[  312.879298][ T5386] loop0: detected capacity change from 0 to 131072
[  312.892060][ T5386] F2FS-fs (loop0): Test dummy encryption mode enabled
[  312.908343][ T5386] F2FS-fs (loop0): invalid crc value
[  312.918944][ T5386] F2FS-fs (loop0): Found nat_bits in checkpoint
[  312.958695][ T5386] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  313.110251][ T5408] loop1: detected capacity change from 0 to 256
[  313.133499][ T5408] FAT-fs (loop1): Directory bread(block 64) failed
[  313.991535][ T5413] syz.2.1374: attempt to access beyond end of device
[  313.991535][ T5413] loop2: rw=0, sector=14552337256, nr_sectors = 8 limit=16
[  314.005367][ T5413] syz.2.1374: attempt to access beyond end of device
[  314.005367][ T5413] loop2: rw=0, sector=14546590680, nr_sectors = 8 limit=16
[  315.512665][ T5343] F2FS-fs (loop0): f2fs_fill_dentries: corrupted namelen=1025, run fsck to fix.
[  315.539347][ T5408] FAT-fs (loop1): Directory bread(block 65) failed
[  315.555213][ T5408] FAT-fs (loop1): Directory bread(block 66) failed
[  315.563334][ T5408] FAT-fs (loop1): Directory bread(block 67) failed
[  315.570562][ T5408] FAT-fs (loop1): Directory bread(block 68) failed
[  315.576921][ T5408] FAT-fs (loop1): Directory bread(block 69) failed
[  315.583443][ T5408] FAT-fs (loop1): Directory bread(block 70) failed
[  315.590022][ T5408] FAT-fs (loop1): Directory bread(block 71) failed
[  315.596364][ T5408] FAT-fs (loop1): Directory bread(block 72) failed
[  315.602790][ T5408] FAT-fs (loop1): Directory bread(block 73) failed
[  315.609726][ T5421] netlink: 'syz.3.1383': attribute type 12 has an invalid length.
[  315.659896][ T5422] device pim6reg1 entered promiscuous mode
[  315.781279][ T5431] loop2: detected capacity change from 0 to 512
[  316.104660][ T5431] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=2802c018, mo2=0002]
[  316.121481][ T5431] System zones: 0-2, 18-18, 34-35
[  316.137318][ T5431] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  316.151836][ T5431] ext4 filesystem being mounted at /16/file0 supports timestamps until 2038 (0x7fffffff)
[  316.182651][ T3331] kworker/u4:7: attempt to access beyond end of device
[  316.182651][ T3331] loop1: rw=1, sector=1224, nr_sectors = 128 limit=256
[  316.191190][ T5431] EXT4-fs (loop2): shut down requested (0)
[  316.254832][ T5108] EXT4-fs (loop2): unmounting filesystem.
[  316.373147][   T19] usb 4-1: new high-speed USB device number 28 using dummy_hcd
[  316.374875][ T5435] loop4: detected capacity change from 0 to 40427
[  316.431903][ T5435] F2FS-fs (loop4): Found nat_bits in checkpoint
[  316.503833][ T5455] xt_CT: No such helper "netbios-ns"
[  316.611172][ T5435] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  316.681567][ T4878] syz-executor: attempt to access beyond end of device
[  316.681567][ T4878] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  316.768623][   T19] usb 4-1: Using ep0 maxpacket: 16
[  316.774763][   T10] device bridge_slave_1 left promiscuous mode
[  316.781083][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[  316.788485][   T10] device bridge_slave_0 left promiscuous mode
[  316.813204][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[  316.830568][   T10] device veth1_macvtap left promiscuous mode
[  316.842585][   T10] device veth0_vlan left promiscuous mode
[  316.908698][   T19] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024
[  316.928612][   T19] usb 4-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  316.929880][ T5464] cannot load conntrack support for proto=3
[  316.937468][   T19] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  316.951611][   T19] usb 4-1: config 0 descriptor??
[  317.015685][ T5454] bridge0: port 1(bridge_slave_0) entered blocking state
[  317.028691][ T5454] bridge0: port 1(bridge_slave_0) entered disabled state
[  317.035992][ T5454] device bridge_slave_0 entered promiscuous mode
[  317.050187][ T5454] bridge0: port 2(bridge_slave_1) entered blocking state
[  317.064242][ T5454] bridge0: port 2(bridge_slave_1) entered disabled state
[  317.071859][ T5454] device bridge_slave_1 entered promiscuous mode
[  317.077078][ T5449] loop1: detected capacity change from 0 to 131072
[  317.091002][ T5449] F2FS-fs (loop1): Test dummy encryption mode enabled
[  317.102059][ T5449] F2FS-fs (loop1): invalid crc value
[  317.117731][ T5449] F2FS-fs (loop1): Found nat_bits in checkpoint
[  317.186333][ T5476] loop2: detected capacity change from 0 to 256
[  317.191905][ T5449] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  317.212306][ T5476] FAT-fs (loop2): Directory bread(block 64) failed
[  317.213505][ T5454] bridge0: port 2(bridge_slave_1) entered blocking state
[  317.225589][ T5454] bridge0: port 2(bridge_slave_1) entered forwarding state
[  317.228633][ T5476] FAT-fs (loop2): Directory bread(block 65) failed
[  317.232716][ T5454] bridge0: port 1(bridge_slave_0) entered blocking state
[  317.245826][ T5454] bridge0: port 1(bridge_slave_0) entered forwarding state
[  317.253113][ T5476] FAT-fs (loop2): Directory bread(block 66) failed
[  317.278722][ T5476] FAT-fs (loop2): Directory bread(block 67) failed
[  317.285187][ T5476] FAT-fs (loop2): Directory bread(block 68) failed
[  317.291820][ T5476] FAT-fs (loop2): Directory bread(block 69) failed
[  317.298322][ T5476] FAT-fs (loop2): Directory bread(block 70) failed
[  317.309222][ T5476] FAT-fs (loop2): Directory bread(block 71) failed
[  317.315633][ T5476] FAT-fs (loop2): Directory bread(block 72) failed
[  317.322345][ T5476] FAT-fs (loop2): Directory bread(block 73) failed
[  317.387746][  T420] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  317.396098][  T420] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  317.414495][  T420] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  317.422454][  T420] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  317.526632][ T5438] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  317.542255][ T5438] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  317.875949][  T420] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  317.877964][ T4356] F2FS-fs (loop1): f2fs_fill_dentries: corrupted namelen=1025, run fsck to fix.
[  317.900313][  T420] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  317.908504][  T420] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  318.074611][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  318.089383][   T19] hid (null): invalid report_count 983040256
[  318.089811][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  318.110071][ T5454] device veth0_vlan entered promiscuous mode
[  318.112253][   T19] hid (null): unknown global tag 0xc
[  318.497684][  T330] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  318.507095][  T330] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  318.528277][   T19] hid-generic 0003:0158:0100.0041: unknown main item tag 0x0
[  318.535523][   T19] hid-generic 0003:0158:0100.0041: invalid report_count 983040256
[  318.543188][   T19] hid-generic 0003:0158:0100.0041: item 0 4 1 9 parsing failed
[  318.550693][   T19] hid-generic: probe of 0003:0158:0100.0041 failed with error -22
[  318.554849][ T5454] device veth1_macvtap entered promiscuous mode
[  318.566798][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  318.575338][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  318.583728][   T19] usb 4-1: USB disconnect, device number 28
[  318.585925][ T3331] kworker/u4:7: attempt to access beyond end of device
[  318.585925][ T3331] loop2: rw=1, sector=1224, nr_sectors = 128 limit=256
[  318.623451][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  318.635413][ T5493] loop2: detected capacity change from 0 to 2048
[  318.648882][  T330] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  318.657380][  T330] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  318.666227][  T330] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  318.675028][  T330] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  318.675464][ T5493] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  318.684132][  T623] tipc: Left network mode
[  318.734716][ T5498] loop0: detected capacity change from 0 to 1024
[  318.745019][   T28] kauditd_printk_skb: 1 callbacks suppressed
[  318.745034][   T28] audit: type=1326 audit(2000000211.029:19779): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5492 comm="syz.2.1405" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5936b779f9 code=0x0
[  318.777907][ T5498] EXT4-fs: Ignoring removed nomblk_io_submit option
[  318.788641][ T4741] usb 5-1: new high-speed USB device number 33 using dummy_hcd
[  318.789915][ T5498] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  318.807877][ T5498] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  318.821066][ T5498] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  318.831390][ T5500] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  318.854331][ T5500] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 33 with error 28
[  318.869471][ T5500] EXT4-fs (loop2): This should not happen!! Data will be lost
[  318.869471][ T5500] 
[  318.880602][ T5500] EXT4-fs (loop2): Total free blocks count 0
[  318.886553][ T5500] EXT4-fs (loop2): Free/Dirty block details
[  318.908801][ T5500] EXT4-fs (loop2): free_blocks=2415919104
[  318.914360][ T5500] EXT4-fs (loop2): dirty_blocks=48
[  318.928805][ T5500] EXT4-fs (loop2): Block reservation details
[  318.940665][ T5500] EXT4-fs (loop2): i_reserved_data_blocks=3
[  318.992283][ T5503] bridge0: port 1(bridge_slave_0) entered blocking state
[  318.999257][ T5503] bridge0: port 1(bridge_slave_0) entered disabled state
[  319.006372][ T5503] device bridge_slave_0 entered promiscuous mode
[  319.013111][ T5503] bridge0: port 2(bridge_slave_1) entered blocking state
[  319.020017][ T5503] bridge0: port 2(bridge_slave_1) entered disabled state
[  319.029223][ T5503] device bridge_slave_1 entered promiscuous mode
[  319.058713][ T4741] usb 5-1: Using ep0 maxpacket: 16
[  319.109253][ T5509] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1393'.
[  319.179199][ T4741] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid wMaxPacketSize 0
[  319.238749][  T330] usb 3-1: new high-speed USB device number 32 using dummy_hcd
[  319.323814][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  319.331267][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  319.343179][ T5513] loop3: detected capacity change from 0 to 2048
[  319.350479][ T5513] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  319.368764][ T4741] usb 5-1: New USB device found, idVendor=18d1, idProduct=1eaf, bcdDevice= 7.79
[  319.378067][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  319.382842][ T4741] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  319.387656][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  319.401804][ T5513] [EXT4 FS bs=2048, gc=1, bpg=262144, ipg=32, mo=a002e01c, mo2=0002]
[  319.407104][ T4741] usb 5-1: Product: syz
[  319.410026][ T5513] System zones: 0-19
[  319.414000][ T4741] usb 5-1: Manufacturer: syz
[  319.422326][ T4741] usb 5-1: SerialNumber: syz
[  319.422331][ T5513] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  319.436767][ T4741] usb 5-1: config 0 descriptor??
[  319.446796][   T19] bridge0: port 1(bridge_slave_0) entered blocking state
[  319.453668][   T19] bridge0: port 1(bridge_slave_0) entered forwarding state
[  319.468689][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  319.476851][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  319.498616][  T330] usb 3-1: Using ep0 maxpacket: 8
[  319.528798][   T19] bridge0: port 2(bridge_slave_1) entered blocking state
[  319.535652][   T19] bridge0: port 2(bridge_slave_1) entered forwarding state
[  319.612768][ T5454] EXT4-fs (loop0): unmounting filesystem.
[  319.619819][  T623] device bridge_slave_1 left promiscuous mode
[  319.625886][  T623] bridge0: port 2(bridge_slave_1) entered disabled state
[  319.648940][  T330] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  319.649493][ T4319] EXT4-fs (loop3): unmounting filesystem.
[  319.662397][  T330] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  319.674900][  T330] usb 3-1: New USB device found, idVendor=05ac, idProduct=024b, bcdDevice= 0.00
[  319.675042][  T623] device bridge_slave_0 left promiscuous mode
[  319.683704][  T330] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  319.707951][  T330] usb 3-1: config 0 descriptor??
[  319.713268][  T623] bridge0: port 1(bridge_slave_0) entered disabled state
[  319.729176][  T623] device veth1_macvtap left promiscuous mode
[  319.847242][ T5517] loop0: detected capacity change from 0 to 40427
[  319.854268][ T5517] F2FS-fs (loop0): Invalid Fs Meta Ino: node(1) meta(2) root(0)
[  319.861880][ T5517] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  319.870688][ T5517] F2FS-fs (loop0): invalid crc value
[  319.876888][ T5517] F2FS-fs (loop0): Found nat_bits in checkpoint
[  319.939079][ T5517] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  319.985518][ T5527] loop3: detected capacity change from 0 to 256
[  320.016769][ T5527] FAT-fs (loop3): error, corrupted directory (invalid entries)
[  320.047299][ T5517] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  320.104838][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  320.112356][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  320.136470][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  320.152261][ T5503] device veth0_vlan entered promiscuous mode
[  320.160243][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  320.168864][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  320.177089][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  320.190163][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  320.212488][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  320.219772][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  320.233272][ T5503] device veth1_macvtap entered promiscuous mode
[  320.240116][ T4741] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  320.248045][ T4741] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  320.256068][ T4741] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  320.434098][   T28] audit: type=1400 audit(2000000212.629:19780): avc:  denied  { read } for  pid=5516 comm="syz.0.1410" name="loop-control" dev="devtmpfs" ino=113 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  320.473775][  T330] apple 0003:05AC:024B.0042: unknown global tag 0xc
[  320.487412][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  320.488393][  T330] apple 0003:05AC:024B.0042: item 0 1 1 12 parsing failed
[  320.495686][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  320.502686][  T330] apple 0003:05AC:024B.0042: parse failed
[  320.510504][   T28] audit: type=1400 audit(2000000212.629:19781): avc:  denied  { open } for  pid=5516 comm="syz.0.1410" path="/dev/loop-control" dev="devtmpfs" ino=113 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  320.540310][  T330] apple: probe of 0003:05AC:024B.0042 failed with error -22
[  320.547447][   T28] audit: type=1400 audit(2000000212.639:19782): avc:  denied  { ioctl } for  pid=5516 comm="syz.0.1410" path="/dev/loop-control" dev="devtmpfs" ino=113 ioctlcmd=0x4c80 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  320.551019][ T5488] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  320.577879][ T5488] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  320.619766][ T5535] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1407'.
[  320.656468][ T3331] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 4 with error 28
[  320.738648][   T39] usb 1-1: new high-speed USB device number 33 using dummy_hcd
[  320.909603][  T564] usb 4-1: new high-speed USB device number 29 using dummy_hcd
[  321.138856][   T39] usb 1-1: config index 0 descriptor too short (expected 4114, got 18)
[  321.147453][   T39] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  321.268705][  T564] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  321.279610][  T564] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  321.289220][  T564] usb 4-1: New USB device found, idVendor=1d34, idProduct=000a, bcdDevice= 0.00
[  321.298016][  T564] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  321.306407][  T564] usb 4-1: config 0 descriptor??
[  321.318686][   T39] usb 1-1: New USB device found, idVendor=066b, idProduct=20f9, bcdDevice=ff.94
[  321.327581][   T39] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  321.335428][   T39] usb 1-1: Product: syz
[  321.339389][   T39] usb 1-1: Manufacturer: syz
[  321.343798][   T39] usb 1-1: SerialNumber: syz
[  321.350680][   T39] usb 1-1: config 0 descriptor??
[  321.592849][   T39] usb 5-1: USB disconnect, device number 33
[  321.719822][ T5488] usb 3-1: USB disconnect, device number 32
[  321.790058][  T564] hid-led 0003:1D34:000A.0043: unknown main item tag 0x0
[  321.803131][ T5571] general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN
[  321.814676][ T5571] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]
[  321.822919][ T5571] CPU: 1 PID: 5571 Comm: syz.1.1428 Tainted: G        W          6.1.90-syzkaller-00004-g79436849ef1d #0
[  321.833938][ T5571] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  321.843921][ T5571] RIP: 0010:dev_map_generic_redirect+0x90/0x7d0
[  321.849995][ T5571] Code: f1 f1 00 f2 f2 f2 4b 89 04 26 43 c7 44 26 0f f3 f3 f3 f3 43 c6 44 26 13 f3 e8 2c 02 de ff 48 89 d8 48 c1 e8 03 48 89 44 24 48 <42> 80 3c 20 00 74 08 48 89 df e8 f1 1f 25 00 48 89 5c 24 18 4c 8b
[  321.869446][ T5571] RSP: 0018:ffffc900013976a0 EFLAGS: 00010246
[  321.875346][ T5571] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000040000
[  321.883157][ T5571] RDX: ffffc9000104a000 RSI: 00000000000000b3 RDI: 00000000000000b4
[  321.890965][ T5571] RBP: ffffc900013977f8 R08: 0000000000000005 R09: ffffffff8412c653
[  321.898779][ T5571] R10: 0000000000000004 R11: ffff88810d3ee540 R12: dffffc0000000000
[  321.906587][ T5571] R13: ffff888111081a00 R14: 1ffff92000272ee0 R15: 0000000000000000
[  321.914398][ T5571] FS:  00007f318cd046c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[  321.923168][ T5571] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  321.929587][ T5571] CR2: 0000000020002000 CR3: 000000011da4b000 CR4: 00000000003506a0
[  321.937409][ T5571] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  321.945464][ T5571] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  321.953444][ T5571] Call Trace:
[  321.956746][ T5571]  <TASK>
[  321.959521][ T5571]  ? __die_body+0x62/0xb0
[  321.964208][ T5571]  ? die_addr+0x9f/0xd0
[  321.968634][ T5571]  ? exc_general_protection+0x317/0x4c0
[  321.974105][ T5571]  ? asm_exc_general_protection+0x27/0x30
[  321.979746][ T5571]  ? xdp_do_generic_redirect+0x303/0xad0
[  321.985693][ T5571]  ? dev_map_generic_redirect+0x90/0x7d0
[  321.991426][ T5571]  ? kasan_quarantine_put+0x34/0x1a0
[  321.996633][ T5571]  ? kfree+0x7a/0xf0
[  322.000373][ T5571]  ? bq_enqueue+0x3e0/0x3e0
[  322.006963][ T5571]  ? bpf_prog_run_generic_xdp+0xa35/0x1200
[  322.012603][ T5571]  xdp_do_generic_redirect+0x411/0xad0
[  322.017900][ T5571]  do_xdp_generic+0x53e/0x800
[  322.022407][ T5571]  ? generic_xdp_tx+0x560/0x560
[  322.027184][ T5571]  ? tun_get_user+0x2340/0x3a90
[  322.031872][ T5571]  tun_get_user+0x238a/0x3a90
[  322.036474][ T5571]  ? cpu_curr_snapshot+0x90/0x90
[  322.041242][ T5571]  ? tun_do_read+0x2000/0x2000
[  322.045840][ T5571]  ? ref_tracker_alloc+0x31d/0x450
[  322.050792][ T5571]  ? ref_tracker_dir_print+0x160/0x160
[  322.056088][ T5571]  ? avc_policy_seqno+0x1b/0x70
[  322.060773][ T5571]  ? tun_get+0xe9/0x120
[  322.064763][ T5571]  tun_chr_write_iter+0x129/0x210
[  322.069630][ T5571]  vfs_write+0x902/0xeb0
[  322.073705][ T5571]  ? file_end_write+0x1c0/0x1c0
[  322.078388][ T5571]  ? do_futex+0x501/0x9a0
[  322.082560][ T5571]  ? __fget_files+0x2cb/0x330
[  322.087857][ T5571]  ? __fdget_pos+0x204/0x390
[  322.092277][ T5571]  ? ksys_write+0x77/0x2c0
[  322.096533][ T5571]  ksys_write+0x199/0x2c0
[  322.100700][ T5571]  ? save_fpregs_to_fpstate+0x220/0x220
[  322.106085][ T5571]  ? __ia32_sys_read+0x90/0x90
[  322.110679][ T5571]  ? fpregs_restore_userregs+0x130/0x290
[  322.116150][ T5571]  __x64_sys_write+0x7b/0x90
[  322.120583][ T5571]  x64_sys_call+0x2f/0x9a0
[  322.121123][ T5574] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1427'.
[  322.124823][ T5571]  do_syscall_64+0x3b/0xb0
[  322.137846][ T5571]  ? clear_bhb_loop+0x55/0xb0
[  322.142356][ T5571]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  322.148085][ T5571] RIP: 0033:0x7f318bf764df
[  322.152343][ T5571] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 1c 8d 02 00 48
[  322.171777][ T5571] RSP: 002b:00007f318cd04000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  322.180023][ T5571] RAX: ffffffffffffffda RBX: 00007f318c105f80 RCX: 00007f318bf764df
[  322.187841][ T5571] RDX: 0000000000000d86 RSI: 0000000020001580 RDI: 00000000000000c8
[  322.195647][ T5571] RBP: 00007f318bfe58ee R08: 0000000000000000 R09: 0000000000000000
[  322.203464][ T5571] R10: 0000000000000d86 R11: 0000000000000293 R12: 0000000000000000
[  322.211329][ T5571] R13: 0000000000000000 R14: 00007f318c105f80 R15: 00007ffcf8a7b308
[  322.219089][ T5571]  </TASK>
[  322.221941][ T5571] Modules linked in:
[  322.225781][ T5571] ---[ end trace 0000000000000000 ]---
[  322.231003][ T5571] RIP: 0010:dev_map_generic_redirect+0x90/0x7d0
[  322.237152][ T5571] Code: f1 f1 00 f2 f2 f2 4b 89 04 26 43 c7 44 26 0f f3 f3 f3 f3 43 c6 44 26 13 f3 e8 2c 02 de ff 48 89 d8 48 c1 e8 03 48 89 44 24 48 <42> 80 3c 20 00 74 08 48 89 df e8 f1 1f 25 00 48 89 5c 24 18 4c 8b
[  322.256613][ T5571] RSP: 0018:ffffc900013976a0 EFLAGS: 00010246
[  322.262516][ T5571] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000040000
[  322.270323][ T5571] RDX: ffffc9000104a000 RSI: 00000000000000b3 RDI: 00000000000000b4
[  322.278211][ T5571] RBP: ffffc900013977f8 R08: 0000000000000005 R09: ffffffff8412c653
[  322.286050][ T5571] R10: 0000000000000004 R11: ffff88810d3ee540 R12: dffffc0000000000
[  322.293860][ T5571] R13: ffff888111081a00 R14: 1ffff92000272ee0 R15: 0000000000000000
[  322.301750][ T5571] FS:  00007f318cd046c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[  322.310601][ T5571] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  322.316997][ T5571] CR2: 0000000020002000 CR3: 000000011da4b000 CR4: 00000000003506a0
[  322.324838][ T5571] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  322.332648][ T5571] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  322.340460][ T5571] Kernel panic - not syncing: Fatal exception in interrupt
[  322.347929][ T5571] Kernel Offset: disabled
[  322.352053][ T5571] Rebooting in 86400 seconds..